As cryptomining continues to rule the cybercrime scenario, cybercriminals are designing innovative ways to drain people’s cryptowallets. Scammers are still doing their best to make the most out of their resources to launch leading-edge scam attempts. The increase in scams is mainly attributed to the failure in implementing appropriate fraud protection measures and unfortunately, popular cryptomining platforms including Coinbase and Bitcoin lack the necessary security features that they need to prevent fraudulent cryptomining activities.
SNMP is an Internet Standard protocol for collecting information about managed devices on IP networks. SNMP became a vital component in many networks for monitoring the health and resource utilization of devices and connections. For a long time, SNMP was the tool to monitor bandwidth and interface utilization. In this capacity, it is used to detect line saturation events caused by volumetric DDoS attacks on an organization’s internet connection. SNMP is adequate as a sensor for threshold-based volumetric attack detection and allows automated redirection of internet traffic through cloud scrubbing centers when under attack. By automating the process of detection, mitigation time can considerably be reduced and volumetric attacks mitigated through on-demand cloud DDoS services. SNMP provides minimal impact on the device’s configuration and works with pretty much any network device and vendor. As such, it is very convenient and gained popularity for deployments of automatic diversion.
In our last article, we discussed how cybercriminals are launching drive-by mining attacks to gain access to people’s crypto-wallets. In this article, we will continue the discussion, explain what ethical mining is and the reason why this area calls for much improvement.
One in three organizations hit by DDoS attacks experienced an attack against their DNS server. Why is DNS such an attractive target? What are the challenges associated with keeping it secure? What attack vectors represent the worse of the worst when it comes to DNS assaults? Based on research from Radware’s 2017-2018 Global Application & Network Security Report, this piece answers all those questions and many more.
Almost every day, someone calls me to inquire about how to deal with a compromised identity. It has become so common that I have come to the point of just assuming everyone has had their identity compromised in some way, shape or form after the last few years of large-scale data breaches.
In 2018, the trend of large data breaches continues with electronic toymaker Vtech settling for $650,000 after suffering a data breach that resulted in exposed personal information about millions of children. Just in the last few months, major breaches targeting payment processing systems at Chili’s, Rail Europe and Macy’s have occurred, resulting in the exposure of customers’ credit card details such as card numbers, CCV codes, expiration dates and in some cases additional information like addresses, phone numbers and emails.
Since June 2018, the Radware Threat Research team has monitored an ongoing APT against the Palestinian authority, featuring an updated version of the Micropsia malware with an advanced surveillance toolkit. This advanced persistent threat began in March 2017 and was reported by Cisco Talos and Check Point Software Technologies, infecting hundreds of machines thus far.
Android platforms are commonly characterized by the presence of Trojan-infected apps that have built-in cryptocurrency mining codes, which means that mobile users are highly susceptible to malicious cryptocurrency mining attacks. It is quite alarming to note that cyber criminals deploy malicious APKs that are delivered through SMS spam and cryptocurrency miners into people’s mobile devices and the modus operandi is similar to that of Windows malware. In fact, attackers find it quite easy to add miners to apps that are already malicious. For example, cyber criminals could easily add miners on apps that were infected with the Loapi Trojan, an SMS Trojan that could deliver ads. Loapi caused a high degree of strain on the processor, which caused overheating of the batteries which, in turn, shortened the lifespan of the Androids.
Organizations are losing the cybersecurity race.
Cyber threats are evolving faster than security teams can adapt. The proliferation of data from dozens of security products are outpacing the ability for security teams to process it. And budget and talent shortfalls limit the ability for security teams to expand rapidly.
The question is how does a network security team improve the ability to scale and minimize data breaches, all the while dealing with increasingly complex attack vectors?
The answer is automation.
In my last article, I was discussing how malicious cryptocurrency mining is all set to exploit technological as well as human vulnerabilities this year. In this article, I will continue digging deeper and discuss its patterns of invasions.
Distributed Denial of Service (DDoS) attacks have entered the 1 Tbps DDoS attack era. However, Radware research shows that DDoS attacks are not just getting bigger; they’re also getting more sophisticated. Hackers are constantly coming up with new and innovative ways of bypassing traditional DDoS defenses and compromise organizations’ service availability.