cyberattack – Page 4 – SSL and internet security news

15.3 Million Request-Per-Second DDoS Attack

May 5, 2022 infossl

cryptocurrency, cyberattack, denial of service, Security technology, Uncategorized

Cloudflare is reporting a large DDoS attack against an unnamed company “operating a crypto launchpad.” While this isn’t the largest application-layer attack we’ve seen, it is the largest we’ve seen over HTTPS. HTTPS DDoS attacks are more expensive in terms of required computational resources because of the higher cost of establishing a secure TLS encrypted … Read More “15.3 Million Request-Per-Second DDoS Attack” »

Microsoft Issues Report of Russian Cyberattacks against Ukraine

April 28, 2022 infossl

cyberattack, cyberespionage, cyberwar, espionage, reports, russia, Security technology, ukraine, Uncategorized

Microsoft has a comprehensive report on the dozens of cyberattacks — and even more espionage operations — Russia has conducted against Ukraine as part of this war: At least six Russian Advanced Persistent Threat (APT) actors and other unattributed threats, have conducted destructive attacks, espionage operations, or both, while Russian military forces attack the country … Read More “Microsoft Issues Report of Russian Cyberattacks against Ukraine” »

Russian Cyberattack against Ukrainian Power Grid Prevented

April 13, 2022 infossl

cyberattack, cyberwar, cyberweapons, malware, russia, Security technology, ukraine, Uncategorized

A Russian cyberweapon, similar to the one used in 2016, was detected and removed before it could be used. Key points: ESET researchers collaborated with CERT-UA to analyze the attack against the Ukrainian energy company The destructive actions were scheduled for 2022-04-08 but artifacts suggest that the attack had been planned for at least two … Read More “Russian Cyberattack against Ukrainian Power Grid Prevented” »

White House Warns of Possible Russian Cyberattacks

March 22, 2022 infossl

cyberattack, cyberwar, infrastructure, russia, Security technology, Uncategorized

News: The White House has issued its starkest warning that Russia may be planning cyberattacks against critical-sector U.S. companies amid the Ukraine invasion. […] Context: The alert comes after Russia has lobbed a series of digital attacks at the Ukrainian government and critical industry sectors. But there’s been no sign so far of major disruptive … Read More “White House Warns of Possible Russian Cyberattacks” »

US Critical Infrastructure Companies Will Have to Report When They Are Hacked

March 15, 2022 infossl

cyberattack, cyberespionage, cybersecurity, defense, espionage, hacking, infrastructure, laws, ransomware, Security technology, Uncategorized

This will be law soon: Companies critical to U.S. national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress. […] The reporting requirement legislation was approved by the House and the Senate on Thursday and is expected to be signed into law by President … Read More “US Critical Infrastructure Companies Will Have to Report When They Are Hacked” »

Insurance Coverage for NotPetya Losses

February 28, 2022 infossl

cyberattack, cybersecurity, economics of security, insurance, russia, Security technology, ukraine, Uncategorized

Tarah Wheeler and Josephine Wolff analyze a recent court decision that the NotPetya attacks are not considered an act of war under the wording of Merck’s insurance policy, and that the insurers must pay the $1B+ claim. Wheeler and Wolff argue that the judge “did the right thing for the wrong reasons..” Powered by WPeMatico

New DeadBolt Ransomware Targets NAT Devices

January 26, 2022 infossl

cyberattack, encryption, ransomware, Security technology, Uncategorized, zero-day

There’s a new ransomware that targets NAT devices made by QNAP: The attacks started today, January 25th, with QNAP devices suddenly finding their files encrypted and file names appended with a .deadbolt file extension. Instead of creating ransom notes in each folder on the device, the QNAP device’s login page is hijacked to display a … Read More “New DeadBolt Ransomware Targets NAT Devices” »

Merck Wins Insurance Lawsuit re NotPetya Attack

January 25, 2022 infossl

courts, cyberattack, data destruction, insurance, russia, Security technology, Uncategorized

The insurance company Ace American has to pay for the losses: On 6th December 2021, the New Jersey Superior Court granted partial summary judgment (attached) in favour of Merck and International Indemnity, declaring that the War or Hostile Acts exclusion was inapplicable to the dispute. Merck suffered US$1.4 billion in business interruption losses from the … Read More “Merck Wins Insurance Lawsuit re NotPetya Attack” »

Ransomware Attacks against Water Treatment Plants

October 19, 2021 infossl

cyberattack, infrastructure, ransomware, scada, Security technology, Uncategorized

According to a report from CISA last week, there were three ransomware attacks against water treatment plants last year. WWS Sector cyber intrusions from 2019 to early 2021 include: In August 2021, malicious cyber actors used Ghost variant ransomware against a California-based WWS facility. The ransomware variant had been in the system for about a … Read More “Ransomware Attacks against Water Treatment Plants” »

Nasty Printer Driver Vulnerability

July 22, 2021 infossl

cyberattack, hp, printers, privilege escalation, Security technology, Uncategorized, vulnerabilities

From SentinelLabs, a critical vulnerability in HP printer drivers: Researchers have released technical details on a high-severity privilege-escalation flaw in HP printer drivers (also used by Samsung and Xerox), which impacts hundreds of millions of Windows machines. If exploited, cyberattackers could bypass security products; install programs; view, change, encrypt or delete data; or create new … Read More “Nasty Printer Driver Vulnerability” »