Akamai: DDoS attacks up thanks to criminal misuse of stress-test services
Criminals are tapping Web services advertised as tools to stress test customers’ networks but using them to launch DDoS attacks against their victims, according to Akamai.
Stories by Tim Greene
-
-
Biggest data breaches of 2015
Data breaches made big news in 2015 as measured by a variety of criteria that range from the number of records compromised to the types of data stolen to the potential threat to specific groups such as children.
-
SAFECode: How to ensure you’re buying safe software
The Software Assurance Forum for Excellence in Code (SAFECode) has issued guidelines to make it easier, especially for businesses trying to decide which products to buy.
-
Dell admits installing security hole on laptops, apologizes, offers fix
Dell acknowledges the root certificate it installed on its laptops was a bad idea and has issued instructions on how to remove it.
-
Dell computers shipping with potentially dangerous root certificate authority
At least some Dell laptops are shipping with a trusted root certificate authority pre-installed, something that those who discovered the CA are comparing to the Superfish adware installed on Lenovo machines that left them open to man-in the-middle attacks.
-
DARPA: Monitoring heat, electromagnetic and sound outputs could assess safety of IoT devices
DARPA is looking for a platform that can tell whether Internet of Things devices have been hijacked based on fluctuations in the heat, electromagnetic waves and sound they put out as well as the power they use.
-
Think Apple OS X is below the malware radar? Think again
Instances of Apple OS X malware are soaring this year, already totaling more than five times the number tallied over the previous five years combined, according to an in-house Bit9 + Carbon Black tally.
-
Cisco dedicates security project to 'pissing off the bad guys'
Following its disruption of a major distributor of Angler ransomware, Cisco is offering up free security consulting called Project Aspis for hosting providers that’s aimed at wiping out persistent attacks that abuse providers’ services and represent a threat to the rest of the Internet.
-
Report: US retailer Target failed to execute security basics
Target hired Verizon to figure out what was behind its 2013 data breach and Verizon found that the company’s security problems can be summed up as failure to do the basics.
-
Under DDoS attack? Look for something worse
When businesses are hit by noticeable DDoS attacks, three-quarters of the time those attacks are accompanied by another security incident, according to Kaspersky Lab.
-
Cisco security chief: 4 things CISOs need to survive
Cisco’s security consulting chief James Mobley outlines four areas CISOs need to develop their skills in order to keep up with the rapidly changing needs of corporate security.
-
Check Point’s SandBlast sandbox spells R.I.P for ROP attacks
Check Point is upgrading its sandboxing technology so it catches attacks earlier in the process and makes it harder for adversaries to evade detection.
-
Dell Oro Group: Check Point, Fortinet, Palo Alto making gains in security appliances
There’s a shift among the top security vendors that has Cisco remaining at the top of the heap but with Check Point Software, Fortinet and Palo Alto Networks making gains and pressuring Juniper Networks, according to new research from Dell’Oro Group.
-
Legal teams keep bending old laws to fit cybercrimes
Cybercrime laws lag behind the crimes themselves, leaving lawyers faced with creative use of criminal laws that were written before the Internet even existed.
-
Oracle CSO to customers: we don't need your (false positive) bug reports
Oracle's CSO thinks customers who reverse-engineer its code in attempts to find bugs should cut it out because they're not finding much worth acting on and, more importantly, they're violating their licensing agreements.
