Logo Logo
  • Home
  • Modshield SB
  • services
    • Application Security Testing
    • IoT Security Testing
    • Infrastructure Security Testing
    • Testing for Compliance
    • Red Team Exercise
    • Performance Testing
  • Training
    • Cybersecurity Awareness Program
    • Cybersecurity For Developers(Web Application)
    • Cybersecurity For Developers(Mobile Application)
  • Resources
    • Blog
    • CyberNews
  • About
    • Partners
    • Contact

Top Cyber news February Week 4

  • Home
  • Blog Details
February 25 2022
  • CyberNews

Phishing method bypasses MFA,  Carpet bombing DDoS attacks, and DeadBolt ransomware attacks learn this weeks’ top cyber news.

Devious phishing method bypasses MFA using remote access software

A new style of phishing allows threat vectors to bypass multi-factor authentication (MFA). This is done by making the unaware victims log their accounts directly on the hacker’s servers using a screen sharing system.

cyber news: A new style of phishing done by getting the unaware victims log their accounts directly on the hacker's servers utilising a screen sharing method.

Nowadays most of the systems use MFA, thus to bypass the authentication the hacker news access to the OTP – One-time password

Reverse proxy is a common method used to gain access to MFAs.

However, nowadays security measures are kept in a place that blocks logins or deactivates accounts when reverse proxies are detected

Carpet bombing DDoS attacks spiralled in 2021

Carpet Bombing is a DDoS attack that targets a range of addresses or subnets, which can contain hundreds or even thousands of destination IP addresses.

DNS has long been a most common target for DDoS attacks,

Common threats to DNS include 

  • Bad response to DNS query
  • Flood attacks
  • DNS tunnelling
cyber news: Carpet Bombing is a DDoS attack that targets a range of addresses or subnets, which can contain hundreds or even thousands of destination IP addresses

These attacks can be difficult to defend against without the appropriate technology and expertise, and rectifying problems can be time-consuming and costly.

According to a September 2021 Neustar International Security Council report, 

72% of organizations surveyed had experienced at least one DNS attack in the previous 12 months, and the impact was significant in 58% of cases. The most common types of DNS attacks were DNS hijacking (experienced by 47% of organizations in the past 12 months), followed closely by DNS flood, reflection/amplification or other types of DDoS attack (46%), DNS tunnelling (35%) and cache poisoning (33%). – show as an infographic.

Asustor NAS owners hit by DeadBolt ransomware attack

Owners of Asustor NAS drives found that data had been encrypted by ransomware and that cybercriminals are demanding a ransom in return.

Affected Asustor users have been posting on Asustor’s support forum about how they discovered their NAS drives have been hit by the DeadBolt ransomware.

Owners of Asustor NAS drives found that data had been encrypted by ransomware and that cybercriminals are demanding a ransom in return.

DeadBolt ransomware claims that victims were targeted simply because they were using Asustor NAS devices, and blamed on the vendor’s “inadequate security.”

Stay up to date with our cyber news blogs

Previous Post Next Post

Leave a Comment

Recent Posts

  • SOC 2 Compliance – Complete Guide
  • What is compliance and why do you need it?
  • OWASP WAF – Web Application Firewall
  • Top Cyber News April Week 3
  • Top Cyber News April Week 2

Recent Comments

  1. Vishnu on IEC 62443 – Cybersecurity for Industrial Automation and Control Systems

Archives

  • July 2022
  • June 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • June 2020

Categories

  • Blog
  • CyberNews
© Copyright 2020. Anada WordPres Theme By WordPressRiver