One of the internet's worst websites is down following a weekend hack that may have exposed the email, password and IP address of Kiwi Farms users. A statement on the site says hackers gained access to site administrator Joshua Moon's account. Site users stalk transgender and nonbinary people.
Attackers could block access to every Contec patient monitoring device connected to a hospital network by sending a single malformed packet, security researchers warn. U.S. authorities say China-based Contec hasn't responded to outreach to fix the flaws.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including implications of the Russia-Ukraine cyberwar, the former CISA director’s somber message to the industry at Black Hat, and how the cryptocurrency landscape is changing.
Attackers could take advantage of a misconfiguration in Palo Alto firewalls to launch amplification DDoS attacks, a vulnerability that led the U.S. Cybersecurity and Infrastructure Security Agency added the vulnerability its catalog of actively exploited vulnerabilities.
Ransomware karma: The notorious LockBit 3.0 ransomware gang's site has been disrupted via a days-long distributed-denial-of-service attack, with administrator LockBitSupp reporting that it appears to be retribution for the gang leaking files stolen from a recent victim: security firm Entrust.
Google detected and stopped one of the largest distributed denial-of-service incidents yet in a likely sighting of the Mēris botnet. Google is not releasing the identity of the victim, whose web servers faced 46 million https requests per second in the attack, which lasted for more than an hour.
As the Russia-Ukraine war continues, Ukrainian government cybersecurity official Victor Zhora says that the country's computer emergency response team has tracked more than 1,600 online attacks and that defensively, "wipers continue to be the biggest challenge."
Sandy Carielli, principal analyst at Forrester, shares research on the latest bot management trends. Forrester found that while bots affect security, e-commerce, marketing, fraud and other teams, security professionals are still the most common bot management users.
Lithuanian state energy company Ignitis Group was the victim of a distributed denial-of-service attack; a pro-Russian hacker group claimed responsibility. The Baltic nation is a supply chain chokepoint for Kaliningrad. Last month, it began enforcing EU sanctions on the Russian exclave.
Lithuania's National Cyber Security Center has warned of increasing DDoS attacks directed against the nation's public authorities and its transport and financial sectors following Lithuania blocking road and rail supplies to the Russian enclave of Kaliningrad.
Cloudflare says it detected and mitigated "the largest HTTPS DDoS attack on record." The 26 million requests per second DDoS attack likely originated from hacked virtual machines and servers kept by cloud computing hosts and was likely exacerbated by computationally intensive encrypted web traffic.
Three months after Russia’s ongoing invasion of Ukraine began, a report from the State Cyber Defense Center's Cyber Rapid Response Team takes a look back at the turbulence the nation has faced in its cyber sphere during Q1 2022 and considers the way ahead.
Microsoft has observed a 254% increase in activity over the past six months from a Linux Trojan called XorDdos. First discovered in 2014, XorDdos was named after its denial-of-service-related activities on Linux endpoints and servers and its usage of XOR-based encryption for its communications.
Italian police reportedly thwarted attempts to disrupt online voting for the music competition Eurovision, allegedly perpetrated by a hacking group called Killnet in retaliation for Russia not being allowed to compete at this year's festival, due to its invasion of Ukraine.
Viasat's satellite communications suffered an outage an hour before the Russian invasion of Ukraine began on Feb. 24. The company said it was a cyberattack, but did not identify the attacker. The U.S., U.K., EU and Ukraine have now attributed this attack to Russia.