#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

CISPA | Breaking Cybersecurity News | The Hacker News

New 'Loop DoS' Attack Impacts Hundreds of Thousands of Systems

New 'Loop DoS' Attack Impacts Hundreds of Thousands of Systems
Mar 20, 2024 DoS Attack / Network Security
A novel denial-of-service (DoS) attack vector has been found to target application-layer protocols based on User Datagram Protocol (UDP), putting hundreds of thousands of hosts likely at risk. Called  Loop DoS attacks , the  approach  pairs "servers of these protocols in such a way that they communicate with each other indefinitely," researchers from the CISPA Helmholtz-Center for Information Security said. UDP, by design, is a  connectionless protocol  that does not validate source IP addresses, making it susceptible to IP spoofing. Thus, when attackers forge several UDP packets to include a victim IP address, the destination server responds to the victim (as opposed to the threat actor), creating a reflected denial-of-service (DoS) attack. The latest study found that certain implementations of the UDP protocol, such as DNS, NTP, TFTP, Active Users, Daytime, Echo, Chargen, QOTD, and Time, can be weaponized to create a self-perpetuating attack loop. "It pairs two

Digital privacy, Internet Surveillance and The PRISM - Enemies of the Internet

Digital privacy, Internet Surveillance and The PRISM - Enemies of the Internet
Jun 17, 2013
If you have followed the startling revelations about the scope of the US government's surveillance efforts, you may have thought you were reading about the end of privacy, and about the Enemies of the Internet. " My computer was arrested before I was ." a perceptive comment by an internet activist who had been arrested by means of online surveillance.  Online surveillance is a growing danger for journalists, bloggers, citizen-journalists and human rights defenders. Over the last few years, law enforcement agencies have been pushing for unprecedented powers of surveillance and access to your private online communications. This week the PRISM surveillance scandal has consumed the Internet as the implications of massive scale U.S. Government spying begin to sink in. The US National Security Organization (NSA) is almost certainly one of (if not the) most technologically sophisticated, well-funded and secretive organizations in the world. The Prism initiative was launched by Na

Once there was a Privacy! Cyber Security bill #CISPA passed

Once there was a Privacy! Cyber Security bill #CISPA passed
Apr 22, 2013
The United States House of Representatives on Thursday voted to approve the highly controversial  cyber security bill CISPA , which stands for the Cyber Intelligence Sharing and Protection Act. The Bill called the Cyber Intelligence Sharing and Protection Act (CISPA) was presented under the guise National Security , but in reality opens up a loop hole for companies that collect personal information about their users and in some cases want to trade of even sell these to other companies for money or other services.  This was the second time that the US House of Representatives passed the CISPA. Senators had earlier rejected the first draft of this bill on the grounds that it wasn't providing enough for protecting the privacy. Some lawmakers and privacy activists worry that the legislation would allow the government to monitor citizens' private information and companies to misuse it. The first parts of CISPA are relevant and necessary. If we're " hacked ," CISPA a

Protecting Your Organization From Insider Threats - All You Need to Know

cyber security
websiteWing SecuritySaaS Security
Get practical insights and strategies to manage inadequate offboarding and insider risks effectively.

SHQ Response Platform and Risk Centre to Enable Management and Analysts Alike

SHQ Response Platform and Risk Centre to Enable Management and Analysts Alike
May 13, 2024Threat Detection / SoC / SIEM
In the last decade, there has been a growing disconnect between front-line analysts and senior management in IT and Cybersecurity. Well-documented challenges facing modern analysts revolve around a high volume of alerts, false positives, poor visibility of technical environments, and analysts spending too much time on manual tasks. The Impact of Alert Fatigue and False Positives  Analysts are overwhelmed with alerts. The knock-on effect of this is that fatigued analysts are at risk of missing key details in incidents, and often conduct time-consuming triaging tasks manually only to end up copying and pasting a generic closing comment into a false positive alert.  It is likely that there will always be false positives. And many would argue that a false positive is better than a false negative. But for proactive actions to be made, we must move closer to the heart of an incident. That requires diving into how analysts conduct the triage and investigation process. SHQ Response Platfo

Anonymous threatens to Hack Obama's State of the Union broadcast

Anonymous threatens to Hack Obama's State of the Union broadcast
Feb 13, 2013
The hacktivist group Anonymous says it's planning to block all live streams of President Obama's State of the Union address Tuesday night, in an operation entitled " Operation SOTU ". " We reject the State of the Union. We reject the authority of the President to sign arbitrary orders and bring irresponsible and damaging controls to the Internet, " the statement reads. " The President of the United States of America, and the Joint Session of Congress will face an Army tonight. " Anonymous group is upset with a pending Internet security bill. According to Anonymous and other Internet freedom activists, if the CISPA (Cyber Intelligence Sharing and Information Act) is passed it will infringe on online privacy and freedom. A Twitter account associated with Anonymous also hinted by tweeting ," ADVANCED WARNING: This year's State of the Union Address WILL be cancelled if internet regulation is passed by executive order #opLastResort " &qu

CISPA Returns back, Forget privacy reforms

CISPA Returns back, Forget privacy reforms
Feb 10, 2013
The Cyber Intelligence Sharing and Protection act (CISPA) will be reintroduced by House Intelligence Committee Chairman Mike Rogers (R-Mich.) and ranking member Rep. Dutch Ruppersberger (D-Md.) before the US House next week . CISPA would've allowed any company to give away all the data its collected on you if asked by the government and The bill that plan to introduce next week will be identical to the version of CISPA that passed the House last spring. May be the recent reports of cyber espionage against The New York Times and The Wall Street Journal,  along with attacks on the Federal Reserve 's Web site and on several U.S. banks have brought the issue back to the fore. " This is clearly not a theoretical threat - the recent spike in advanced cyber attacks against the banks and newspapers makes that crystal clear, " Rogers said in a statement. If implemented, An independent Intelligence Community Inspector General would review the government's use of any i
Expert Insights
Cybersecurity Resources