DDoS booters now abuse DTLS servers to amplify attacks

Posted by & filed under Security Alerts.

DDoS-for-hire services are now actively abusing misconfigured or out-of-date Datagram Transport Layer Security (D/TLS) servers to amplify Distributed Denial of Service (DDoS) attacks. DTLS is a UDP-based version of the Transport Layer Security (TLS) protocol that prevents eavesdropping and tampering in delay-sensitive apps and services.

Energy giant Shell discloses data breach after Accellion hack

Posted by & filed under Security Alerts.

Energy giant Shell has disclosed a data breach after attackers compromised the company’s secure file-sharing system powered by Accellion’s File Transfer Appliance (FTA). Shell (short for Royal Dutch Shell plc) is a multinational group of petrochemical and energy companies with more than 86,000 employees in over 70 countries. It is also the fifth-largest company in the works… Read more »

Twitter images can be abused to hide ZIP, MP3 files

Posted by & filed under Security Alerts.

Yesterday, a researcher disclosed a method of hiding up to three MB of data inside a Twitter image. In his demonstration, the researcher showed both MP3 audio files and ZIP archives contained within the PNG images hosted on Twitter. Although the art of hiding non-image data in images (steganography) isn’t novel, the fact that the images can be hosted on a… Read more »

OVH data center burns down knocking major sites offline

Posted by & filed under Security News.

In a major unprecedented incident, data centers of OVH located in Strasbourg, France have been destroyed by fire. OVH is the largest hosting provider in Europe and the third-largest in the world. The cloud computing company provides VPS, dedicated servers, and other web services. Customers are being advised by the company to enact their disaster recovery plans after the… Read more »

European Banking Authority discloses Exchange server hack

Posted by & filed under Security News.

The European Banking Authority (EBA) took down all email systems after their Microsoft Exchange Servers were hacked as part of the ongoing attacks targeting organizations worldwide. EBA is part of the European System of Financial Supervision and it oversees the integrity orderly functioning of the EU banking sector.