by CIRT Team
Only Half of Those Who Paid a Ransomware Were Able to Recover Their Data[bleepingcomputer]
A massive survey of nearly 1,200 IT security practitioners and decision makers across 17 countries reveals that half the people who fell victim to ransomware infections last year were able to recover their files after paying the ransom demand. The survey, carried out by research and marketing firm CyberEdge Group, reveals that paying the ransom demand, even if for desperate reasons, does not guarantee that...
Read More
by CIRT Team
Vulnerable Apache Solr, Redis, Windows servers hit with cryptominers[helpnetsecurity]
Vulnerable servers of all kinds are being targeted, compromised and made to mine cryptocurrencies for the attackers. Apache Solr servers under attack SANS ISC handler Renato Marihno warns about an active campaign aimed at compromising Apache Solr servers. The campaign infected 1777 victims from February 28 to March 8. Of those, 1416 are Solr servers. The attackers are exploiting CVE-2017-12629 for gaining access to the...
Read More
by CIRT Team
How to Ensure Data Protection Regulation Compliance in Your Company [hackread]
Data protection has never been more important, and keeping up to date on your requirements as business is becoming a vital part of your business management. With the introduction of the General Data Protection Regulation (GDPR) that comes into effect in May 2018, it’s vital to ensure that you are protecting the data that your customers trust you with. As online security becomes increasingly important to businesses...
Read More
by CIRT Team
Trends 2018: The ransomware revolution [source: welivesecurity]
This is actually where I came in, nearly 30 years ago. The first malware outbreak for which I provided consultancy was Dr. Popp’s extraordinary AIDS Trojan, which rendered a victim’s data inaccessible until a ‘software lease renewal’ payment was made. And for a long time afterwards, there was not much else that could be called ransomware, unless you count threats made against organizations of persistent DDoS (Distributed Denial...
Read More
by CIRT Team
Cyber attacks becoming No. 1 business risk [source: helpnetsecurity]
SonicWall recorded 9.32 billion malware attacks in 2017 and saw more than 12,500 new Common Vulnerabilities and Exposures (CVE) reported for the year. “The cyber arms race affects every government, business, organization and individual. It cannot be won by any one of us,” said SonicWall CEO Bill Conner. “Our latest proprietary data and findings show a series of strategic attacks and countermeasures as the cyber...
Read More
by CIRT Team
ফেসবুক হ্যাক হলে ফোনে পাবেন পুলিশের সহায়তা [source: jugantor]
প্রযুক্তির এই যুগে সবচেয়ে জনপ্রিয় যোগাযোগমাধ্যম হচ্ছে ফেসবুক। পরিবার, বন্ধুবান্ধবসহ বিভিন্ন জনের সঙ্গে যোগাযোগের জন্য, বিশেষ করে যারা দেশের বাইরে অবস্থান করেন, তাদের জন্য ফেসবুকে যোগাযোগের বিকল্প নেই। কিন্তু অনেকের কাছে এই ফেসবুক কখনো কখনো হয়ে ওঠে আতঙ্কের নাম। পুরুষদের পাশাপাশি নিয়মিত ফেবসুক ব্যবহার করেন অনেক নারী। পুরুষদের চেয়ে ফেসবুক ব্যবহারের ক্ষেত্রে নারীদের সবচেয়ে বেশি সচেতন হতে হয়। সামান্য অসাবধানতার কারণে যে কোনো মুহূর্তে হ্যাক...
Read More
by CIRT Team
BGD e-GOV CIRT has successfully participated on APCERT Cyber Drill 2018
The Asia Pacific Computer Emergency Response Team (APCERT) today has successfully completed its annual drill to test the response capability of leading Computer Security Incident Response Teams (CSIRT) within the Asia Pacific economies. For the fifth time, APCERT involved the participation of members from the Organisation of the Islamic Cooperation – Computer Emergency Response Team (OIC-CERT) in this annual drill. The theme of this year’s...
Read More
by CIRT Team
Critical Alert: Multiple Vulnerabilities in PHP Could Allow for Arbitrary Code Execution
Description: Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow an attacker to execute arbitrary code. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications. Impact: Successfully exploiting the most severe of these vulnerabilities could allow for arbitrary code...
Read More
by CIRT Team
Preventing DDoS amplification attacks using memcached [source: redhat]
Environment Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Issue memcached is being used in DDoS amplification attacks I’m concerned about news of DDoS attacks using memcached Resolution Red Hat is aware of DDoS (Distributed Denial of Service) amplification attacks being performed by exploiting memcached servers exposed to the public Internet. These attacks take advantage of memcached communication using the UDP protocol for...
Read More
by CIRT Team
memcached on port 11211 UDP & TCP being exploited [source: senki]
UPDATE: As of 2018-03-02 ( Afternoon Update), more attack using the memcached reflection vector have been unleashed on the Internet. As shared by Akamai Technologies “memcached-fueled 1.3 Tbps Attacks,” the application factors are “Internet Impacting.” Mitigation and Remediation Efforts are reducing the number of potential memcached reflectors. Please keep up the good work. Operators are asked to port filter (Exploitable Port Filters), rate limits the port 11211 UDP traffic (ingress and...
Read More
