Tag Archive for: growing

DDoS attacks, growing more sophisticated, surged in Q2

/in


Dive Brief:

  • Distributed denial of service attacks surged during the second quarter as criminal and state-linked hacking organizations unleashed a number of sophisticated attacks against critical infrastructure providers and other organizations across the globe, Cloudflare said in a report released Tuesday.  
  • Experts linked pro-Russia hacktivist groups, including Killnet and Anonymous Sudan, to recent major DDoS attacks against Microsoft and threats against financial centers in the U.S. and Europe. 
  • Cloudflare research shows a sharp increase in deliberately engineered and targeted DNS attacks.

Dive Insight:

Cloudflare researchers report “alarming” increases in highly randomized and sophisticated HTTP DDoS attacks in recent months. 

“In some cases, these types of attacks are virtually indistinguishable from legitimate user traffic,” Omer Yoachimik, product manager of Cloudflare’s DDoS protection service, said via email. “Attackers have shown they are able to excel at imitating browser behavior which makes it especially challenging to filter the bad traffic without impacting legitimate traffic.”

Among the most serious attacks during the quarter, researchers noted an ACK flood DDoS attack that originated from a Mirai-variant botnet comprising about 11,000 IP addresses. The attack targeted an internet service provider in the U.S. and peaked at 1.4 terabits per second. 

Mattias Wåhlén, threat intelligence expert at Truesec, said the rise in DDoS attacks is linked to the increased use of flooding attacks, which are considered much more difficult to defend against compared with traditional DDoS attacks.

“These attacks are far more effective, as they tie [up] much more of the server’s capacity,” Wahlen said. 

In June, the Cybersecurity and Infrastructure Security Agency urged organizations to monitor their computer networks and exercise vigilance in order to determine whether outages were maintenance related or linked to an attack. 

Hackvists earlier this month claimed to have attacked payments company Stripe and the Treasury Department’s Electronic Federal Tax Payment System

Anonymous Sudan is now…

Source…

Cyber Attacks Against Mobile Devices Growing Fast

/in


by D. Howard Kass • Jul 3, 2023

A rise in mobile-powered businesses is creating vulnerability gaps that are being exploited by cyber criminals and nation-states, according to a new report by Zimperium, a mobile first security platform provider.

Indeed, some 43% of all compromised devices were fully exploited — not just jailbroken or rooted — an increase of 187% year-over-year, Zimperium found in its 2023 Global Mobile Threat Report.

Explosive Growth in Mobile Device Use Fuels Wider Attack Surface

Shridhar Mittal, Zimperium chief executive, said the “explosive growth” in mobile device and app use has created a wider attack surface:

“Mobile devices are integral to the way we work, communicate, navigate, bank and stay informed — creating new opportunities for malware. Last year’s Global Mobile Threat Report revealed that 60% of the endpoints accessing enterprise assets were mobile devices, and this does not seem to be slowing down. Mobile-powered businesses must increase mobile security measures to protect the personal data security of employees and the sensitive information belonging to the organization.”

Here are some of the key findings from the study:

  • 80% of phishing sites target mobile devices specifically or are designed to function both on desktop and mobile. Meanwhile, the average user is six to ten times more likely to fall for SMS phishing attacks than email-based attacks.
  • During 2022, Zimperium detected an average of four malicious/phishing links clicked for every device covered with its anti-phishing technology.
  • EMEA and North America have the highest percentage of devices being impacted by spyware, with EMEA at 35% and North America at 25%.
  • There was a 138% increase in critical Android vulnerabilities discovered in 2022, while Apple iOS accounted for 80% of the zero-day vulnerabilities actively being exploited in the wild.
  • Between 2021 and 2022, the total number of unique mobile malware samples rose 51%, with more than 920,000 samples detected, including Dirty RatMilad, MoneyMonger and Dark Herring.
  • In 2021, Zimperium detected malware on 1 out of 50 Android devices. It increased significantly in 2022 to 1 out of every 20 devices.
  • ±2% of all…

Source…

The Growing Importance of IoT Security in Cybersecurity Technologies

/in


The Growing Importance of IoT Security in Cybersecurity Technologies

The Internet of Things (IoT) has rapidly become an integral part of our daily lives, with billions of interconnected devices ranging from smart home appliances to industrial sensors. This vast network of devices generates an enormous amount of data, providing valuable insights and enabling automation in various sectors. However, the increasing reliance on IoT devices also brings forth a significant challenge in terms of cybersecurity. As the number of connected devices continues to grow, so does the potential for cyber threats and attacks. Consequently, the importance of IoT security in cybersecurity technologies has become a critical concern for businesses, governments, and individuals alike.

One of the primary reasons for the growing importance of IoT security is the sheer scale of the IoT ecosystem. According to recent estimates, there will be more than 75 billion connected devices worldwide by 2025. This exponential growth in the number of IoT devices creates a larger attack surface for cybercriminals, making it easier for them to exploit vulnerabilities and gain unauthorized access to sensitive data. In fact, a study by the Ponemon Institute found that 80% of IoT applications are not tested for vulnerabilities, making them prime targets for cyberattacks.

Moreover, the nature of IoT devices makes them particularly susceptible to cyber threats. Many IoT devices are designed with convenience and cost-effectiveness in mind, often at the expense of security features. For instance, some devices may lack proper encryption or authentication mechanisms, making it easier for hackers to intercept data or take control of the device. Additionally, the lifespan of IoT devices tends to be longer than that of traditional IT hardware, meaning that they may continue to operate with outdated software and security patches, further increasing their vulnerability to cyberattacks.

The consequences of IoT security breaches can be severe, not only in terms of financial losses but also in terms of safety and privacy. In 2016, the Mirai botnet attack demonstrated the potential damage that can be caused by exploiting IoT devices. The…

Source…

Ransomware demands increasingly paid amid growing attack severity – SC Media

/in



Ransomware demands increasingly paid amid growing attack severity  SC Media

Source…