Banks and post offices in New Zealand have been hit by a cyber offensive, according to reports, consisting of sustained DDoS attacks against a number of critical online services. The onslaught appear to be a continuation of distributed denial-of-service (DDoS) blitzes against Vocus, the nation's third-largest ISP, as we reported last week. The NZ Herald wrote that Kiwibank, ANZ, NZ Post and weather forecaster MetService had all been targeted but appeared to have recovered. READ MORE...
Russian internet giant Yandex has been targeted in a massive distributed denial-of-service (DDoS) attack that started last week and reportedly continues this week. A report in Russian media says that the assault is the largest in the short history of the Russian internet, the RuNet, and that it was confirmed by a U.S.-based company. RuNet is the Russian segment of the internet, created to function independently of the worldwide web. READ MORE...
Adversaries are relying less on malware to conduct attacks that are consequently more difficult to detect, according to an annual report released by cybersecurity firm CrowdStrike. "According to data from our customer base indexed by Threat Graph, 68% of detections from the last three months were not malware-based," reads the report released Wednesday. READ MORE...
Zoho has shipped an urgent patch for an authentication bypass vulnerability in its ManageEngine ADSelfService Plus alongside a warning that the bug is already exploited in attacks. Tracked as CVE-2021-40539, the security flaw is deemed critical as it could be exploited to take over a vulnerable system. The issue, according to a Zoho advisory, affects the REST API URLs in ADSelfService Plus and could be abused to achieve remote code execution. READ MORE...
Google on Tuesday published the Android Security Bulletin for September 2021 with patches for a total of 40 vulnerabilities, including seven that are rated critical. A total of 16 issues were patched with the first part of this month's security updates - the 2021-09-01 security patch level - including one critical issue in the Framework component. Tracked as CVE-2021-0687, the security bug affects Android 8.1, 9, 10, and 11. READ MORE...
Microsoft today revealed it fixed a vulnerability in its Azure Container Instances services that could have been exploited by a malicious user "to access other customers' information." Azure Container Instances (ACI) is a serverless container environment. Microsoft says it offers the flexibility of containers and the security of VMs running atop a hypervisor. Microsoft has also reminded users that credentials can be found in environment variables, secret volumes, and even in Azure file shares. READ MORE...
Yesterday, independent newsroom ProPublica published a detailed piece examining the popular WhatsApp messaging platform's privacy claims. The service famously offers "end-to-end encryption," which most users interpret as meaning that Facebook can neither read messages itself nor forward them to law enforcement. This claim is contradicted by the simple fact that Facebook employs about 1,000 WhatsApp moderators whose entire job is reviewing WhatsApp messages that have been flagged as "improper." READ MORE...
Microsoft Active Directory (AD), which handles identity management, reportedly holds 90% to 95% market share among fortune 500 companies. Given such broad adoption, it is no surprise that it is so heavily targeted by malicious actors and researchers alike. Among the most cited types of attacks against AD are legacy protocols. One such protocol that receives a lot of focus from attackers is NT LAN Manager (NTLM). READ MORE...