Attack News, Articles and Updates

US military cyber-commanders call for going on the attack

Several senior US military commanders called for the nation's cyber-forces to go on the attack during a March 13 Senate Armed Services Subcommittee on Cyber-security hearing.

Turkish financial institutions spearphished: North Korea possible attacker

The reputed state-sponsored North Korean hacking group Hidden Cobra has once again been caught in a malware attack against financial organisations.

GitHub rides record-breaking DDoS attack that leveraged memcached servers

GitHub on Wednesday withstood the largest-ever recorded distributed denial of service attack in history, experiencing roughly 10 minutes of disruption during the onslaught, which was amplified using exposed memcached servers.

Recently patched Flash vulnerability spotted in massive malspam campaign

A recently patched Flash Player flaw was exploited in a widespread attack spam campaign primarily targeting South Koreans.

If ransom paid in Bitcoin Cash don't expect to get files back

A new ransomware attack called Thanatos demands payment in Bitcoin Cash, which contains a decryption bug that makes it impossible for attack victims to recover stolen files, reports security researcher Malware HunterTeam.

'First true' native IPv6 DDoS attack spotted in wild

First in-the-wild DDOS IPV6 attack hits servers, with portents of more to come. The DNS dictionary attack originated from around 1,900 different native IPv6 hosts, on more than 650 different networks.

Enter boardroom, set hair on fire. How not to tackle incident response

Event anomalies can be an indicator of attack, but they can also just be an IT problem. New research suggests the latter might be more common than you think.

Massive code rewrite may be required to patch Skype vulnerability

Skype is reportedly refusing to patch a security vulnerability in its updater process which could allow an attacker to gain system level privileges on a vulnerable computer.

Ransomware attack on US newspaper database exposes 19.5M voter records

The Sacramento Bee newspaper in the US deleted two databases hosted by a third party after a ransomware attack exposed the voter records of 19.5 million voters and 53,000 current and former subscribers to the newspaper.

Flash Player zero-day attacks attributed to advancing North Korean APT

Researchers are reporting that an increasingly sophisticated North Korean hacking group is responsible for an attack campaign exploiting CVE-2018-4878, a critical use-after-free flaw in Flash Player that has not yet been patched.

POS vulnerability affecting 300,000 systems patched by Oracle

Oracle recently patched a Micros point-of-sale vulnerability which could have allowed an attacker to read any file and receive information about various services without authentication from a vulnerable MICROS workstation.

Active Directory attack could enable malicious domain controller set up

DCShadow attack allows installation of backdoor. Hackers could set up their own fake domain controller in an existing corporate network to distribute malware and leave a backdoor.

New Mirai botnet variants target ARC processors, cryptomining hosts

A newly discovered variant of the Mirai Internet of Things botnet is specifically designed to attack the ubiquitous 32-bit embedded Argonaut RISC Core processor from ARC International.

Microsoft Office flaw exploited by suspected Iranian APT group

Researchers believe a suspected Iranian APT group is responsible for a recent cyber-espionage operation that targeted a Middle Eastern government organisation.

Satori Botnet able to launch crippling attacks at any time

A massive new IoT botnet dubbed Satori has emerged, which security researchers fear, can launch crippling attacks at any time. According to the IBT the botnet has already infected more than 280,000 IP addresses in just 12 hours.

Market-leading security products broken by Doppelganging attack

New Doppelganging attack process memory attack methodology not only defeats market-leading security products but breathes new life into old threats at the same time.

Understanding the human element behind cyber-attacks: indicators of attack

Joep Gommers explains why focusing on the actor will help businesses to protect themselves from a potential cyber-attack, hence the need to understand indicators of attack, in addition to indicators of compromise.

How long must we wait for Tesco to reveal cyber-heist attack data?

The Tesco Bank cyber-heist was Britain's biggest attack to date but the information on how the attack was perpetrated is not being shared with those who need to know, reports Davey Winder.

120k strong botnet found in the wild

Networking and telecomms specialists Level 3 have discovered a botnet of 120,000 devices in the course of conducting DDoS research.

Unlimited size message vulnerability found in Telegram

Two researchers have found a rather annoying exploit in the Telegram encrypted communications app

£442 billion potential loss in UK power sector cyber-attack

Report examines how the direct and indirect economic costs accrue for a hypothetical cyber-attack on the UK's critical national infrastructure.

Triada trojan on Android devices "complex as Windows malware"

Nearly two-thirds of Android phones and tablets susceptible to attacks by the complex Triada Trojan

Dammit Janet: University network suffers DDoS attacks

Infrastructure supporting academic services under sustained distributed denial of service attack coming from an unknown quarter.

JD Wetherspoon attack took 15 mins says hacker 'Ropertus'

Last Friday it was reported that British pub chain JD Wetherspoon suffered a data breach causing a leak of more than 650,000 customer details; now the hacker responsible explains how easy it was.

Video: Chris Wysopal on how long it would take to break the internet

From hacker to security researcher and CTO of a major cyber-security software company, Chris Wysopal has developed strong views on what works and doesn't work and how the world needs to wise up to security.

Massive traffic attack: botnet-powered Layer 7 HTTP flood

Previously 'only-theoretical' attack made real; impact consumes server resources to make websites implode

BitTorrent moves to patch reflective DDoS attack flaw

Vulnerable libuTP protocol could have been used to force torrent apps to send malicious traffic

DD4BC are DDoS attack driving force, new report claims

A new report on DDoS trends points the finger at one group as the driving force behind many attacks. So, who is DD4BC?

GitHub seeks to contain DDoS attack

Second DDoS attack this year against GitHub code repository - site offline for several hours.