Latest news with #DDoS
Daily Mirror
2 days ago
- Daily Mirror
Millions of Android users must switch off their devices immediately, check yours today
A worrying new Android attack has left around 10 million devices infected with a scary malware - check yours is not on this list. A new alert has been issued to Android users and it's not something anyone should ignore. The latest warning comes after the discovery that millions of devices have been infected with the so-called BadBox malware. This bug is not only capable of making cyber crooks serious amounts of money via annoying adware, but it could also expose users to concerning ransomware, which asks for money in exchange for personal data not being leaked. It's currently thought that around 10 million gadgets have even been exposed to BadBox 2.0, but this time it's not phones that are affected. Instead, it's other devices that also use a version of Android including tablets, projectors and streaming boxes. These very cheap and enticing products are being made in China and often come pre-loaded with BadBox. In a bid to end the attacks and keep consumers safe, Google is now trying to shut down this illegal operation with the US technology giant filing a lawsuit against those creating and selling the dodgy devices. "This botnet—called the 'BadBox 2.0' botnet—is already the largest known botnet of internet-connected TV devices, and it grows each day,' Google confirmed. 'Without warning, it could be used to commit more dangerous cybercrimes, such as ransomware or distributed denial-of-service ('DDoS') attacks.' Along with Google issuing an alert, the FBI has also had its say on the problems with the law agency urging consumers to be aware and turn things off if they think they have a device that could be infected. 'The public is urged to evaluate IoT devices in their home for any indications of compromise and consider disconnecting suspicious devices from their networks," the FBI said. Some of the known devices that have been purchased include Android TV boxes with model numbers X88 Pro 10, T95, MXQ Pro, and QPLOVE Q9. If you think you have bought a set-top box from an unofficial store - especially any of the ones mentioned above - it's worth checking to see if it Google Play Protect-certified. If it's not, be warned. Before buying a new device, it's also worth avoiding off-brand gadgets that aren't from a known manufacturer, as they could be targeted by Badbox 2.0. This malware can also be added after the box is installed in homes, so be careful when downloading apps and only access software from official.
Techday NZ
2 days ago
- Techday NZ
Cyber threats surge with rise in infostealers & Linux attacks
Barracuda Networks researchers have reported a notable rise in cyber threats over the past month, with substantial increases in infostealer attacks, threats targeting Linux servers, and suspicious login attempts to AWS consoles. Infostealer attacks Barracuda's SOC threat analysts identified a 35% increase in detections related to infostealer malware, which is used to steal credentials, hijack sessions, conduct cyber espionage, and facilitate data exfiltration. Interpol recently decommissioned 20,000 IP addresses linked to 69 infostealer variants. The report outlined the primary methods through which infostealers are delivered. Attack vectors include phishing emails urging users to click on malicious links or download infected attachments, drive-by downloads from websites, software exploits targeting unpatched vulnerabilities, and bundled software, especially pirated applications. Specific signs pointing to infostealer activity within an organisation include sudden or unusual account activity, a surge in help desk requests linked to lost credentials, system slowdowns, and unexpected pop-ups or ads, which may signal malware presence. "A robust endpoint security solution such as Barracuda Managed XDR Endpoint Security that can detect and block malware in real time is the best defence against infostealer malware." "Enforce the use of multifactor authentication (MFA) to make it harder for attackers to breach accounts even if credentials are compromised. Implement security awareness training for employees on the latest phishing tactics and safe browsing. Implement advanced email security to detect and block phishing attempts before they reach users. Keep systems and software updated with the latest security patches. Prevent employees from downloading and installing pirate versions of applications to their work accounts." Linux servers under threat The report also indicated a 56% jump in attacks on Linux servers. Among the reasons highlighted are a reported 3,300 new Linux vulnerabilities in 2025 alone, a 130% rise in the number of attacks over the previous year, and two critical vulnerabilities announced in June 2025. The widespread use of Linux systems for servers, cloud infrastructure, and IoT devices has contributed to these systems being frequently targeted. Threats include malware attacks such as ransomware, rootkits, backdoors, distributed