Security News

It is important not to underestimate the potentially devastating impact of DDoS attacks. Throughout this Help Net Security video round-up, experts emphasize the need for a collective effort in the fight against DDoS attacks.

A threat actor referred to as 'RomCom' has been targeting organizations supporting Ukraine and guests of the upcoming NATO Summit set to start tomorrow in Vilnius, Lithuania. BlackBerry's research and intelligence team recently discovered two malicious documents that impersonated the Ukranian World Congress organization and topics related to the NATO Summit to lure selected targets.

Apple has issued a new round of Rapid Security Response updates to address a new zero-day bug exploited in attacks and impacting fully-patched iPhones, Macs, and iPads. Some out-of-band security updates may also be employed to counter security vulnerabilities actively exploited in attacks.

While the number of new ransomware variants continues to decline, ransomware attacks' severity remains significant. In the first half of 2023 alone, the number of email-based phishing attacks has surged 464% when compared to 2022.

The rise in cyber extortion attacks and its impact on business securityIn this Help Net Security video, Charl van der Walt, Head of Security Research at Orange Cyberdefense, discusses cyber extortion attacks and their expansion to new regions. 75% of consumers prepared to ditch brands hit by ransomwareAs 40% of consumers harbor skepticism regarding organizations' data protection capabilities, 75% would shift to alternate companies following a ransomware attack, according to Object First.

Cybersecurity agencies have warned about the emergence of new variants of the TrueBot malware. The TrueBot malware, linked with cybercriminal collectives Silence and FIN11, is deployed to siphon off data and disseminate ransomware, jeopardising the safety of numerous infiltrated networks.

CISA and the FBI warned today of new Truebot malware variants deployed on networks compromised using a critical remote code execution vulnerability in the Netwrix Auditor software in attacks targeting organizations across the United States and Canada. The bug impacts the Netwrix Auditor server and the agents installed on monitored network systems and enables unauthorized attackers to execute malicious code with the SYSTEM user's privileges.

The maximum attack power rose from 600 to 800 Gbps. UDP flood attacks were most common and amounted to 52% of total attacks, while SYN flood accounted for 24%. In third place was TCP flood. In 2021, the capacity of DDoS attacks was up to 300 Gbps. In 2022, the attack capacity was about 650 Gbps. In Q1-Q2 of 2023, we see a capacity of about 800 Gbps. Alt Text: Illustration of attack raising from 300 Gbps in 2021 and 650 Gbps in 2021 to 800 Gbps in 2023.

Cybersecurity researchers have unearthed an attack infrastructure that's being used as part of a "Potentially massive campaign" against cloud-native environments. "This infrastructure is in early stages of testing and deployment, and is mainly consistent of an aggressive cloud worm, designed to deploy on exposed JupyterLab and Docker APIs in order to deploy Tsunami malware, cloud credentials hijack, resource hijack, and further infestation of the worm," cloud security firm Aqua said.

The Port of Nagoya, the largest and busiest port in Japan, has been targeted in a ransomware attack that currently impacts the operation of container terminals.Today, the administrative authority of the Port of Nagoya has issued a notice about a malfunction in the "Nagoya Port Unified Terminal System" - the central system controlling all container terminals in the port.