Collaborate Disseminate
In the face of growing risks from open-source software dependencies, Google Cloud is releasing its Assured Open Source Software (Assured OSS) service for Java and Python ecosystems at no cost.
The post Google Cloud offers Assured Open Source Software f… Continue reading Google Cloud offers Assured Open Source Software for free
In 2022, DDoS exploits included high-profile attacks against websites offering information on elections and candidates. In what it calls a bid to save “democratic processes worldwide,” Google Cloud has released Project Shield.
The post With political ‘… Continue reading With political ‘hacktivism’ on the rise, Google launches Project Shield to fight DDos attacks
On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. The assault came from “Meris,” the same new “Internet of Things” (IoT) botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure firm Cloudflare earlier this summer. Continue reading KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”
The unprecedented foreign hacking and misinformation campaigns that were reported around the 2016 U.S. election cast a cloak of doubt over the integrity of the country’s democratic process. The threat sent government officials on the federal, state and local level scrambling to ensure that the country’s voting machines, voter registration systems, pollbooks, results-reporting websites and other election technology is ready for the midterm elections. Over the past few months, about a dozen technology companies have announced programs offering state and local election offices or political organizations free services to help them fend off looming threats, including email protection, extra security for cloud applications, basic antivirus coverage, multi-factor authentication tools and several other types of products. As elections in the U.S. are run by the states, securing a federal election requires a massive coordinated effort. The federal government has been playing a greater role to this end since 2016, but can only do so much without […]
The post Tech companies offered free products to help secure the election. Now what? appeared first on Cyberscoop.
Continue reading Tech companies offered free products to help secure the election. Now what?
A monster distributed denial-of-service attack (DDoS) against KrebsOnSecurity.com in 2016 knocked this site offline for nearly four days. The attack was executed through a network of hacked “Internet of Things” (IoT) devices such as Internet routers, security cameras and digital video recorders. A new study that tries to measure the direct cost of that one attack for IoT device users whose machines were swept up in the assault found that it may have cost device owners a total of $323,973.75 in excess power and added bandwidth consumption.
My bad. Continue reading Study: Attack on KrebsOnSecurity Cost IoT Device Owners $323K
The U.S. Justice Department on Tuesday unsealed the guilty pleas of two men first identified in January 2017 by KrebsOnSecurity as the likely co-authors of Mirai, a malware strain that remotely enslaves so-called “Internet of Things” devices such as security cameras, routers, and digital video recorders for use in large scale attacks designed to knock Web sites and entire networks offline (including multiple major attacks against this site). Continue reading Mirai IoT Botnet Co-Authors Plead Guilty
It’s been just over a year since the world witnessed some of the world’s top online Web sites being taken down for much of the day by “Mirai,” a zombie malware strain that enslaved “Internet of Things” (IoT) devices such as wireless routers, security cameras and digital video recorders for use in large-scale online attacks.
Now, experts are sounding the alarm about the emergence of what appears to be a far more powerful strain of IoT attack malware — variously named “Reaper” and “IoTroop” — that spreads via security holes in IoT software and hardware. And there are indications that over a million organizations may be affected already.
Reaper isn’t attacking anyone yet. For the moment it is apparently content to gather gloom to itself from the darkest reaches of the Internet. But if history is any teacher, we are likely enjoying a period of false calm before another humbling IoT attack wave breaks. Continue reading Reaper: Calm Before the IoT Security Storm?
It’s been just over a year since the world witnessed some of the world’s top online Web sites being taken down for much of the day by “Mirai,” a zombie malware strain that enslaved “Internet of Things” (IoT) devices such as wireless routers, security cameras and digital video recorders for use in large-scale online attacks.
Now, experts are sounding the alarm about the emergence of what appears to be a far more powerful strain of IoT attack malware — variously named “Reaper” and “IoTroop” — that spreads via security holes in IoT software and hardware. And there are indications that over a million organizations may be affected already.
Reaper isn’t attacking anyone yet. For the moment it is apparently content to gather gloom to itself from the darkest reaches of the Internet. But if history is any teacher, we are likely enjoying a period of false calm before another humbling IoT attack wave breaks. Continue reading Reaper: Calm Before the IoT Security Storm?
Jigsaw and Google said they would offer a free suite of security tools aimed at securing political elections. Continue reading Google, Jigsaw Partner on Free Tools to Secure Elections
The third week of September 2016 was a dark and stormy one for KrebsOnSecurity. Wave after wave of huge denial-of-service attacks flooded this site, forcing me to pull the plug on it until I could secure protection from further assault. The site resurfaced three days later under the aegis of Google’s Project Shield, an initiative which seeks to protect journalists and news sites from being censored by these crippling digital sieges.
Damian Menscher, a Google security engineer with whom I worked very closely on the migration to Project Shield, spoke publicly for the first time this week about the unique challenges involved in protecting a small site like this one from very large, sustained and constantly morphing attacks. Continue reading How Google Took on Mirai, KrebsOnSecurity