The DDoS attack originated from 121 countries and was powered by a small botnet of only 5,067 hacked IoT devices. Debra Ahmed reports: Cloudflare has reported stopping a record-breaking HTTPS DDoS attack (distributed denial of service attack) this month. The company claims this attack peaked at 26 million requests per second (RPS), making it the largest ever…
Category: Of Note
SCOOP: Glenn County Office of Education paid $400k ransom after ransomware attack
On May 12, the Sacramento Valley Mirror (SVM) reported on a ransomware attack on the Glenn County Office of Education and school districts. According to GlennCOE, the attack began in the early morning of May 10, and as SVM reported: Put out of commission systemwide for GCOE, school districts, and schools were the Internet, the…
Cybercriminals use reverse tunneling and URL shorteners to launch ‘virtually undetectable’ phishing campaigns
Stephen Pritchard reports: A new way of carrying out phishing attacks is being adopted by criminal groups – and it could make threat actors virtually undetectable, security researchers warn. The technique involves using ‘reverse tunnel’ services and URL shorteners to launch large-scale phishing attacks. What’s more, the groups using these techniques leave no trace. Instead, threat actors…
New Canadian cybersecurity bill to require mandatory reporting of ransomware, other attacks
Jim Bronskill reports: Businesses and other private-sector organizations would be required to report ransomware incidents and other cyberattacks to the government under a federal bill to be tabled today. The legislation is intended to flesh out Liberal government efforts to protect critical infrastructure following last month’s announcement that Chinese vendors Huawei Technologies and ZTE will be banned from Canada’s…
This is (One of Many Reasons) Why Districts Get Hit with Ransomware
Bill Fitzgerald writes: Even the smallest of school districts are complicated places. Communicating with stakeholders is hard to do well, and getting the details right is imperative. The details become even more important when school boards and superintendents try and communicate about school safety issues. When communication is done well, is not rushed, and goes…
Defensive Cyber Attacks Declared Legal by UK AG, Path Cleared to “Hack Back” When Critical Infrastructure & Services Attacked
Scott Ikeda reports: The Attorney General of the United Kingdom has declared the country can make use of defensive cyber attacks when “key services” (such as critical infrastructure and banks) are struck by foreign threat actors. The country is taking a formal position on extending international law to the digital realm, something that nations have…