Cyberattack

Cloudflare says it has blocked a distributed denial-of-service (DDoS) attack that peaked at between 50 and 70 million requests per second (rps), at one point reaching 71 rps. Cloudflare says that the attack “is the largest reported HTTP DDoS attack on record.” The record-breaking DDoS was just one of dozens of DDoS attacks over the …

A US legislator plans to introduce a bill that would require power grid operators to notify the Department of Energy (DoE) of cyber incidents within 24 hours of their detection. The Critical Electric Infrastructure Cybersecurity Incident Reporting Act would give DoE the responsibility of establishing guidelines for determining which incidents must be reported and for …

As the digital age continues to progresses, it is increasingly important that we understand how to stay secure and protected when browsing online. It is becoming more and more likely that we will come across malicious sites and vulnerable networks, so it is essential that we take the necessary precautions to protect ourselves when browsing …

The websites of some German airports, financial institutions, and government agencies were targeted with distributed denial-of-service (DDoS) attacks earlier this week. The attacks are believed to be the work of Russian hacktivists. Germany’s Federal office for Information Security (BSI) says that some websites were made unavailable, but there were no service disruptions. Note DDoS attacks …

In a January 19 statement, the US Federal Aviation Administration (FAA) said that according to a preliminary review, “contract personnel unintentionally deleted files while working to correct synchronization between the live primary database and a backup database. The agency has so far found no evidence of a cyber-attack or malicious intent.” The statement also notes …

Security researcher Dawid Potocki discovered that more than 300 motherboard models from MSI do not implement the Secure Boot feature by default, which means that they will allow any bootloader, signed or unsigned, to run. According to an MSI Reddit post, the company says they “preemptively set Secure Boot as Enabled and ‘Always Execute’ as …

This article could start by reviewing the college that closed permanently after a ransomware attack or the large school district that suffered an incident during a recent holiday weekend. Or it could focus on how critical infrastructure—such as water treatment plants, pipelines, and meat processing plants—are increasingly under attack. We could even comment on the …

Royal Mail, which suffered a ransomware attack earlier this month, is slowly recovering from the incident. Initially, the attack disrupted the UK postal service company’s operations, rendering it unable to ship overseas. Earlier this week, Royal Mail said that it has “resumed the export of letters which do not require a customs declaration to all …

A cyberattack compelled the Des Moines (Iowa) Public School District to cancel classes earlier this week. The attack also rendered the district’s Internet and network services unavailable. According to an update from the school district, access to Infinite Campus and to phones has been restored; they planned to resume classes on Thursday, January 12. Note …

Updated on 2023-01-04: Cloud-based Records Management Service Discloses Cyberattack Cloud-based digital records management company Cott Systems has notified customers that it suffered an “organized cyberattack” in late December. Cott disconnected its servers to isolate the infection. As a result, many local governments across the US have been forced to turn to manual processes for birth …

Updated on 2023-01-04: The Guardian is Still Working to Recover From Cyber Incident UK news publication The Guardian is still working to recover from a “serious network disruption” due to what is likely a ransomware attack that began on December 21. Two weeks after the fact, employees are being told to continue to work from …

Updated on 2023-01-11 SF BART ransomware The San Francisco Bay Area Rapid Transit (BART) is investigating an intrusion of its IT network after the Vice Society ransomware gang claimed to have compromised the agency via a blog post on their dark web leak site. The agency’s spokesperson told The Record that “no BART services or …

Updated on 2022-12-29: Comcast Xfinity account hacks Several Comcast Xfinity customers said they had their accounts hacked. The accounts were then used to reset passwords and bypass 2FA accounts on cryptocurrency portals like Gemini and Coinbase. @Xfinity How was it that users with 2FA had email password resets sent to Yopmail accounts after midnight. WTH, …

Updated on 2022-12-29: STEPPY#KAVACH APT Securonix has a report out on a spear-phishing campaign linked to the STEPPY#KAVACH APT that targeted Indian government officials. Securonix researchers described STEPPY#KAVACH as having “many common TTPs with the SideCopy/APT36 threat actors” that were previously linked to the Pakistan government. Overview Indian government officials were targeted in a new …

Updated on 2022-12-22: T-Mobile hacker sentenced Argishti Khudaverdyan, the owner of a T-Mobile retail who hacked into T-Mobile’s main network as part of a larger phone-unlocking scheme, was sentenced last week to 10 years in prison. Read more: Former Mobile Phone Store Owner Sentenced to 10 Years in Federal Prison for Multimillion-Dollar Scheme to Illegally …