Daily NCSC-FI news followup 2020-07-10

Mitigating a 754 Million PPS DDoS Attack Automatically

blog.cloudflare.com/mitigating-a-754-million-pps-ddos-attack-automatically/ On June 21, Cloudflare automatically mitigated a highly volumetric DDoS attack that peaked at 754 million packets per second. This DDoS campaign, the attack peaked at a mere 250 Gbps so it does not seem as the attacker intended to saturate our Internet links, perhaps because they know that our global capacity exceeds 37 Tbps.

Smartwatch hack could trick patients to ‘take pills’ with spoofed alerts

techcrunch.com/2020/07/09/smartwatch-hack-spoofed-alerts/ One of the major flaws found was that the server was using a hard-coded key, which, if used, an attacker could have sent any commands to remotely control any one of these devices.

June’s Most Wanted Malware: Notorious Phorpiex Botnet Rises Again, Doubling Its Global Impact On Organizations

blog.checkpoint.com/2020/07/10/junes-most-wanted-malware-notorious-phorpiex-botnet-rises-again-doubling-its-global-impact-on-organizations/ Check Point Research finds sharp increase in attacks using the Phorpiex Botnet delivering new Avaddon ransomware via malspam campaigns

You might be interested in …

Daily NCSC-FI news followup 2019-08-29

Critical Cisco VM Bug Allows Remote Takeover of Routers threatpost.com/critical-cisco-bug-remote-takeover-routers/147826/ Five More Hackers Become Millionaires on HackerOne www.bleepingcomputer.com/news/security/five-more-hackers-become-millionaires-on-hackerone/ Google adds all Android apps with +100m installs to its bug bounty program www.zdnet.com/article/google-adds-all-android-apps-with-100m-installs-to-its-bug-bounty-program/ Google Targets Data-Abusing Apps with Bug Bounty Launch threatpost.com/google-targets-data-abusing-apps-bug-bounty/147825/ Bug Bounties Continue to Rise, but Market Has Its Own 1% Problem www.darkreading.com/vulnerabilities—threats/vulnerability-management/bug-bounties-continue-to-rise-but-market-has-its-own-1–problem/d/d-id/1335689 The […]

Read More

Daily NCSC-FI news followup 2020-05-17

Who Controls Huawei? [PDF] www.ui.se/globalassets/butiken/ui-paper/2020/ui-paper-no.-5-2020.pdf = EU member states should adopt a unitary interpretation of the toolbox. A complete ban on Huawei from the rollout of European 5G might not be necessary, but the EU and its member states should strive for a significant reduction in Huaweis market share. Putin Is Well on His Way […]

Read More

Daily NCSC-FI news followup 2019-10-17

Security researcher publishes proof-of-concept code for recent Android zero-day www.zdnet.com/article/security-researcher-publishes-proof-of-concept-code-for-recent-android-zero-day/ Qu1ckR00t app can root an Android device using the CVE-2019-2215 zero-day. Operation Ghost: The Dukes arent back they never left www.welivesecurity.com/2019/10/17/operation-ghost-dukes-never-left/ ESET researchers describe recent activity of the infamous espionage group, the Dukes, including three new malware families. We believe Operation Ghost started in 2013 […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.