Two Chinese nationals were sentenced to prison for scamming Apple out of more than $2.5 million after exchanging over 6,000 counterfeit iPhones for authentic ones. […]
Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps
During a distributed denial-of-service campaign targeting organizations in the financial services, internet, and telecommunications sectors, volumetric attacks peaked at 3.8 terabits per second, the largest publicly recorded to date. The assault consisted of a “month-long” barrage of more than 100 hyper-volumetric DDoS attacks flood. […]
CISO Salary Surge: Fewer Job Changes, Bigger Paychecks for Experienced Cybersecurity Leaders
CISO salaries are getting higher and experience counts. Average annual compensation for these cybersecurity leaders is more than $550K.
The post CISO Salary Surge: Fewer Job Changes, Bigger Paychecks for Experienced Cybersecurity Leaders appeared first on SecurityWeek.
The Secret Weakness Execs Are Overlooking: Non-Human Identities
For years, securing a company’s systems was synonymous with securing its “perimeter.” There was what was safe “inside” and the unsafe outside world. We built sturdy firewalls and deployed sophisticated detection systems, confident that keeping the barbarians outside the walls kept our data and systems safe.
The problem is that we no longer operate within the confines of physical on-prem
The problem is that we no longer operate within the confines of physical on-prem
Dutch Government Blames a ‘State Actor’ for Hacking a Police Network
The hack of a police system that exposed contact details of all Dutch police officers was almost certainly carried out by hackers working for a foreign government, the justice minister said.
The post Dutch Government Blames a ‘State Actor’ for Hacking a Police Network appeared first on SecurityWeek.
Linux malware “perfctl” behind years-long cryptomining campaign
A Linux malware named “perfctl” has been targeting Linux servers and workstations for at least three years, remaining largely undetected through high levels of evasion and the use of rootkits. […]
New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking
Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software.
“Perfctl is particularly elusive and persistent, employing several sophisticated techniques,” Aqua security researchers Assaf Morag and Idan Revivo said in a report shared with The Hacker News.
“When a new user logs
“Perfctl is particularly elusive and persistent, employing several sophisticated techniques,” Aqua security researchers Assaf Morag and Idan Revivo said in a report shared with The Hacker News.
“When a new user logs
Why your password policy should include a custom dictionary
Utilizing a custom dictionaries helps strengthen your password policies. Learn more from Specops Software about how to build custom dictionaries in your Windows Active Directory password policy. […]
Jenkins Patches High-Impact Vulnerabilities in Server and Plugins
Jenkins has released patches for multiple high- and medium-severity vulnerabilities impacting the automation tool and several plugins.
The post Jenkins Patches High-Impact Vulnerabilities in Server and Plugins appeared first on SecurityWeek.
North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks
Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and likely other Southeast Asian countries.
The activity, dubbed SHROUDED#SLEEP by Securonix, is believed to be the handiwork of APT37, which is also known as InkySquid, Reaper, RedEyes, Ricochet Chollima,
The activity, dubbed SHROUDED#SLEEP by Securonix, is believed to be the handiwork of APT37, which is also known as InkySquid, Reaper, RedEyes, Ricochet Chollima,