Security News

Automated traffic takes up 64% of internet traffic - and whilst just 25% of automated traffic was made up by good bots, such as search engine crawlers and social network bots, 39% of all traffic was from bad bots, a Barracuda report reveals. These bad bots include both basic web scrapers and attack scripts, as well as advanced persistent bots.

Parts of New Zealand were cut off from the digital world today after a major local ISP was hit by an aggressive DDoS attack. Vocus - the country's third-largest internet operator which is behind brands including Orcon, Slingshot and Stuff Fibre - confirmed the cyberattack originated at one of its customers.

Threat actors are capitalizing on the growing popularity of proxyware platforms like Honeygain and Nanowire to monetize their own malware campaigns, once again illustrating how attackers are quick to repurpose and weaponize legitimate platforms to their advantage. "Malware is currently leveraging these platforms to monetize the internet bandwidth of victims, similar to how malicious cryptocurrency mining attempts to monetize the CPU cycles of infected systems," researchers from Cisco Talos said in a Tuesday analysis.

CISA's Bad Practices catalog includes practices the federal agency has deemed "Exceptionally risky" and not to be used by organizations in the government and the private sector as it exposes them to an unnecessary risk of having their systems compromised by threat actors. These dangerous practices are "Especially egregious" on Internet-exposed systems that threat actors could target and compromise remotely.

Vice has an article about how data brokers sell access to the Internet backbone. It's useful for cybersecurity forensics, but can also be used for things like tracing VPN activity.

Microsoft's Internet Explorer browser is barely usable after Microsoft officially ends support for the browser in Microsoft 365. For over a year, Microsoft has warned that Internet Explorer is being phased out and that users who continue to use it should switch to other browsers, such as Microsoft Edge.

Tens of thousands of internet-exposed Microsoft Exchange servers appear to be affected by the ProxyShell vulnerabilities, and they could get compromised at any moment considering that threat actors are already scanning the web for vulnerable devices. ProxyShell is the name given to a series of vulnerabilities - CVE-2021-34473, CVE-2021-34523 and CVE-2021-31207 - that can be chained for unauthenticated remote code execution, allowing an attacker to take complete control of an Exchange server.

In the past, network security was too often viewed as a separate issue to the design of the network itself, which led to solutions being either poorly thought out or hastily cobbled together at the end of the project as an afterthought. As more workloads and key data assets move to the cloud, and work from home becomes a more common reality, the private network has become more of a security overlay on the public internet than a separate entity, putting security front and center in the "Future / modernized network" discussion.

DDoS attacks are a nuisance to be sure, but they're also used in a variety of ways that make them a severe threat, says Atlas VPN. DDoS attack data presented by Atlas VPN found that attackers prefer the United States and the computers and internet sectors as targets. In June 2021 alone, more than a third of DDoS attacks worldwide targeted servers in the U.S. DDoS attacks involve using a massive number of internet-connected machines and devices to flood a target server, rendering it unable to keep up with traffic and either making it unusable or taking it offline.

Cloudflare announced Project Pangea, a new initiative to improve internet access for underserved communities around the world. This allows Cloudflare to offer a secure, affordable way to expand access to the internet that can grow with, and contribute to, the sustainability of these networks, as well as be ready for any new networks that launch.