denial of service (DDoS) attacks, exploitation of unpatched software flaws, and the hijacking of server resources for unauthorised cryptocurrency mining. Indicators of compromise might include traffic spikes to unfamiliar IP addresses, abnormal account behaviour, system slowdowns, and configuration changes to critical files. "Keep systems, including operating systems, and software updated with the latest security patches. Implement firewalls to restrict access to critical services and monitor incoming and outgoing traffic for suspicious activity." "Enforce strong password and authentication policies, and consider using key-based authentication for SSH (a cryptographic protocol for secure remote login) access to reduce the risk of brute-force attacks. Implement a robust backup and recovery plan to limit the operational impact and quickly restore services following an incident. Deploy an extended detection and response (XDR) solution - ideally covering endpoints, servers and networks - as this features intrusion detection systems (IDS) that monitor activity and alert administrators to potential threats in real time." AWS login concerns Analysts observed a 13% increase in suspicious login attempts to the AWS Management Console. While smaller than the increases seen for other attack categories, these attempts present notable risks, including credential theft, brute-force attacks, phishing using social engineering, and potential account takeover. A successful breach could allow attackers to manipulate AWS resources, exfiltrate data, or use compromised accounts for additional attacks. Warning signs include login attempts from unusual locations or IP addresses, a high number of failed logins, or sudden shifts in resource usage or account configurations. "Enforce the use of strong passwords and multifactor authentication (MFA) to make it harder for attackers to breach accounts even if credentials are compromised. Implement security awareness training for employees on the latest phishing tactics and safe browsing. Continuously check for and correct misconfigurations in cloud service settings. Implement network segmentation, and restrict employees' access permissions to limit access to sensitive areas of the network. Deploy an XDR cloud security solution that will check regularly for unusual login activity and flag any suspicious events." The report attributes these increases to a surge in cybercriminal activity targeting technological vulnerabilities and user awareness gaps, and outlines practical recommendations for organisations to reduce the risk of falling victim to such attacks.
Time Business News
4 days ago
- Business
- Time Business News
How Outsourced IT Support Strengthens Cybersecurity for Your Business
In today's digital age, cybersecurity is no longer an optional feature—it's a critical necessity. Cyber threats are becoming increasingly complex and relentless, targeting businesses of all sizes, across all industries. While larger corporations might have in-house teams equipped to manage security protocols, many small to medium-sized businesses find themselves vulnerable, either due to budget constraints or lack of internal expertise. This is where Outsourced IT Support steps in—not just as a reactive solution, but as a proactive partner that significantly strengthens your cybersecurity defenses. Let's take a deeper look at how outsourcing your IT services can become your greatest asset in protecting your business. Cyber attacks are no longer isolated incidents. From phishing emails and ransomware to DDoS attacks and data breaches, threats are now more organized, frequent, and financially damaging. The average cost of a cyber attack has skyrocketed, with even minor data breaches setting companies back by thousands—if not millions—of dollars. Moreover, the consequences go beyond monetary losses. Brand reputation, customer trust, legal penalties, and operational downtime can all be affected by even a single vulnerability. It's clear: a strong, proactive cybersecurity strategy is vital. But maintaining such a strategy in-house is no easy feat. It requires continuous training, updated technologies, and a dedicated team focused solely on security. That's why businesses are increasingly turning to Outsourced IT Support as a smarter, more efficient solution. When you outsource your IT support, you're gaining more than just help with tech issues—you're leveraging a full team of professionals with deep knowledge, hands-on experience, and access to advanced security tools. These experts are focused entirely on staying updated with the latest trends, vulnerabilities, and defense mechanisms in the cybersecurity world. With Outsourced IT Support, companies can achieve 24/7 monitoring, faster response times, and comprehensive support systems without the costs of hiring and training an internal team. That means your team can focus on running the business, while your outsourced partners focus on keeping it safe. This collaboration model has become a go-to for many business owners seeking both