World’s largest DDoS attack record lasted just a few days, Arbor Networks reported that earlier this month a US service provider suffered a 1.7Tbps memcached DDoS attack. On February 28, 2018, the code hosting website GitHub was hit by the largest-ever DDoS attack that peaked at 1.3Tbps. The powerful attack was abusing the memcached protocol to power […]
Facebook has implemented HSTS preloading that instructs a browser to always use SSL/TLS to communicate with eligible websites. Facebook has upgraded its link security infrastructure to include HTTP Strict Transport Security (HSTS) preloading that instructs a browser to always use SSL/TLS to communicate with eligible websites. Facebook and Instagram links will automatically update from HTTP […]
A critical flaw in Pivotal’s Spring Data REST allows remote attackers to execute arbitrary commands on any machine that runs an application built using its components. Pivotal’s Spring Data REST project is affected by a critical vulnerability, tracked as CVE-2017-8046, that was discovered by security researchers at Semmle/lgtm. Pivotal’s Spring Framework a platform is widely used by […]
RMH Franchise Holdings revealed on Friday afternoon that PoS systems at the Applebee âs restaurants were infected with a PoS malware. Another week another data breach, RMH Franchise Holdings revealed last week that PoS systems at the Applebeeâs restaurants were infected with malware. The PoS malware was used to collect names, payment card numbers, expiration dates, and […]
A group of researchers discovered a number of weaknesses in the 4G LTE networks that could be exploited by attackers to eavesdrop on phone calls and text messages, knock devices offline, track location, and spoof emergency alerts. A group of researchers from Purdue and the University of Iowa have discovered a number of vulnerabilities affecting the […]
A group of researchers from the Ohio State University has discovered a new variation of the Spectre attack named SgxPectre that allows to reveal the content of the SGX enclave. A group of researchers from the Ohio State University has discovered a new variation of the Spectre attack named SgxPectre. Intel Software Guard eXtensions (SGX) is a technology […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Once again thank you! ·     Counterfeit Code-Signing certificates even more popular, but still too expensive ·     Czech President wants Russian hacker Yevgeni Nikulin extradited to Russia instead of US ·     Dozen vulnerabilities discovered in Trend Micro Linux-based […]
Crooks already started to blackmail companies asking for a ransom demand in Monero cryptocurrency to avoid being attacked via Memcached servers. Last week, the Github service was hit by the biggest-ever DDoS attack that peaked 1.35 Tbs by abusing the memcached protocol to power so-called memcached DDoS attacks. Researchers believe that threat actors in the wild will abuse misconfigured […]
In the United Kingdom, new smart energy meters that are set to be installed in 27 million homes were found vulnerable by GCHQ. Unsecured IoT devices are a privileged target of hackers and unfortunately, smart energy meters belong to this category. In the UK, new smart energy meters that are set to be installed in […]
Thieves steal 600 powerful computers in a huge heist in Iceland with the intent to use them for mining Bitcoin. Cyber criminal organization continue to show a great interest in cryptocurrencies, the number of crimes against cryptocurrency industry is on the rise. News of the day is that crooks have stolen 600 powerful computers from data centers […]