Security News

The Shadowserver Foundation fulfills a unique role in the cybersecurity ecosystem by supplying vital security information to Internet defenders and law enforcement at no cost. In this Help Net Security video, Piotr Kijewski, CEO at The Shadowserver Foundation, talks about what they do and offers insight into their track record of delivering high-quality, actionable cyber threat intelligence for over 15 years.

A major Internet cable in the South of France was severed yesterday at 20:30 UTC, impacting subsea cable connectivity to Europe, Asia, and the United States and causing data packet losses and increased website response latency. Users still face problems due to app and content providers routing traffic through the impacted paths.

A major internet subsea fiber cable in the South of France was severed yesterday at 20:30 UTC, causing connectivity problems in Europe, Asia, and the United States, including data packet losses and increased website response latency. Users still face problems due to app and content providers routing traffic through the impacted paths.

For those who don't know, the internet is a network of connected networks. More specifically, the internet consists of networks called autonomous systems that advertise their IP address prefixes via routers to neighboring networks using BGP, again to ultimately construct this routing map.

Only a third of PostgreSQL databases connected to the internet use SSL for encrypted messaging, according to a cloud database provider. Bit.io, which offers a drag-and-drop database as a service based on PostgreSQL, searched shodan.io to create a sample of 820,000 PostgreSQL servers connected to the internet over September 1-29.

The internet constantly changes as new technologies are developed, and vulnerabilities are discovered. At the same time, organizations expand their operations that interact with the Internet.

An unknown attacker targeted tens of thousands of unauthenticated Redis servers exposed on the internet in an attempt to install a cryptocurrency miner. The SSH key is said to have been set on 15,526 out of 31,239 unauthenticated Redis servers, suggesting that the attack was attempted on "Over 49% of known unauthenticated Redis servers on the internet."

You may be familiar with some of the shortest internet domains used by major companies, such as m.me and fb. Although the vast majority of internet domains contain TLDs separated by one or more dots, turns out it's not a must for a domain.

Multiple security vulnerabilities have been disclosed in Baxter's internet-connected infusion pumps used by healthcare professionals in clinical environments to dispense medication to patients. The four vulnerabilities in question, discovered by cybersecurity firm Rapid7 and reported to Baxter in April 2022, affect the following Sigma Spectrum Infusion systems -.

Tens of thousands of internet-facing IP cameras made by China-based Hikvision remain unpatched and exploitable despite a fix being issued for a critical security bug nearly a year ago. Awarded a CVSS score of 9.8 of 10 in severity, the Hikvision bug was considered serious enough for the US Cybersecurity and Infrastructure Security Agency to add it to its list of "Must patch" security flaws early this year, adding that the vulnerability is already being exploited.