efficiency and peace of mind. One of the greatest advantages of outsourcing IT lies in the enhanced security framework it offers. Reliable Cybersecurity Services don't just react when something goes wrong—they anticipate, monitor, and neutralize threats before they can make an impact. A comprehensive cybersecurity strategy provided through outsourced support may include: Real-time threat detection and incident response Network vulnerability assessments Endpoint protection and mobile device security Firewall configuration and penetration testing Security awareness training for employees Regular data backups and disaster recovery plans This proactive approach helps businesses stay a step ahead of hackers, bots, and malicious actors, ultimately preventing breaches before they even happen. Outsourced IT providers offer around-the-clock monitoring that is essential in identifying unusual patterns and potential breaches. Many businesses only realize they've been hacked days—or even weeks—after the initial breach, by which time the damage is already implementing real-time alerts, security event logging, and consistent software updates, your Outsourced IT Support team can act immediately, minimizing damage and downtime. Patch management is also crucial. Cybercriminals often exploit unpatched vulnerabilities in commonly used software. An outsourced team ensures updates and patches are rolled out quickly, reducing the attack surface and strengthening your security position. As cyber threats evolve, so should your defenses. Relying on a single firewall or anti-virus software is no longer enough. This is where Managed IT Services shine, offering a layered security model. Layered protection typically includes: Multi-factor authentication (MFA) Email filtering to catch phishing attempts Encryption for data-at-rest and data-in-transit Secure cloud storage and access controls Device and endpoint monitoring With Managed IT Services, your business receives a tailored security plan designed to evolve alongside new threats and your growing business needs. Outsourcing this responsibility ensures your defense mechanisms stay current and robust—without requiring your internal team to stay up-to-date on every tech trend. Believe it or not, employees are often the weakest link in your cybersecurity chain. Clicking on suspicious links, downloading unapproved apps, or using weak passwords can open the door to significant IT Support providers often include employee training and awareness programs as part of their services. These training sessions equip staff with the knowledge to identify phishing scams, practice safe browsing, and follow security best practices. When your team knows how to spot red flags and avoid risky behavior, you're adding another layer of protection against internal and external threats. One of the key strengths of outsourcing your IT functions is flexibility. Whether you're a startup with minimal needs or a fast-growing company requiring advanced security protocols, outsourced providers can scale their services to match your requirements. Need to expand your remote workforce? Planning a merger or acquisition? Launching a new e-commerce platform? Your Outsourced IT Support partner can adjust their cybersecurity infrastructure accordingly, ensuring you're covered every step of the way. This adaptability ensures your business stays agile and secure, even during periods of growth and transition. Another hidden perk of outsourcing your IT is assistance with industry compliance standards. Many businesses are subject to strict data privacy regulations, such as GDPR, HIPAA, or PCI-DSS. Failing to meet these requirements can lead to legal issues and financial penalties. A knowledgeable outsourced team ensures your systems, processes, and storage practices are compliant with the relevant laws. They'll also help you prepare for audits, document processes, and create compliance reports—removing the burden from your internal staff. By trusting your Outsourced IT Support team with compliance, you reduce legal risks while demonstrating professionalism and accountability to clients and stakeholders. Even with the best security practices in place, the unexpected can happen. Whether it's a cyberattack, hardware failure, or natural disaster, a solid disaster recovery plan ensures your data is safe and your business can bounce back quickly. Outsourced IT partners implement and manage cloud-based backup systems and detailed recovery plans. These services ensure your data is frequently backed up, encrypted, and securely stored, so if an incident does occur, your business can resume operations with minimal disruption. A proactive approach to disaster recovery is a fundamental part of your overall cybersecurity strategy. One of the main reasons businesses hesitate to invest in cybersecurity is cost. Hiring a full-time in-house team, purchasing security software, and maintaining hardware can be expensive. Outsourcing offers a budget-friendly alternative that doesn't skimp on protection. With a fixed monthly cost