Last August, academic researchers discovered a potent new method for knocking sites offline: a fleet of misconfigured servers more than 100,000 strong that can amplify floods of junk data to once-unthinkable sizes. These attacks, in many cases, could result in an infinite routing loop that causes a self-perpetuating flood of traffic. Now, content-delivery network Akamai says attackers are exploiting the servers to target sites in the banking, travel, gaming, media, and web-hosting industries. READ MORE...
A hacking group with a history of phishing attacks and disinformation against NATO nations may be using compromised Ukrainian armed service member emails to target European officials tasked with managing logistics around refugees fleeing Ukraine, according to findings published Monday. Researchers with cybersecurity firm Proofpoint report they detected an email Feb. 24 that carried a subject referencing the Feb. 24 emergency meeting of NATO on the day the Russian government began its military attack on Ukraine. READ MORE...
Microsoft has been pushing harder to increase the baseline security features of Windows PCs for a couple of years now-the "secured-core PC" initiative launched back in 2019 was meant to guard against firmware-level attacks, and Windows 11's system requirements mandate support for many supported-but-optional security features from Windows 10. Microsoft justified these new requirements in part by pointing to the NotPetya data-wiping malware, which has widely been attributed to Russian hackers. READ MORE...
A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti, an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. The chat logs offer a fascinating glimpse into the challenges of running a sprawling criminal enterprise with more than 100 salaried employees. READ MORE...
The Log4Shell vulnerabilities in the widely used Log4j software are still leveraged by threat actors today to deploy various malware payloads, including recruiting devices into DDoS botnets and for planting cryptominers. According to a report by Barracuda, the past couple of months were characterized by dips and spikes in the targeting of Log4Shell, but the volume of exploitation attempts has remained relatively constant. READ MORE...
Some of the world's most popular communication apps are using an open-source library riddled with newfound security holes. One thing this open-source, flawed library shares with the Apache Log4J logging library fiasco that started in December: It's ubiquitous. The library, PJSIP - an open-source multimedia communication library - is used by Asterisk. Asterisk is an enterprise-class, open-source PBX toolkit that's used in voice-over-IP (VoIP) services in a massive number of implementations. READ MORE...