Trend Micro has published a list of the top threats and most attacked vulnerabilities for Linux in the first half of 2021. The results were obtained from honeypots, sensors and anonymous telemetry. In total, the company recorded about 15,000,000 malicious events targeting Linux-based cloud environments and estimates that miners and ransomware account for 54% of… Continue reading Experts list 15 most attacked Linux vulnerabilities
Tag: Cyberattack
NASA has faced 6000 cyberattacks in the past four years
NASA has identified more than 6000 different cyberattacks over the past four years, according to a recent report from the National Aeronautics and Space Administration. The document states that NASA has institutional systems that are used for the day-to-day work of employees (this includes data centers, web services, computers and networks). NASA also has separate… Continue reading NASA has faced 6000 cyberattacks in the past four years
Microsoft developed a SimuLand lab environment for simulating cyberattacks
Microsoft has developed an open source SimuLand lab environment to help testing and improving Microsoft 365, Defender, Azure, and Azure Sentinel protection against a variety of cyberattack scenarios. SimuLand enables “resources from a variety of data sources, including telemetry from Microsoft 365 Defender security products, Azure Defender, and other integrated sources through Azure Sentinel Data… Continue reading Microsoft developed a SimuLand lab environment for simulating cyberattacks
FBI investigates cyberattacks on two water supply systems in Pennsylvania
Last month, the local Water Action Response Network, which includes utility companies, sent emails to its members, informing that cyberattacks had affected two water supply systems. According to the letter, the hackers installed a web shell in the networks of enterprises for remote access to them. The attack was detected and stopped, and the FBI… Continue reading FBI investigates cyberattacks on two water supply systems in Pennsylvania
Experts have discovered bugs in the 5G protocol that allow tracking location and arranging of DoS attacks
AdaptiveMobile specialists have published a report on new bugs in the 5G protocol, thanks to which it is possible to disable network segments (DoS) and steal user data, including location information. The issues identified are related to the 5G network partitioning mechanism that allows operators to split their infrastructure into smaller blocks dedicated to specific… Continue reading Experts have discovered bugs in the 5G protocol that allow tracking location and arranging of DoS attacks
Attackers using DCCP protocol for DDoS attacks
Akamai has noticed that attackers are using the little-known DCCP network protocol (Datagram Congestion Control Protocol) for DDoS attacks. This internet standard was approved in 2007 and helps monitoring network congestion for UDP-based communications. DCCP is especially effective for applications where data arriving at the wrong time becomes useless. For example, streaming, online gaming, and… Continue reading Attackers using DCCP protocol for DDoS attacks
DTLS can amplify DDoS by 37 times
Netscout warns that using of the DTLS vector allows hackers to amplify DDoS attacks by 37 times. The researchers found that criminals are using a relatively new vector for amplifying DDoS attacks: the Datagram Transport Layer Security (DTLS) protocol, which provides connection security for protocols using datagrams. DTLS, like other UDP-based protocols, is susceptible to… Continue reading DTLS can amplify DDoS by 37 times
Microsoft: SolarWinds Hackers Stole Source Codes of Azure, Exchange and Intune Components
Microsoft experts announced that they have completed an official investigation of the attack, and told what exactly SolarWinds hackers were able to steal. The company reiterated that it was found no evidence that outsiders could somehow abuse Microsoft systems or use its products to attack customers. Let me remind you that Microsoft acknowledged the fact… Continue reading Microsoft: SolarWinds Hackers Stole Source Codes of Azure, Exchange and Intune Components
Microsoft Says Over 1,000 Developers Worked on SolarWinds Attack
In an interview with CBSNews, Microsoft President Brad Smith said the recent attack on SolarWinds was “the largest and most sophisticated he has ever seen.” According to him, the analysis of the hack carried out by the company’s specialists suggests that more than 1,000 developers worked on this attack. At the same time, Smith says… Continue reading Microsoft Says Over 1,000 Developers Worked on SolarWinds Attack
DreamBus botnet attacks corporate applications on Linux servers
Zscaler analysts reported about the new DreamBus botnet that attacks corporate applications on Linux servers. It is a variation of the SystemdMiner malware that appeared back in 2019. DreamBus has received a number of improvements over SystemdMiner. For example, the botnet mainly targets enterprise applications running on Linux systems, including PostgreSQL, Redis, Hadoop YARN, Apache… Continue reading DreamBus botnet attacks corporate applications on Linux servers