ICYMI: Lizard DDoS; Botnet growth; Qatari breach; Open source flaws; Ransomware surge

Lizard Squad downs DNS registrar, hacks Lenovo website
Lizard Squad downs DNS registrar, hacks Lenovo website

New wave of Lizard Squad DDoS attacks

At least 20 companies have been hit by extortion demands from the Lizard Squad hacker group, according to an alert issued by Action Fraud. Victims have been told that if they don't pay five bitcoins – just over £1,500 – they will suffer a DDoS attack.

Action Fraud, part of City of London Police, sent out its alert late on Friday, warning: “The group has sent emails demanding payment of five bitcoins, to be paid by a certain time and date. The email states that this demand will increase by five bitcoins for each day that it goes unpaid.”  More

Botnets getting bigger, DDoS attacks more frequent

Cyber-criminals are shifting away from cheap and easy DDoS attacks to more complex and focused ones, according to a new report from Kaspersky. In its quarterly DDoS Intelligence report, the firm said that there was also a nearly fourfold increase in the number of DDoS attacks.

At least 74 countries were targeted by DDoS attacks in Q1 and as in the previous quarter, the vast majority of those resources were located in just ten countries, with Ukraine, Germany and France all making a new appearance. During the reporting period, the maximum number of attacks against a single target increased: 33 attacks compared to 24 in the previous quarter. More

Qatar National Bank breached, Turkish fascists claim responsibility

Qatar National bank has had 1.4 GB of internal files published online. These  include transaction logs and the personal information of a wide range of customers from normal customers all the way to the Qatari royal family, Al Jazeera journalists and western intelligence agencies including the names of intelligence agents. A Turkish fascist group has claimed responsibility.

The leak was first posted at Global Files.net earlier this week before being taken down and reposted on another website, Cryptome. Appar. More

Vendors hiding open-source security flaws in commercial software

A study carried out by Black Duck Software found that security vulnerabilities contained within the open source components of Commercial software are often hidden from the customers that deployed this software on their infrastructure. The report, called “The State of Open Source Security in Commercial Applications” looked at 200 applications over six months. Around two-thirds (67 percent) of open source components had unpatched vulnerabilities.

Worryingly, these vulnerabilities were on average five years old and around 40 percent could be classed as “high severity”, with CVSS scores of seven or higher. More

Ransomware continues to plague world's computers, says FireEye

Ransomware achieved a remarkable upswing during the last half of 2015 according to a new report from FireEye. Between October and November last year, the use of ransomware shot up by nearly 20 percent.

Old ‘favourites' such as Cryptolocker, Cryptowall, CTB Locker and Kryptovor, though all long recognised, still pose persistent threats to people and businesses alike. More