Distributed denial-of-service (DDoS) attacks are a year-round threat. However, as many security practitioners can attest, DDoS attacks are particularly prolific during high-traffic times like the holiday season. The holidays are typically a time when organizations have reduced resources, with staff taking vacation and fewer cyber resources dedicated to monitoring networks and applications. Cybercriminals often take…

The official website of the UK royal family was subject to a distributed denial-of-service (DDoS) attack on the morning of Sunday, Oct. 1, thanks to pro-Russian hacktivists. The resulting downtime for royal.uk began around 10 a.m. BST, and only lasted for around 90 minutes. As of this writing, though, visitors to the site are still…

A cybercriminal group calling itself Diicot is performing mass SSH brute-force scanning and deploying a variant of the Mirai IoT botnet on compromised devices, according to researchers. The group also deploys a cryptocurrency mining payload on servers with CPUs that have more than four cores. “Although Diicot have traditionally been associated with cryptojacking campaigns, Cado…

As electric vehicle (EV) charging infrastructure rushes to keep pace with the dramatic rise in sales of electric vehicles in the United States, cyberattackers and security researchers alike have already started focusing on security weaknesses in the infrastructure. In February, researchers with energy-network cybersecurity firm Saiflow discovered two vulnerabilities in the Open Charge Point Protocol…

The cybersecurity landscape for financial institutions and finance technology (fintech) has changed dramatically in the past few years, and 2023 will likely be no different. In 2022, for example, distributed denial-of-service (DDoS) attacks targeting financial firms increased by 22% worldwide, compared to the previous year, according to a joint report published by the Financial Services…

Like a member of any profession, a chief information security officer (CISO) grows into their role. They exhibit a maturity curve that can be roughly split into five attitudes: Protection: When a CISO first steps into their role, they look to perfect the basics and build a fortress for themselves in the form of firewalls,…

A type of cyberattack targeting applications or websites, denial-of-service (DoS) attacks aim to exhaust the target system’s resources to render it inaccessible to legitimate users. DDoS attacks may target server vulnerabilities to overload network resources or to consume these resources through the reflection of a high volume of network traffic to the target, or may…

Also known as BlackCat and Noberus, ALPHV emerged in November 2021 as the first ransomware family coded using the Rust programming language. To date, the ALPHV cybergang has compromised more than 100 organizations. Likely tied to the cybercrime group behind the Darkside/Blackmatter ransomware, ALPHV operates under the Ransomware-as-a-Service (RaaS) business model, with their affiliates compromising…