Security practitioners often tread a fine and not entirely well-defined legal line in collecting current and meaningful research. This research can also pose ethical questions when commercial sources for stolen data fall into a gray area.
The zero-day attacks against Accellion's File Transfer Appliance show that a number of big-name firms continued to use the legacy technology - even though more secure, cloud-based options were available. Evidently, many CISOs didn't see a compelling reason to move on. Of course, now they do.
What happens when an e-commerce retailer sends customers a data breach notification email with a subject line that reads "strictly private and confidential"? "Clearly trying to make people stay quiet," responded one unamused Fat Face customer. Others report being none the wiser as to what risks they now face.
Nearly four years after the WannaCry ransomware hit the world, targeting the EternalBlue vulnerability in Microsoft SMB version 1, security firms say the malware continues to be a top threat detected in the wild by endpoint security products. Why won't WannaCry just die?
Authorities have accused Serbia-based scammers of capitalizing on the "initial coin offering" bubble that began in 2017, bilking global cryptocurrency investors out of $70 million via Bitcoiin2Gen and other supposed coins and hiring actor Steven Seagal to endorse them.
The National Security and Defense Council of Ukraine accuses Russia of turning Ukrainian government servers into a botnet for massive distributed denial-of-service attacks that then caused the servers to be blocked.
In 2020, a cybercrime operation known as ShinyHunters breached nearly 50 organizations, security researchers say. And this year, it shows no signs of slowing down - it's already hacked e-commerce site Bonobo and dating site MeetMindful.
Researchers with NetScout are warning that attackers are abusing certain versions of the Plex media server app to strengthen and amplify DDoS attacks. The FBI has also warned about increases in DDoS attacks that use these types of amplification techniques.
Researchers at the security firm Netlab have identified a previously undocumented botnet dubbed "Matryosh" that is targeting vulnerable Android devices to help build its network so it can conduct distributed denial-of-service attacks.
Drawing upon Imperva's own recent Cyber Threat Index findings, Reinhart Hansen, director of technology in the office of the CTO, talks about that latest application vulnerabilities and DDoS attack trends as we start 2021.
New Zealand’s financial regulator has issued a searing report about IT security failures at NZX, the country’s stock exchange, that contributed to a disruptive DDoS attack. The regulator says NZX had inadequate IT security and failed to prepare for DDoS attacks.
The number of distributed denial-of-service attacks launched in 2020 surpassed 10 million, up from 8.5 million in 2019, according to NetScout's Atlas Security Engineering and Response Team.
Threat actors are exploiting vulnerable Microsoft Remote Desktop Protocol servers to amplify DDoS attacks, according to a report from Netscout, which offers mitigation advice.
Threat actors behind a distributed denial-of-service campaign targeted the same set of victims again after the organizations refused to pay the initial ransom demand, a new report by security firm Radware finds.
Researchers at Check Point Research are tracking a new botnet dubbed "FreakOut" that's targeting vulnerabilities in Linux systems. The malware is creating a malicious network that has the potential to launch DDoS attacks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.