Security News

Internet security company Imperva has announced its DDoS mitigation solution has broken a new record, defending against a single attack that sent over 25.3 billion requests to one of its customers. The DDoS attack unfolded on June 27, 2022, peaking at 3.9 million requests per second and averaging 1.8 million RPS. While this pales compared to the record-breaking attack that Cloudflare mitigated in June, which topped at 26 million RPS, the duration in Imperva's case was unusually long.

The Hive ransomware operation claimed responsibility for an attack on the New York Racing Association, which previously disclosed that a cyber attack on June 30, 2022, impacted IT operations and website availability and compromised member data. NYRA is the operator of the three largest thoroughbred horse racing tracks in New York, namely the Aqueduct Racetrack, the Belmont Park, and the Saratoga Race Course.

A recent research found an increase in attacks across all the most targeted industries and organizations, including education, healthcare and finance. Attacks on critical infrastructure in particular have quadrupled.

An ongoing phishing campaign targeting U.S. government contractors has expanded its operation to push higher-quality lures and better-crafted documents. The lure in these phishing emails is a request for bids for lucrative government projects, taking them to phishing pages that are clones of legitimate federal agency portals.

VMware and Microsoft are warning of an ongoing, widespread Chromeloader malware campaign that has evolved into a more dangerous threat, seen dropping malicious browser extensions, node-WebKit malware, and even ransomware in some cases. On Friday evening, Microsoft warned about an "Ongoing wide-ranging click fraud campaign" attributed to a threat actor tracked as DEV-0796 using Chromeloader to infect victims with various malware.

This is how it works: when a flaw is detected in routers of a particular brand or model, attackers scan the networks and install malware on the routers in large quantities to launch attacks from them. The number of such attacks grows every year, the volume of incoming traffic increases, and, as a result, the load on the security perimeter is becoming heavier.

He likens prompt injection attacks to SQL injection, which can deliver sensitive information to an attacker if they input malicious code into a field that doesn't sanitize data. Days after Willison's blog post, Twitter users attacked a GPT-3 bot designed to help run remote jobs called Remoteli.io, tricking it into doing things like taking responsibility for the Challenge space shuttle disaster, threatening Twitter users or proposing an overthrow of the Biden administration if it doesn't support remote work.

The newly published GIFShell attack method, which occurs through Microsoft Teams, is a perfect example of how threat actors can exploit legitimate features and configurations that haven't been correctly set. Discovered by Bobby Rauch, the GIFShell attack technique enables bad actors to exploit several Microsoft Teams features to act as a C&C for malware, and exfiltrate data using GIFs without being detected by EDR and other network monitoring tools.

Thousands of QNAP NAS devices hit by DeadBolt ransomwareQNAP Systems has provided more information about the latest DeadBolt ransomware campaign targeting users of its network-attached storage devices and the vulnerability the attackers are exploiting. 5 Kali Linux books you should read this yearKali Linux is a Linux distribution designed for digital forensics, penetration testing, security research, and reverse engineering.

Empress EMS, a New York-based emergency response and ambulance service provider, has disclosed a data breach that exposed customer information. According to the notification, the company suffered a ransomware attack on July 14, 2022.