Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label trending news. Show all posts
trending news
CloudFlare cyber attack Cyber Attacks DDOS Attacks trending news

Cloudflare Blocks Largest DDoS Attack in History as Global Cyber Threats Surge

Cloudflare announced on Wednesday that it has detected and stopped the largest distributed denial of service (DDoS) attack ever recorded. 

The attack peaked at 29.7 terabits per second and lasted 69 seconds. The company said the traffic came from a botnet-for-hire called AISURU, which has been behind several extreme DDoS incidents over the past year. Cloudflare did not reveal the name of the targeted organization. 

AISURU has repeatedly targeted telecommunication companies, gaming platforms, hosting providers and financial services. 

Cloudflare said it also blocked another massive attack from the same botnet that reached 14.1 billion packets per second. Security researchers estimate that AISURU is powered by one to four million infected devices across the world. 

According to Cloudflare, the record-breaking event was a UDP carpet bombing attack that hit around 15,000 ports per second. The attackers randomised packet properties to get past defences, but Cloudflare’s automated systems detected and neutralised the traffic. Cloudflare has recorded 2,867 AISURU attacks since the beginning of 2025. 

Out of these, 1,304 hyper volumetric attacks happened in the third quarter of this year alone. In total, the company blocked 8.3 million DDoS attacks during the same period. That number is 15 percent higher than the previous quarter and 40 percent higher than the same period last year. 

So far in 2025, Cloudflare has mitigated 36.2 million DDoS attacks, and the year is not yet over. The company highlighted a rapid increase in network layer attacks, which now make up 71 percent of all recorded attacks. 

Meanwhile, HTTP DDoS attacks declined in comparison. The report also shows major changes in the global DDoS landscape. The number of attacks that went above 100 million packets per second jumped by 189 percent quarter over quarter. In addition, 1,304 attacks exceeded one terabit per second. 

Cloudflare noted that most attacks last for less than 10 minutes, which leaves very little time for manual intervention and can still cause long service disruptions. 

The list of attack sources is dominated by Asia. Indonesia has remained the world’s biggest source of DDoS attacks for an entire year, followed by other locations such as Thailand, Bangladesh, Vietnam, India, Hong Kong and Singapore. Ecuador, Russia and Ukraine make up the remaining top ten. 

Several industries have seen major increases in targeting. Attacks against the mining, minerals and metals sector rose sharply and pushed it to the 49th most attacked industry worldwide. The automotive industry experienced the largest jump and is now the sixth most attacked. 

DDoS attacks targeting artificial intelligence companies rose by 347 percent in September alone. Across all sectors, information technology and services faced the most attacks. Telecommunications, gambling, gaming and internet services were also among the hardest hit. 

The most attacked countries this year include China, Turkey, Germany, Brazil, the United States and Russia. Cloudflare said the scale and sophistication of current DDoS activity marks a turning point for global cybersecurity. 

The company warned that many organizations are struggling to keep up with attackers who now operate with far more power and speed than ever before.
Read more »
trending news
Cyber Security Cybersecurity Coalition NATO trending news

NATO Concludes Cyber Coalition Exercise in Estonia, Preparing for Future Digital Threats

 

NATO has wrapped up its annual Cyber Coalition exercise in Estonia after a week of intensive drills focused on protecting networks and critical infrastructure from advanced cyberattacks. 

More than 1,300 cyber defenders joined the 2025 exercise. Participants represented 29 NATO countries, 7 partner nations, as well as Austria, Georgia, Ireland, Japan, South Korea, Switzerland, Ukraine, the European Union, industry experts, and universities. 

The goal of the training was to strengthen cooperation and improve the ability to detect, deter, and respond to cyber threats that could affect military and civilian systems. 

Commander Brian Caplan, the Exercise Director, said that Cyber Coalition brings countries together to learn how they would operate during a cyber crisis. He highlighted that cyber threats do not stay within borders and that sharing information is key to improving global defence. 

This year’s exercise presented seven complex scenarios that mirrored real-world challenges. They included attacks on critical national infrastructure, cyber disruptions linked to space systems, and a scenario called “Ghost in the Backup,” which involved hidden malware inside sensitive data repositories. 

Multiple simulated threat actors carried out coordinated digital operations against a NATO mission. The drills required participants to communicate continuously, share intelligence, and use systems such as the Virtual Cyber Incident Support Capability. 

The exercise also tested the ability of teams to make difficult decisions. Participants had to identify early warning signs like delayed satellite data, irregular energy distribution logs, and unexpected power grid alerts. They were also challenged to decide when to escalate issues to civilian authorities or NATO headquarters and how to follow international law when sharing military intelligence with law enforcement. 

