Security News

5G can reduce - but also create - security riskIn this interview with Help Net Security, Anubhav Arora, VP of Security Engineering at Cradlepoint, talks about the most common 5G security misconceptions, how to make sure the network is safe, but also how 5G can benefit businesses. 5 free resources from the Cybersecurity and Infrastructure Security AgencyThe Cybersecurity and Infrastructure Security Agency is an agency of the United States Department of Homeland Security.

The website of the European Parliament has been taken down following a DDoS attack claimed by a pro-Russia group of hacktivists calling themselves Anonymous Russia. The Director General for Communication and Spokesperson of the European Parliament, Jaume Dauch, also stated after the website went down that the outage was caused by an ongoing DDoS attack.

Recognizing the importance of competitive gaming and esports, where sponsorships, prize money and reputations are on the line, OVHCloud has customized its DDoS protection for popular game servers. OVHCloud also offers DDoS protection on all its hosting options and includes a default anti-DDoS policy configured as a default.

Case in point: A large e-commerce website protected by DataDome's bot and online fraud management solution recently remained blissfully unaffected throughout a high volume, highly-distributed DDoS attack. Let's deep dive into a real-life attack to understand the key traits of a DDoS attack, how the threat landscape is evolving, and the implications when choosing a security solution.

The Mirai-based botnet 'RapperBot' has re-emerged via a new campaign that infects IoT devices for DDoS attacks against game servers. The malware was discovered by Fortinet researchers last August when it used SSH brute-forcing to spread on Linux servers.

Cybersecurity researchers have unearthed new samples of malware called RapperBot that are being used to build a botnet capable of launching Distributed Denial of Service attacks against game servers. "In fact, it turns out that this campaign is less like RapperBot than an older campaign that appeared in February and then mysteriously disappeared in the middle of April," Fortinet FortiGuard Labs researchers Joie Salvio and Roy Tay said in a Tuesday report.

A newly discovered evasive malware leverages the Secure Shell cryptographic protocol to gain entry into targeted systems with the goal of mining cryptocurrency and carrying out distributed denial-of-service attacks. Dubbed KmsdBot by the Akamai Security Intelligence Response Team, the Golang-based malware has been found targeting a variety of companies ranging from gaming to luxury car brands to security firms.

While the FBI alert doesn't name said hacktivists in its latest cyber squad notification [PDF] for private industry, the Feds may be talking about Killnet, a "Relatively unsophisticated" gang whose "Nuisance-level DDoS attacks" don't live up to its rhetoric, according to security researchers. These attacks are generally opportunistic in nature and, with DDoS mitigation steps, have minimal operational impact on victims; however, hacktivists will often publicize and exaggerate the severity of the attacks on social media.

The Federal Bureau of Investigation said on Friday that distributed denial-of-service attacks coordinated by hacktivist groups have a minor impact on the services they target. "Coinciding with the Russian invasion of Ukraine, the FBI is aware of Pro-Russian hacktivist groups employing DDoS attacks to target critical infrastructure companies with limited success," the agency said.

The US Treasury Department has thwarted a distributed denial of service attack that officials attributed to Russian hacktivist group Killnet. According to Reuters, which first reported on the US Treasury incident, the Killnet DDoS flood didn't have any operational impact on the agency and it happened a couple days before the Russians turned their attention to JPMorgan Chase.