Security News

Website of Israel's largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group's cyber systems. The Haifa Bay-based BAZAN Group, formerly Oil Refineries Ltd., generates over $13.5 billion in annual revenue and employs more than 1,800 people.

Several distributed denial-of-service botnets have been observed exploiting a critical flaw in Zyxel devices that came to light in April 2023 to gain remote control of vulnerable systems. "Through the capture of exploit traffic, the attacker's IP address was identified, and it was determined that the attacks were occurring in multiple regions, including Central America, North America, East Asia, and South Asia," Fortinet FortiGuard Labs researcher Cara Lin said.

As we entered 2023, the cybersecurity landscape witnessed an increase in sophisticated, high-volume attacks, according to Gcore. The maximum attack power rose from 600 to 800 Gbps. UDP flood attacks were most common and amounted to 52% of total attacks, while SYN flood accounted for 24%. In third place was TCP flood.

The Scarleteel threat targets AWS Fargate environments for data theft and more malicious types of attacks such as cryptojacking and DDoS. Learn how to mitigate this threat. Sysdig, a cloud and container security company, has released a new report on the Scarleteel threat that targets specific AWS environments for data theft and additional malicious activities.

It is important not to underestimate the potentially devastating impact of DDoS attacks. Throughout this Help Net Security video round-up, experts emphasize the need for a collective effort in the fight against DDoS attacks.

The maximum attack power rose from 600 to 800 Gbps. UDP flood attacks were most common and amounted to 52% of total attacks, while SYN flood accounted for 24%. In third place was TCP flood. In 2021, the capacity of DDoS attacks was up to 300 Gbps. In 2022, the attack capacity was about 650 Gbps. In Q1-Q2 of 2023, we see a capacity of about 800 Gbps. Alt Text: Illustration of attack raising from 300 Gbps in 2021 and 650 Gbps in 2021 to 800 Gbps in 2023.

The U.S. Cybersecurity and Infrastructure Security Agency warned today of ongoing distributed denial-of-service attacks after U.S. organizations across multiple industry sectors were hit. "CISA is aware of open-source reporting of targeted denial-of-service and distributed denial-of-service attacks against multiple organizations in multiple sectors," the cybersecurity agency said.

In 2022, the total number of DDoS attacks worldwide increased by 115.1% over the amount observed in 2021, according to Nexusguard. While the overall number of DDoS attacks did more than double, the maximum size of 361.9 gigabits per second represented a 48.2% decrease over those measured in 2021.

Empowering Google security and networking solutions with AIIn this Help Net Security interview, Sunil Potti, GM and VP of Cloud Security at Google Cloud, talks about how new security and networking solutions powered by AI help improve security so Google customers can address their most pressing security challenges and remain ahead of an ever changing threat landscape. Infosecurity Europe 2023Infosecurity Europe took place at ExCeL London from June 20-22, 2023 and Help Net Security was on site.

A new malware called Condi has been observed exploiting a security vulnerability in TP-Link Archer AX21 Wi-Fi routers to rope the devices into a distributed denial-of-service botnet. "The Telegram channel was started in May 2022, and the threat actor has been monetizing its botnet by providing DDoS-as-a-service and selling the malware source code," security researchers Joie Salvio and Roy Tay said.