A British officer taking part in the event said cyber warfare is no longer limited to watching computers. Participants must also track information shared by media and social networks, including sources that may be run by hostile groups.

Over the years, Cyber Coalition has evolved based on new technologies, new policies, and new threats. According to Commander Caplan, the exercise helps NATO and its partners adjust together before a real crisis takes place. 

Cyber defence is now a major pillar in NATO’s training efforts. Leaders say large-scale drills like Cyber Coalition are necessary as cyber threats continue to grow in both sophistication and frequency.
Read more »
Vulnerabilities
malware News trending news Vulnerabilities

$1 Million WhatsApp Hack That Never Happened: Inside Pwn2Own’s Biggest Mystery

 

The world of ethical hacking saw an unexpected turn at the Pwn2Own Ireland 2025 competition, where an eagerly anticipated attempt to exploit WhatsApp Messenger for a record 1 million dollar prize was withdrawn at the last moment. Pwn2Own rewards researchers who responsibly discover and disclose zero day vulnerabilities, and this year’s final day promised a high stakes demonstration. 

The researcher known as Eugene, representing Team Z3, had been expected to reveal a zero click remote code execution exploit for WhatsApp. Such an exploit would have marked a major security finding and carried the largest single reward ever offered by the contest. Instead, organizers confirmed that Team Z3 pulled the entry, citing that their research was not ready for public demonstration. 

Dustin Childs, head of threat awareness at Trend Micro’s Zero Day Initiative which runs Pwn2Own events, said Team Z3 withdrew because they did not feel their work was ready. Childs added that Meta remains interested in receiving any valid findings, and that ZDI analysts will perform an initial assessment before passing material to Meta engineers for triage. 

The withdrawal sparked speculation across security forums and social media about whether a viable exploit had existed at all. Meta offered a measured response, telling press outlets that it was disappointed Team Z3 did not present a viable exploit but that it was in contact with ZDI and the researchers to understand submitted research and to triage lower risk issues received. 

The company reiterated that it welcomes valid reports through its bug bounty program and values collaboration with the security community. When approached, Eugene told Security Week that the matter would remain private between Meta, ZDI and the researcher, declining further comment. No public demonstration took place and the million dollar prize remained unclaimed. 

The episode highlights the pressures researchers face at high profile competitions, the importance of coordinated disclosure, and the fine line between proving a vulnerability and ensuring it can be safely handled. For vendors, competitions like Pwn2Own continue to be a vital source of intelligence about real world security risks, even when the most dramatic moments fail to materialize.
Read more »
trending news
Browser privacy risks data risks News Technology trending news

Why Deleting Cookies Doesn’t Protect Your Privacy

Most internet users know that cookies are used to monitor their browsing activity, but few realize that deleting them does not necessarily protect their privacy. A newer and more advanced method known as browser fingerprinting is now being used to identify and track people online. 

Browser fingerprinting works differently from cookies. Instead of saving files or scripts on your device, it quietly gathers detailed information from your browser and computer settings. This includes your operating system, installed fonts, screen size, browser version, plug-ins, and other configuration details. Together, these elements create a unique digital signature, often as distinct as a real fingerprint. 

Each time you open a website, your browser automatically sends information so that the page can load correctly. Over time, advertisers and data brokers have learned to use this information to monitor your online movements. Because this process does not rely on files stored on your computer, it cannot be deleted or cleared, making it much harder to detect or block. 

Research from the Electronic Frontier Foundation (EFF) through its Cover Your Tracks project shows that most users have unique fingerprints among hundreds of thousands of samples. 

Similarly, researchers at Friedrich-Alexander University in Germany have been studying this technique since 2016 and found that many browsers retain the same fingerprint for long periods, allowing for continuous tracking. 

Even modern browsers such as Chrome and Edge reveal significant details about your system through something called a User Agent string. This data, when combined with other technical information, allows websites to recognize your device even after you clear cookies or use private browsing. 

To reduce exposure, experts recommend using privacy-focused browsers such as Brave, which offers built-in fingerprinting protection through its Shields feature. It blocks trackers, cookies, and scripts while allowing users to control what information is shared. 

A VPN can also help by hiding your IP address, but it does not completely prevent fingerprinting. In short, clearing cookies or using Incognito mode provides limited protection. 

