Security News

North Korea has hit a new low, using the death of over 150 people to exploit a zero-day flaw in Internet Explorer. South Korea declared a week of national mourning after the incident.

Google's Threat Analysis Group revealed today that a group of North Korean hackers tracked as APT37 exploited a previously unknown Internet Explorer vulnerability to infect South Korean targets with malware. Once opened on the victims' devices, the document would deliver an unknown payload after downloading a rich text file remote template that would render remote HTML using Internet Explorer.

The United Kingdom's National Cyber Security Centre, the government agency that leads the country's cyber security mission, is now scanning all Internet-exposed devices hosted in the UK for vulnerabilities. "These activities cover any internet-accessible system that is hosted within the UK and vulnerabilities that are common or particularly important due to their high impact," the agency said.

The Shadowserver Foundation fulfills a unique role in the cybersecurity ecosystem by supplying vital security information to Internet defenders and law enforcement at no cost. In this Help Net Security video, Piotr Kijewski, CEO at The Shadowserver Foundation, talks about what they do and offers insight into their track record of delivering high-quality, actionable cyber threat intelligence for over 15 years.

A major Internet cable in the South of France was severed yesterday at 20:30 UTC, impacting subsea cable connectivity to Europe, Asia, and the United States and causing data packet losses and increased website response latency. Users still face problems due to app and content providers routing traffic through the impacted paths.

A major internet subsea fiber cable in the South of France was severed yesterday at 20:30 UTC, causing connectivity problems in Europe, Asia, and the United States, including data packet losses and increased website response latency. Users still face problems due to app and content providers routing traffic through the impacted paths.

For those who don't know, the internet is a network of connected networks. More specifically, the internet consists of networks called autonomous systems that advertise their IP address prefixes via routers to neighboring networks using BGP, again to ultimately construct this routing map.

Only a third of PostgreSQL databases connected to the internet use SSL for encrypted messaging, according to a cloud database provider. Bit.io, which offers a drag-and-drop database as a service based on PostgreSQL, searched shodan.io to create a sample of 820,000 PostgreSQL servers connected to the internet over September 1-29.

The internet constantly changes as new technologies are developed, and vulnerabilities are discovered. At the same time, organizations expand their operations that interact with the Internet.

An unknown attacker targeted tens of thousands of unauthenticated Redis servers exposed on the internet in an attempt to install a cryptocurrency miner. The SSH key is said to have been set on 15,526 out of 31,239 unauthenticated Redis servers, suggesting that the attack was attempted on "Over 49% of known unauthenticated Redis servers on the internet."