Two UK VoIP operators have had their services disrupted over the last couple of days by ongoing, aggressive DDoS attacks. The two firms are South Coast-based Voip Unlimited and London-based Voipfone.
Corelight said the Series D investment was led by Energy Impact Partners and brings the total raised to $160 million. Several previous investors also joined the latest funding round.
Administrative staffing agency Career Group, Inc. this week started sending notification letters to customers who were affected by a data breach that occurred in late June.
Two security vulnerabilities have been found in the Gutenberg Template Library & Redux Framework plugin for WordPress, which is installed on more than 1 million websites.
Google this week announced the release of Chrome 93 with a total of 27 security patches inside, including 19 for vulnerabilities that were reported by external researchers.
Cisco Talos highlighted the rise in abuse of proxyware that allows adversaries to manipulate compromised internet connections to generate illicit revenue. Attackers were also observed installing digital currency miners and info-stealers to earn additional revenue. In some cases, hackers even patch the client to block any warning that could alert the victim.
A new variant of Mirai botnet is exploiting a previously disclosed command injection vulnerability affecting WebSVN. The main purpose of this new version of the botnet is to perform a variety of DDoS attacks. Organizations are strongly recommended to have a robust patch management process to secure their infrastructure from such threats.
The messages contain fake alerts about the sites being involved in DDoS attacks. They contain a legal threat, along with a file in a Google Drive folder that reportedly offers evidence of the attack source.
LockFile, unlike other ransomware, doesn’t encrypt the first few blocks. Instead, it encrypts every other 16 bytes of a document. This technique is called intermittent encryption.
The new Vulnerability Rewards Programme (VRP) joins the Government Bug Bounty Programme and the Vulnerability Disclosure Programme, all of which work alongside the government’s own security checks.