Recent Security News
-
HTTP/2 ‘Rapid Reset’ zero-day exploited in biggest DDoS deluge seen yet
October 10, 2023 at 04:46PM Cloudflare reported that the largest distributed denial-of-service (DDoS) attack ever recorded was launched using a zero-day vulnerability in the HTTP/2 protocol. The attack surpassed 398 million requests per second, more than five times larger than the previous record. Google, Cloudflare, and AWS have disclosed the vulnerability and implemented mitigations to…
-
October 10, 2023 at 12:38PM – Microsoft announces plans to kill VBScript malware delivery
October 10, 2023 at 12:38PM Microsoft plans to phase out VBScript in future Windows releases, after 30 years of use. VBScript will become an on-demand feature until it is completely removed from the operating system. This decision is likely related to the discontinuation of Internet Explorer, which eliminates a major infection vector for malware. Microsoft…
-
Mirai DDoS malware variant expands targets with 13 router exploits
October 10, 2023 at 04:36PM The Mirai-based DDoS malware botnet known as IZ1H9 has expanded its targets to include Linux-based routers and routers from brands like D-Link, Zyxel, TP-Link, and TOTOLINK. Fortinet researchers have observed high exploitation rates in September, with tens of thousands of attempts on vulnerable devices. IZ1H9 compromises devices, enlists them in…
-
October 10, 2023 at 12:16PM – North Korea’s State-Sponsored APTs Organize & Align
October 10, 2023 at 12:16PM North Korean APT groups have increased collaboration and coordination during the COVID-19 pandemic. The lines are blurring between individual groups, making it difficult to determine responsibility for specific threat activities. North Korean actors are diversifying attacks, sharing tools and code, and targeting the supply chain. Collaboration between defenders, governments, and…