Welcome to "Cyber Fail" - ISMG's roundup of all that's broken in the world of cybersecurity, where our panel of experts uncovers the fails so we can strengthen our defenses. In this episode, ISMG host Anna Delaney takes on bumbling cybercrooks, avoidable breaches and the ethics of paying a ransom.
A recent, brief disruption at Canadian airports is a reminder that Russia-aligned hacking groups' bark remains worse than their bite. Experts say these groups' impact largely remains minimal, which begs the question of how they disrupted arrival kiosks across Canadian airports.
The demand for DDoS-for-hire services has surged significantly in recent years. Cameron Schroeder, chief of the Cyber and Intellectual Property Crimes Section at the U.S. Attorney’s Office, said the increase is driven by accessibility, ease of use and the need for only minimal technical proficiency.
Let’s face it — evaluating your DDoS protection can be challenging. But, with a 74% increase in DDoS attacks year-over-year in 2022, it's critical if you want to avoid paying hackers large ransoms and prevent employees from being locked out of critical applications and assets.
Since your DDoS protection must be...
Pro-Russian and self-declared "hacktivist" group Anonymous Sudan appears to use expensive online infrastructure to perpetuate distributed denial-of-service attacks, undermining its claim to be a volunteer group operating from an impoverished East African country.
The litany of outages plaguing Azure and Microsoft 365 in recent weeks stems from DDoS attacks carried out by a pro-Russian hacktivist group. The threat actor since early June has launched DDoS attacks from multiple cloud services and open proxy infrastructures thanks to its collection of botnets.
Versions of the Mirai botnet are targeting a vulnerability present in numerous Zyxel network devices. Zyxel patched the vulnerability in April but it's not clear how many users have applied the fix. Security experts warn the flaw appears to be exploited at a massive scale.
An obscure routing protocol codified during the 1990s has come roaring back to attention after researchers found a flaw that would allow attackers to initiate massive distributed denial-of-service attacks. Researchers from Bitsight and Curesec say they found a bug in Service Location Protocol.
Most of the healthcare organizations hit by distributed denial-of-service attacks by pro-Russia hacktivists in January have one or more level 1 trauma centers, indicating that the attackers aimed to disrupt care for the most critically ill and injured patients, according to a new government report.
Warning to criminals: Could that cybercrime service you're about to access really be a sting by law enforcement agents who are waiting to identify and arrest you? That's the message from British law enforcement agents, who say they're running multiple DDoS-for-hire sites as criminal honeypots.
Europe's cybersecurity agency predicts hackers will take advantage of the growing overlap between information and operational technologies in the transport sector and disrupt OT processes in a targeted attack. Ransomware will become a tool wielded for political and financial motivations, says ENISA.
In a new report, tech giant Microsoft says distributed denial-of-service attacks became shorter in duration but more potent in 2022. The United States, India and East Asia were the top regions affected by DDoS attacks, and IoT devices continued to be the preferred mode of attack.
Federal authorities are urging healthcare sector entities to take steps to protect their web applications, connected devices and other critical systems against distributed denial-of-service attacks. The warning comes weeks after a wave of DDoS attacks from Russian nuisance hacking group KillNet.
In the latest weekly update, ISMG editors discuss the lasting effects of the takedown of the Hive ransomware group, why the U.S. government is warning of a surge in Russian DDoS attacks on hospitals, and why the lack of transparency in U.S. breach notices is creating more risk for consumers.
Acquiring Area 1 Security has allowed Cloudflare to extend its network protection capabilities from DDoS attacks to phishing emails, says co-founder and CEO Matthew Prince. Area 1's technology means customers will enjoy a better rate of detection with fewer false positives than legacy offerings.