Security News

More than 380,000 Kubernetes API servers allow some kind of access to the public internet, making the popular open-source container-orchestration engine for managing cloud deployments an easy target and broad attack surface for threat actors, researchers have found. The Shadowserver Foundation discovered the access when it scanned the internet for Kubernetes API servers, of which there are more than 450,000, according to a blog post published this week.

That's according to Arkose Labs, which claimed in its latest State of Fraud and Account Security report that one in four online accounts created in Q1 2022 were fake and used for fraud, scams, and the like. In total, 93 percent of all attacks against Arkose Labs' customers were bot-driven, it's claimed; data scraping increased by 250 percent while four percent of all logins in Q1 were credential-stuffing attempts.

Securing your internet access can mean many things, but we like to think of it as a two-fold approach for both on-device data and network data once your web request has left your device. We'll take a look at how to secure your data on the device and how to protect your data that ISPs might see through iCloud Private Relay and VPNs. How to secure on-device network activity.

Threat analysts have uncovered yet a new campaign that uses the RIG Exploit Kit to deliver the RedLine stealer malware. The threat actors use the exploit to compromise the machine and deploy RedLine, a cheap but powerful info-stealing malware widely circulated on Russian-speaking forums.

Hospitals and Health Care group has disconnected all incoming and outgoing Internet connections after discovering they suffered a cyberattack that resulted in the theft of sensitive administrative and patient data. The cyberattack occurred on April 19th and affected the CHs of Vitry-le-François and Saint-Dizier, causing GHT to disconnect Internet connections to the hospitals to prevent the attack's spread and further data theft.

Today, the U.S. has announced exemptions on previously imposed sanctions on Russia related to telecommunications and internet-based communications, likely to prevent Russians from being isolated from Western news sources. The revised sanctions released today and signed by Deputy Director of the Office of Foreign Assets Control, Bradley Smith, re-opens the possibility for US companies to license, export, sell, or supply services for software, hardware, and IT technology related to communications.

Web3 optimists point to decentralized technology's ability to challenge the power of big internet middlemen like Facebook, Google, and Twitter, while Web3 skeptics understandably struggle to connect the dots on how the current state of Web3 applications could ever truly rival the user experiences and network effects that Web2's most successful tech companies have built. When the friction of users' porting data from one service to another service approaches zero, companies will need to radically rethink how much value they extract from users without offering comparable incentives to that user.

The U.S. Cybersecurity and Infrastructure Security Agency and the Department of Energy are jointly warning of attacks against internet-connected uninterruptible power supply devices by means of default usernames and passwords. "Organizations can mitigate attacks against their UPS devices, which provide emergency power in a variety of applications when normal power sources are lost, by removing management interfaces from the internet," the agencies said in a bulletin published Tuesday.

In a joint advisory with the Department of Energy, the Cybersecurity and Infrastructure Security Agency warned U.S. organizations today to secure Internet-connected UPS devices from ongoing attacks. UPS devices are regularly used as emergency power backup solutions in mission-critical environments, including data centers, industrial facilities, server rooms, and hospitals.

Russia's RSPP Commission for Communications and IT, the country's largest entrepreneurship union, has warned of imminent large-scale service Internet service outages due to the lack of available telecom equipment. With the western equipment suppliers exiting the market and not selling parts to Russian entities anymore, the first notable service outages may start as early as this summer.