Security News
A new method devised to leak information and jump over air-gaps takes advantage of Serial Advanced Technology Attachment or Serial ATA cables as a communication medium, adding to a long list of electromagnetic, magnetic, electric, optical, and acoustic methods already demonstrated to plunder data. "Although air-gap computers have no wireless connectivity, we show that attackers can use the SATA cable as a wireless antenna to transfer radio signals at the 6GHz frequency band," Dr. Mordechai Guri, the head of R&D in the Cyber Security Research Center in the Ben Gurion University of the Negev in Israel, wrote in a paper published last week.
In this Help Net Security video, Tony Lambert, Senior Malware Analyst at Red Canary, talks about how adversaries’ favorite tools are legitimate tools that are used for malicious purposes. The post...
With speculative execution attacks remaining a stubbornly persistent vulnerability ailing modern processors, new research has highlighted an "Industry failure" to adopting mitigations released by AMD and Intel, posing a firmware supply chain threat. "The impact of such attacks is focused on disclosing the content from privileged memory to obtain sensitive data from processes running on the same processor," the firmware protection firm said in a report shared with The Hacker News.
According to cybersecurity firm Trellix's quarterly Threat Report: Summer 2022, released today, the line between ransomware gangs and nation-states continued to blur between Q4 2021 to Q1 2022. Business services providers and telecoms were the most targeted industries for ransomware attacks.
Taiwan, South Korea, Japan, the US, and the U.K. the Roaming Mantis operation moved to targeting Android and iOS users in France, likely compromising tens of thousands of devices. Roaming Mantis is believed to be a financially-motivated threat actor that started targeting European users in February.
The cache-based targeted de-anonymization attack is a cross-site leak that involves the adversary leveraging a service such as Google Drive, Dropbox, or YouTube to privately share a resource with the target, followed by embedding the shared resource into the attack website. The attack, in a nutshell, aims to unmask the users of a website under the attacker's control by connecting the list of accounts tied to those individuals with their social media accounts or email addresses through a piece of shared content.
The botnet behind the largest HTTPS distributed denial-of-service attack in June 2022 has been linked to a spate of attacks aimed at nearly 1,000 Cloudflare customers. Calling the powerful botnet Mantis, the web performance and security company attributed it to more than 3,000 HTTP DDoS attacks against its users.
The botnet behind the largest-ever HTTPS-based distributed-denial-of-service attack is now named after a tiny shrimp. While Mantis initially launched its network-flooding-traffic attack over HTTPS, in the month since its discovery, Mantis has launched more than 3,000 HTTP DDoS attacks against the firm's customers, Yoachimik added.
The record-breaking distributed denial-of-service attack that Cloudflare mitigated last month originated from a new botnet called Mantis, which is currently described as "The most powerful botnet to date." The previous record was held by Mēris botnet, which launched an attack that spiked at 21.8 million requests per second.
According to the report, the APTs are acting independently of each other but share the same overall goal of targeting journalists. Often posing as journalists themselves, the threat actors have focused on phishing campaigns with the goal of credential harvesting, theft of data helpful to specific regimes and digital surveillance of political journalists.