News

Emerging cyberattacks and threats

• April 18, 2018 18 Apr'18

  Paul Kocher weighs in on Spectre flaws, vulnerability disclosure

  At RSA Conference 2018, Paul Kocher, who co-discovered the Spectre flaws, discussed the chip vulnerabilities and explained why disclosure and mitigation efforts were so troubled.

• April 17, 2018 17 Apr'18

  Device wars: Researchers track new IoT botnet DDoS attacks

  A variant of the Mirai IoT botnet is the suspected cause of distributed denial-of-service attacks on financial services companies earlier this year, according to Recorded Future.

• April 11, 2018 11 Apr'18

  RSAC 2018: Special conference coverage

  Find out what's happening at the information security industry's biggest event with breaking news and analysis by the SearchSecurity team at the RSA Conference 2018 in San Francisco.

• April 06, 2018 06 Apr'18

  Pipeline cyberattack shuts down natural gas company communications

  News roundup: A pipeline cyberattack shut down communications for several U.S. natural gas providers. Plus, Facebook removed accounts and pages run by the Russian IRA, and more.

• March 16, 2018 16 Mar'18

  Leaked report on AMD chip flaws raises ethical disclosure questions

  Researchers announced AMD chip flaws without the coordinated disclosure procedure, and a leak of the research to a short seller has raised further suspicions about the process.

• March 13, 2018 13 Mar'18

  Researchers claim AMD flaws threaten Ryzen, EPYC chips

  Ryzen and EPYC AMD flaws were partially detailed with just 24 hours' disclosure notice, despite potentially significant exploits, including secure processor takeover or security bypass.

• March 06, 2018 06 Mar'18

  Terabit DDoS attack hits 1.7Tbps and experts expect higher

  Five days after a record breaking terabit DDoS attack, a new 1.7Tbps DDoS attack was detected taking advantage of improperly secured memcached servers to launch a reflection attack.

• February 27, 2018 27 Feb'18

  Ad network cryptojacking attack bypasses ad blockers

  Qihoo 360's Netlab team discovered an online ad network has been bypassing ad blockers and running cryptomining software in the browsers of unsuspecting visitors.

• February 21, 2018 21 Feb'18

  Cryptojacking attacks hit enterprises' cloud servers

  Cloud security vendor RedLock discovered threat actors had gained access to several enterprise cloud environments, including Tesla's, and used them for cryptojacking schemes.

• February 21, 2018 21 Feb'18

  Risk & Repeat: Intel bug bounty tackles side channel attacks

  In this week's Risk & Repeat podcast, SearchSecurity editors examine Intel's new bug bounty for side channel attacks and what it says about Meltdown and Spectre.

• February 16, 2018 16 Feb'18

  SonicWall spots Meltdown exploits with machine learning tech

  SonicWall says its new deep memory inspection technology, which powers the vendor's Capture Cloud sandbox service, can block Meltdown threats and other zero-day attacks.

• February 07, 2018 07 Feb'18

  Risk & Repeat: Cryptomining malware on the rise

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss how the threat of cryptomining malware is evolving and what it means for enterprises and infosec vendors.

• February 05, 2018 05 Feb'18

  Cryptojacking malware using EternalBlue to build botnets

  Proofpoint researchers discovered a large Monero mining botnet that uses EternalBlue to spread, and it isn't the first time the Windows flaw has been used for cryptojacking.

• February 02, 2018 02 Feb'18

  Hackers use ATM jackpotting technique to steal $1M in US

  News roundup: Hackers used ATM jackpotting attacks to steal over $1M in the U.S. Plus, a fitness tracking app accidentally exposed the locations of military bases, and more.

• February 01, 2018 01 Feb'18

  Meltdown and Spectre malware discovered in the wild

  Nearly 140 samples of malware that exploit the Meltdown and Spectre vulnerabilities have been discovered by AV-TEST, but most samples are based on existing proof-of-concept code.