and access to a team of experts, you're getting enterprise-level cybersecurity without the financial IT Support helps businesses cut costs while enhancing their security—making it a win-win solution. In an age where data is currency and threats are everywhere, robust cybersecurity isn't just a tech concern—it's a business imperative. As cybercriminals become more sophisticated, your security strategy must evolve as well. By investing in Outsourced IT Support, you're choosing a forward-thinking, scalable, and reliable method of protecting your business, your employees, and your customers. From real-time monitoring and proactive threat response to compliance support and employee training, outsourcing brings you the tools and expertise needed to thrive safely in the digital world. Don't leave your security to chance—choose to be protected, prepared, and empowered. Ready to enhance your cybersecurity strategy today? Partnering with professionals who specialize in Cybersecurity Services gives your business the protection it truly deserves. If you're looking for scalable, cost-effective support that evolves with your business, Managed IT Services are your ticket to better security and smoother operations. Make the smart move now, and explore the benefits of Outsourced IT Support that go beyond just tech troubleshooting—protecting your data, your brand, and your future. TIME BUSINESS NEWS
Straits Times
6 days ago
- Politics
- Straits Times
S'pore vulnerabilities are no different from those of other nation: Commissioner of Cybersecurity
Find out what's new on ST website and app. Singapore's Cyber Security Agency's chief executive David Koh warned that in this realm, Singapore's vulnerabilities are no different from those of any other nation. SINGAPORE – Cyber threat levels have heightened amid geopolitical rivalries, with some states trying to coerce countries such as Singapore into taking or refraining from certain actions. Singapore's Cyber Security Agency's chief executive David Koh warned that in this realm, Singapore's vulnerabilities are no different from those of any other nation. 'Train systems can be disrupted, power plants, water systems. It will move to a new dimension, where you will encounter real world harms that will affect all of us,' he said. Mr Koh, who is also the country's first Commissioner of Cybersecurity, holds legal authority to investigate cyber threats and incidents, ensuring the continuity of essential services during cyber attacks. 'W hen we first started, the majority of threats were straightforward – web face defacements, DDoS (Distributed Denial of Service) attacks. They were a bit more like digital graffiti,' said t he former defence specialist in the armed forces, who has been CSA's chief executive from its founding 10 years ago. July 18 marks its 10th anniversary. These threats have grown in complexities as the economy grew more interconnected through the use of digital services. That meant the agency had to extend its umbrella, working with the private sector, to cover the man on the street. For instance, in 2024, the agency partnered Google to launch Google Play Protect, which blocks malicious apps once detected. Google has since introduced the feature to countries such as Brazil, India, South Africa, Philippines, Thailand and Hong Kong. Top stories Swipe. Select. Stay informed. World Trump diagnosed with vein condition causing leg swelling: White House World Trump was diagnosed with chronic venous insufficiency. What is it? Singapore 5 foreigners charged over scheme to deliberately get arrested in S'pore to sell sex drugs here Asia Appointment of Malaysia's new chief justice eases controversy over vacant top judge seats for now Singapore Driverless bus in Sentosa gets green light to run without safety officer in first for S'pore Singapore SPCA appoints Walter Leong as new executive director World US strikes destroyed only one of three Iranian nuclear sites, says new report Business Granddaughter of late Indonesian tycoon pays $25 million for Singapore bungalow Mr Koh said that such a partnership would have been unimaginable 10 years ago. Today, besides chairing the United Nations' Open-ended Working Group on cybersecurity, Singapore is also passing on its knowledge to Asean neighbors and countries such as Japan , which is in the process of passing cybersecurity laws . 'It is in Singapore's interest to support the international rules-based system, not just physical trade, but goods and services are increasingly also being transacted digitally,' he said. Countries justifiably want control of their national security, and have different tolerance levels for personal data sharing, he said, noting that interoperability can still be achieved. Singapore, Britain, Germany and Australia also co-lead the International Counter Ransomware Initiative. Singapore businesses, despite CSA advice to refuse ransomware demands, routinely cave in, according to surveys. High-profile cases in 2024 included law firm Shook Lin & Bok, the Jumbo Group and Mustafa. Recent polls by global security services firms Bitdefender and Sophos found that firms here are more likely than their global peers to keep silent on security breaches, pay up and less likely to negotiate amounts. But there are no plans to legislate ransomware reporting, which is now voluntary. 