Cloudflare on Wednesday said it detected and mitigated the largest ever distributed denial-of-service (DDoS) attack that measured at 29.7 terabits per second (Tbps). The activity, the web infrastructure and security company said, originated from a DDoS botnet-for-hire known as AISURU, which has been linked to a number of hyper-volumetric DDoS attacks over the past year. […]
As 2025 draws to a close, security professionals face a sobering realization: the traditional playbook for web security has become dangerously obsolete. AI-powered attacks, evolving injection techniques, and supply chain compromises affecting hundreds of thousands of websites forced a fundamental rethink of defensive strategies. Here are the five threats that reshaped web security this year, […]
Cybercriminals associated with a financially motivated group known as GoldFactory have been observed staging a fresh round of attacks targeting mobile users in Indonesia, Thailand, and Vietnam by impersonating government services. The activity, observed since October 2024, involves distributing modified banking applications that act as a conduit for Android malware, Group-IB said in a technical Read […]
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Read More
Iran’s top state-sponsored APT is usually rather crass. But in a recent spate of attacks, it tried out some interesting evasion tactics, including delving into Snake, an old-school mobile game. Read More
State-sponsored actors tied to China continue to target VMware vSphere environments at government and technology organizations. Read More
Global cybersecurity agencies published guidance regarding AI deployments in operational technology, a backbone of critical infrastructure. Read More
Remember when phishing emails were easy to spot? Bad grammar, weird formatting, and requests from a “Prince” in a distant country? Those days are over. Today, a 16-year-old with zero coding skills and a $200 allowance can launch a campaign that rivals state-sponsored hackers. They don’t need to be smart; they just need to subscribe […]
Leroy Merlin is sending security breach notifications to customers in France, informing them that their personal data was compromised. […] Read More
The vulnerability, which was assigned two CVEs with maximum CVSS scores of 10, may affect more than a third of cloud service providers. Read More