Cybersecurity

New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

Apr 04, 2024NewsroomVulnerability / Internet Protocol New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks. The technique has been codenamed HTTP/2 CONTINUATION Flood by security researcher Bartek Nowotarski, who reported the issue to the CERT Coordination Center (CERT/CC) on January 25, 2024. “Many HTTP/2 […]

Cybersecurity

Investment Scams Grow, 13,000 Domains Detected in January 2024

Internet security experts have detected and blocked nearly 13,000 fake investment platform domains across more than 7000 IPs in January 2024, a 25% increase from December 2023. The figure comes amid growing concerns over the escalating threat of online investment scams, which continue to prey on unsuspecting individuals worldwide.  According to data from the Federal Trade […]

Cybersecurity

Iowa electric, water utility says info of nearly 37,000 leaked in January ransomware attack

A utility company controlling the water, electricity and internet for a town in eastern Iowa confirmed that a January ransomware attack led to the exposure of sensitive information from nearly all local residents. Muscatine Power and Water — providing the Muscatine and Fruitland area with internet, TV, phone, water, and electric services for more than […]

Cybersecurity

Critical Manufacturing Vulnerabilities Surge 230% in Six Months

Threat actors are targeting operational technology (OT) and Internet of Things (IoT) environments with increasing sophistication and have a growing attack surface of vulnerabilities to help them do so, Nozomi Networks has warned in a new report. Its Assessing the Threat Landscape report covers the second half of 2023 using internally sourced data from honeypots and customer […]

Cybersecurity

Exposed Docker APIs Under Attack in ‘Commando Cat’ Cryptojacking Campaign

Feb 01, 2024NewsroomCryptojacking / Linux Security Exposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat. “The campaign deploys a benign container generated using the Commando project,” Cado security researchers Nate Bill and Matt Muir said in a new report published today. “The attacker escapes this container […]

Cybersecurity

Exposed Docker APIs Under Attack in ‘Commando Cat’ Cryptojacking Campaign

Feb 01, 2024NewsroomCryptojacking / Linux Security Exposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat. “The campaign deploys a benign container generated using the Commando project,” Cado security researchers Nate Bill and Matt Muir said in a new report published today. “The attacker escapes this container […]

Cybersecurity

NSA Admits Secretly Buying Your Internet Browsing Data without Warrants

Jan 29, 2024NewsroomSurveillance / Data Privacy The U.S. National Security Agency (NSA) has admitted to buying internet browsing records from data brokers to identify the websites and apps Americans use that would otherwise require a court order, U.S. Senator Ron Wyden said last week. “The U.S. government should not be funding and legitimizing a shady […]