'Cybersecurity, ultimately, is a risk management issue. It is not possible for us to mandate a standard of cybersecurity for everybody. It's not a one-size-fits-all,' he said. Instead, the CSA hopes to raise reporting by working with the Singapore Business Federation to offer help to victims. With 70 per cent of companies that support the country's essential services coming from the private sector, the CSA has over the years, evolved to assist businesses on security issues and working on training and professional standards. From about 70 employees when it was started, the outfit has since grown to a headcount of around 500. Singapore was one of the first countries to establish a cybersecurity agency and one of the first to have a Cybersecurity Act, which was enacted in 2018. The US, Britain, France, Australia were other leaders in the domain then. The agency's sphere now includes scams, national threats, cyber security certifications and data security, which it works on with other government agencies, businesses and institutes of education and training. Singapore's cyber maturity ranks well compared with many countries, but the issue is how it compares with a determined attacker, he said, urging Singaporeans to play a part. 'The weakest link can be the company that doesn't patch its software, uses weak passwords, or the supplier in the supply chain who makes a mistake, who doesn't take cybersecurity seriously. It could be the employee who clicks on the phishing email, or the individual customer who comes in and has unsafe practices.' Sometimes, extra security comes with friction. 'You need to recognise that this is a trade-off between convenience and security. Sometimes, it also translates into a little bit more cost. We must be willing to pay this cost.'
Time of India
7 days ago
- Entertainment
- Time of India
Epic Games humiliates Fortnite cheaters with lifetime ban and public apology
Image via: Epic Games In a rare intersection of justice and public humiliation, Epic Games has furthered its enforcement battles against Fortnite cheaters by suing two for damages and compelling them to publicly confess their wrongdoing on YouTube. One was a hacker conducting DDoS attacks on streamers, and the other a cheat seller and user. Both have now been permanently banned from playing the game and warned of legal repercussions should they continue their nefarious acts. Public Apology as Punishment Legal action was yet another weapon in the arsenal wielded by Epic Games against cheating in Fortnite; it was revealed on X on July 14. The official statement read thus: 'We took legal action against two people who cheated and broke our rules: one sold and used cheats, and the other carried out cyber attacks on content creators who were livestreaming gameplay (aka: DDoS attacks). Both have been ordered to stop these activities and are banned from playing Fortnite.' Apart from the uncommon severity of punishment, this case is peculiar because of the added requirement of public apology; the two had to upload apology videos on YouTube, admitting their guilt and acknowledging that they had caused harm to the Fortnite community. Who Are the Offenders? One of the banned players, Zebsi, perpetrated several DDoS attacks against some of the livestreamers. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like An engineer reveals: One simple trick to get internet without a subscription Techno Mag Learn More Undo The DDoS attacks overloaded the targets' internet bandwidth capacity, thereby preventing the live broadcast of gameplay. It was Zebsi's disruptive acts, despite a modest number of 2,000 followers, that brought him under serious legal scrutiny. An apology video followed soon after in which Zebsi showed remorse; however, due to the very brief written apology and a seemingly indifferent tone, most viewers were left disappointed. Another banned player, Mirrored, admitted to cheating in competitive matches as well as distributing those cheats to others. With only 200 followers on his YouTube channel, Mirrored posted a typed apology, accepting his lifetime ban and warning others not to distribute cheats. "I would like to apologize to the Fortnite community. I understand the consequences of my actions and will not be involved in cheating again." Apology to Epic Games and the Fortnite community Setting Precedent This is certainly not Epic's first strike against cheaters, but one of its most public. The company might have even settled the lawsuit that concerns tournament cheaters, and even donated money from winnings worth $20,000 to charity. By adding courtroom consequences with public apology, Epic sends a clear message: cheating isn't just unfair, it's unacceptable. Catch Rani Rampal's inspiring story on Game On, Episode 4. Watch Here!