True online privacy requires tools and browsers specifically designed to reduce digital tracking. As browser fingerprinting becomes more common, understanding how it works and how to limit it is essential for anyone concerned about online privacy.
Read more »
trending news
AI news Cryptocurrencies Technology trending news

Decentralized AI Emerges as Counterweight to Big Tech Dominance

 

Artificial intelligence has undeniably transformed productivity and daily life, but its development has also concentrated power in the hands of a few corporations. Giants such as Google (Gemini), OpenAI (ChatGPT), X (Grok), and Anthropic (Claude) dominate the ecosystem, holding most of the computing resources, data, and top talent. 

This centralisation raises concerns about bias, privacy, and the unchecked influence of private firms over technologies that increasingly shape society. Critics argue that centralised AI models collect and monetise vast amounts of personal and corporate data with little transparency. 

A Stanford University study in 2025 found users perceive large language models to lean politically left, while controversies have emerged around Grok allegedly producing antisemitic rhetoric and Gemini misrepresenting historical figures. 

Beyond bias, scaling constraints are evident, data centres already strain global electricity use and are projected to consume 20% of global power by 2030. Centralised systems also create single points of failure, making them attractive targets for hackers. 

In response, interest in decentralised AI is accelerating. Valued at $550.7 million in 2024, the sector is expected to reach $4.33 billion by 2034. Unlike traditional models, decentralised systems keep raw data on local devices, sharing only trained insights across networks secured by blockchain. 

This distributes control among participants rather than concentrating it with a single company. The benefits are compelling. Individuals and organisations retain control over their data, deciding what to share. Training across a decentralised network introduces greater diversity of perspectives, reducing systemic bias. 

By distributing computation across devices, the model scales efficiently without relying on energy-hungry central servers. Security also improves without a central point of attack, blockchain adds resilience while much sensitive data never leaves the user’s device. 

Advocates link this shift back to early cypherpunk ideals. 

As Eric Hughes wrote in A Cypherpunk’s Manifesto, cryptography was meant to safeguard privacy and liberty in the digital age. While cryptocurrencies drifted toward profit-seeking, decentralised AI could represent a return to those original principles including rebalancing power, protecting privacy, and building a more sustainable digital future.
Read more »
Zscaler
Cybersecurity Attack Data Breach Data Theft trending news Zscaler

Zscaler Confirms Data Breach Linked to Salesloft Drift Supply-Chain Attack

 

Cybersecurity firm Zscaler has revealed it suffered a data breach after attackers exploited a compromise in Salesloft Drift, an AI-driven Salesforce integration tool. The incident is part of a larger supply-chain attack in which stolen OAuth and refresh tokens were leveraged to gain unauthorized access to Salesforce environments across multiple organizations. 

Zscaler confirmed that its Salesforce instance was one of the targets, resulting in the exposure of sensitive customer details. According to the company, the information accessed by threat actors included customer names, job titles, business email addresses, phone numbers, and geographic details. In addition, data related to Zscaler product licensing, commercial agreements, and content from certain support cases was also stolen. 

While Zscaler has not disclosed the number of affected customers, it emphasized that the breach was limited to its Salesforce system and did not compromise any of its products, services, or underlying infrastructure. 

The company stated that the unauthorized data access primarily took place between August 13 and 16, 2025, with some attempts occurring earlier. Although Zscaler has not detected any misuse of the stolen data, it has urged its customers to remain cautious of phishing emails and social engineering campaigns that could exploit the compromised information. 

In response to the incident, Zscaler has taken several steps to mitigate risks, including revoking all Salesloft Drift integrations with Salesforce, rotating API tokens across its systems, and implementing stricter customer authentication protocols when handling support requests. 

An internal investigation into the full scope of the breach is ongoing. The attack has been linked to a campaign attributed to the threat group UNC6395, which was previously flagged by Google Threat Intelligence. This group is believed to have targeted Salesforce support cases to collect highly sensitive credentials such as AWS access keys, passwords, and Snowflake tokens. 

Google researchers also noted that the attackers attempted to cover their tracks by deleting query jobs, although audit logs remained available for review. The compromise of Salesloft Drift has had wide-reaching consequences across the SaaS ecosystem, impacting companies including Google, Cisco, Workday, Adidas, Qantas, Allianz Life, and LVMH subsidiaries. 

In many of these cases, attackers used vishing tactics to trick employees into authorizing malicious OAuth applications, enabling large-scale data theft later exploited in extortion schemes. 

Both Google and Salesforce have since suspended their Drift integrations while investigations continue. Security experts warn that this incident highlights the growing risks of supply-chain attacks and the urgent need for stronger oversight of third-party integrations.
Read more »
VirusTotal
cyber attack Cyber Attacks Malware Attack trending news VirusTotal

VirusTotal Unmasks SVG-Based Phishing Campaign Targeting Colombia’s Judiciary

VirusTotal has uncovered a sophisticated phishing campaign that uses SVG (Scalable Vector Graphics) files to impersonate Colombia’s judicial system, tricking victims into downloading malware. 

