Collaborate Disseminate
More than one in three healthcare organizations have suffered a cyberattack within the last year, while almost one in 10 have paid a ransom or extortion fee, according to Imperva. Healthcare data is extremely valuable on the dark web as it contains hig… Continue reading 1 in 10 healthcare organizations paid a ransom within the last year
It’s been a month since the first Drupalgeddon 2.0 RCE (SA-CORE-2018-002/CVE-2018-7600) exploit was first published, unleashing its destruction into the wild… and through our cloud monitoring systems. As expected, since then we’ve been picking up… Continue reading Crypto Me0wing attacks: Kitty cashes in on Monero
As the latest record DDoS attack hit GitHub and threatened to overwhelm its edge network, the popular Git-repository hosting service quickly switched to routing the attack traffic to their DDoS mitigation service. In the end, GitHub ended up completely… Continue reading Do you have what it takes to withstand modern DDoS attacks?
Vulnerable servers of all kinds are being targeted, compromised and made to mine cryptocurrencies for the attackers. Apache Solr servers under attack SANS ISC handler Renato Marihno warns about an active campaign aimed at compromising Apache Solr serve… Continue reading Vulnerable Apache Solr, Redis, Windows servers hit with cryptominers
Attackers have seized on a relatively new method for executing distributed denial-of-service (DDoS) attacks of unprecedented disruptive power, using it to launch record-breaking DDoS assaults over the past week. Now evidence suggests this novel attack method is fueling digital shakedowns in which victims are asked to pay a ransom to call off crippling cyberattacks. Continue reading Powerful New DDoS Method Adds Extortion
The newly released Q3 2017 Global DDoS Threat Landscape Report from Imperva Incapsula features insights on attacks and mitigation. These are some of the key findings: Bitcoin was one of the most targeted industries High packet rate attacks grew more co… Continue reading Q3 2017 Global DDoS Threat Landscape Report released
The extraordinary volatility of the price of bitcoin has spurred speculators to employ a wide variety of tricks to make it swing between extremes, so that they can take advantage of it. The unregulated nature of the cryptocurrency ecosystem makes it po… Continue reading DDoS attackers increasingly targeting cryptocurrency exchanges
GitLab, the popular web-based Git repository manager, fixed a vulnerability recently that could have opened its users up to session hijacking attacks.
Continue reading Session Hijacking Bug Exposed GitLab Users Private Tokens
Mike Mimoso and Chris Brook discuss the news of the week, including the Verizon breach, the Oracle session hijacking attack, a Telegram-based hacking tool, and a free EternalBlue scanner. Continue reading Threatpost News Wrap, July 14, 2017
Data collected from the freely available scanner called EternalBlues shows that tens of thousands of computers remain vulnerable to the SMBv1 vulnerability that spawned WannaCry and ExPetr. Continue reading Scanner Shows EternalBlue Vulnerability Unpatched on Thousands of Machines