The discovery was made possible after the platform’s AI-powered Code Insight feature added support for analyzing SVGs, enabling it to detect malicious behavior that traditional antivirus engines missed. 

SVG files are typically used to create images from lines, shapes, and text, but cybercriminals have increasingly exploited their ability to embed HTML using the element and execute JavaScript. 

In this case, the attackers crafted SVGs that rendered convincing portals mimicking Colombia’s judiciary, complete with case numbers, security tokens, and official-looking design elements to inspire trust. When opened, the fake portal displayed a simulated download progress bar and instructed users to retrieve a password-protected ZIP archive. 

The password itself was provided directly on the spoofed page, reinforcing the illusion of legitimacy. Once extracted, the archive contained four files, including a legitimate executable from the Comodo Dragon web browser that had been renamed to appear as an official judicial document. 

Alongside it was a malicious DLL designed for sideloading, as well as two encrypted files. If the victim ran the executable, the DLL would be silently loaded to install further malware on the system, expanding the attack’s reach. The initial detection of one malicious SVG led to a broader investigation, with VirusTotal identifying 523 additional SVG files that had been previously uploaded to its platform but evaded detection by conventional security software. 

This scale highlights both the effectiveness of the attackers’ strategy and the potential blind spots in existing defences. VirusTotal emphasized that its Code Insight AI played a critical role in exposing the campaign. 

Unlike signature-based antivirus tools, the AI system generates contextual summaries of suspicious code, flagging behaviors such as JavaScript execution within SVGs. 

“This is where Code Insight helps most: giving context, saving time, and helping focus on what really matters. It’s not magic, and it won’t replace expert analysis, but it’s one more tool to cut through the noise and get to the point faster,” the company noted. 

The case underscores the growing trend of cybercriminals exploiting unconventional file formats like SVGs to bypass security checks. 

As attackers innovate, experts warn that organizations must evolve their defences with AI-driven detection to close gaps left by traditional tools.
Read more »
UK Sochool cyber incidents
British cybersecurity Cyber Attacks trending news UK Sochool cyber incidents

UK Schools Trust Hit by Knock-On Effects of Intradev Cyber Breach

 

A cyberattack on Hull-based software developer Intradev is rippling across the UK education sector, with staff at the Affinity Learning Partnership warned their personal details may have been compromised. 

The trust, which runs seven schools and employs more than 650 staff serving around 3,000 pupils, confirmed that employees were notified after the breach came to light through Single Central Record Ltd (OnlineSCR), a service provider managing recruitment and Disclosure and Barring Service (DBS) checks. 

Scope of Exposure 

While some employees are believed to have only minimal details exposed, such as surnames, others face more severe risks. Sensitive information including passport numbers, driving licence details, and National Insurance numbers may have been leaked. 

In a letter to staff, the trust said, “We have written to all staff affected, including those with less data exposure, and included a list of precautionary steps. However, there is the potential that the impact on you could be more significant and we have been made aware of some additional support options.” 

The Information Commissioner’s Office (ICO) has advised that replacing passports or driving licences may not be immediately necessary. Still, legal experts warn the nature of the stolen data could leave individuals exposed to identity fraud. 

How the Breach Happened 

Intradev, which designs bespoke software for clients, discovered a digital intrusion on August 4. One of its customers, Access Personal Checking Services (APCS), a provider of criminal record checks alerted clients soon after. 

OnlineSCR, APCS’s sister company, was also affected due to its reliance on Intradev’s systems. With OnlineSCR acting as a repository of highly sensitive school workforce data, the fallout has been significant for trusts such as Affinity Learning Partnership. 

A legal briefing from Browne Jackson LLP noted that the compromised data varied between schools but could include addresses, Qualified Teacher Status (QTS) numbers, and other identification details. 

Support Measures 

To protect staff, Affinity is offering two years of CIFAS protective registration. The service ensures additional identity verification checks are carried out if fraudsters attempt to use stolen details to open accounts or apply for credit. 

Wider Implications 

The incident underscores the growing cybersecurity vulnerabilities of UK schools, which often hold valuable personal data but operate with limited IT security budgets. It also highlights how breaches at third-party providers can have far-reaching consequences for institutions that may otherwise have strong protections in place. As Intradev continues its investigation into the compromised files and systems, education trusts across the country are being reminded of the risks inherent in outsourcing critical services to external technology partners.
Read more »
Subscribe to: Comments (Atom)