Latest news with #Denial-of-Service
Scoop
16-07-2025
- Business
- Scoop
RedShield Enhances DDoS And Bot Attack Protection With 'Third Horizon'
RedShield, a web application security service using AWS technology, has introduced a new layer of security in response to the proliferation of ever-more-sophisticated Distributed Denial-of-Service (DDoS) and automated bot attacks. The new 'Third Horizon' protection that RedShield is introducing to its service thwarts DDoS attacks by disrupting the attack vector, requiring bad actors to respond in ways that cannot easily be managed by typical automated tools to gain access to a web application. 'Much of the security industry remains focused on traffic profiling via AI-driven anomaly detection," said Fabian Partigliani, Chief Executive Officer at RedShield. 'However, in the last three years automated, bot-driven threats have become both greater in scale and frequency and more sophisticated. 'As a result, traditional anomaly detection alone is no longer enough as a defence. In response to the escalation of DDoS and automated bot attacks, RedShield is introducing the 'Third Horizon' as the next evolution of DDoS and bot protection.' Practical barriers to bad actors The Third Horizon introduces additional practical barriers to automated attacks. When deployed to protect an application, and RedShield's controls detect suspicious activity, users seeking access to a web application must first provide a valid email address and then verify their identity via a code sent to that address. This adds friction and therefore cost to the attacker seeking to make automated attacks. While this may seem like a familiar two factor authentication approach, Third Horizon comes into play even when there is no existing user account. 'Third Horizon adds a layer of complexity that bad actors hate because it costs them more time, resources, and money,' says Partigliani. 'There are no simple technologies available to let them create enormous volumes of fake user accounts and then retrieve and enter verification for each one. An attacker will typically go and find an easier target.' Three layers of protection RedShield's protection operates on multiple horizons: First Horizon: Traffic Profiling: Blocking large volumetric attacks and obvious bad traffic. This is "table stakes" – necessary but not sufficient given the evolving attacks. RedShield uses "always on" volumetric protection from hyperscale cloud provider, AWS, to provide the best defence. Second Horizon: Sophisticated Bot Detection: Using advanced techniques to identify and block malicious bots that are trying to look legitimate. This raises attacker cost but is an ongoing arms race – determined attackers will find ways to evade detection. Third Horizon: Identity & Intent Challenge: When activity looks suspicious or systems are under particular strain, RedShield's controls can challenge the user, asking for an email address and only enabling access to the site when a code included in an email sent to that address is entered. As mass automated bot attacks cannot readily respond to this challenge at scale, this significantly increases the complexity and cost for the attacker, protecting critical applications while prioritising availability for legitimate users. Scale of threat According to the Imperva Bad Bot Report, almost half of all 2024 traffic was related to bot activity, with almost one third of the overall global traffic being connected to malicious bots. While attacks of greater than 1 terabit per second (Tbps) grew 1800% globally from Q3 to Q4 last year alone, a bigger concern is their sophistication. Bots mimic humans to take over accounts, scrape data, or overload specific functions like login pages or checkout processes. Attacks target APIs and business logic, putting New Zealand businesses at risks of operational disruption, data theft, and reputational damage. RedShield's service applies its three horizon approach and AWS' global infrastructure to protect organisations from even these latest threats. RedShield's Third Horizon will be available to customers in the coming weeks, on request, as an additional service for critical applications that need an extra layer of protection. RedShield solutions are available on the AWS Marketplace. About RedShield RedShield is the essential partner for enterprises needing a fast, effective security solution for difficult-to-fix application risks. Our expert-driven service, powered by AWS, not only blocks threats and provides application-specific fixes on-the-fly, without requiring code changes, but also includes comprehensive change management, vulnerability scanning, monitoring, 24/7 incident management and detailed reporting. RedShield secures your entire application landscape - from legacy systems to crown jewels - reducing risk, controlling costs, and enabling development teams to stay focused on growth.
Mid East Info
02-07-2025
- Business
- Mid East Info
AWS rolls out 3 key security capabilities at re:Inforce, helping customers simplify and scale - Middle East Business News and Information
New tools will allow customers to better protect their digital assets, identify important security issues, defend against cyberattacks, and more. • AWS is introducing three new enhanced security services to help organizations better manage emerging threats in the gen AI era. • AWS Security Hub helps teams identify and address critical issues in one unified location. • AWS Shield's new proactive network security analysis makes it easier to spot and fix security gaps before attackers can exploit them. • Amazon GuardDuty enhances its Extended Threat Detection to container-based environments, identifying complex attack patterns that might otherwise go undetected. United Arab Emirates, Dubai,July 2025 – Amazon Web Services (AWS) unveiled a suite of new security capabilities at AWS re:Inforce, to help customers of all sizes strengthen their digital defenses. AWS re:Inforce, the company's annual cloud security conference, brings together security experts, partners, and builders from around the world to collaborate on addressing emerging security challenges in the generative AI era. As organizations face increasingly sophisticated cyber threats, AWS announced a dozen new capabilities today aiming to simplify security management while providing even more comprehensive protection. Here are three of those key services: AWS Security Hub: helping customers quickly spot and prioritize active threats to their systems AWS Security Hub helps customers identify their most critical security issues and respond quickly to reduce risks. It acts as a kind of 'security command center,' connecting the dots between different types of security alerts and vulnerabilities. This helps security teams quickly spot and prioritize active threats to their cloud systems. By bringing everything together into one place, Security Hub provides a clearer picture of an organization's security status while eliminating the need to manually gather information from multiple security tools. AWS Security Hub is available in preview to AWS customers starting today. AWS Shield: proactively protecting customers' online systems AWS Shield is enhancing how it protects websites and online applications by proactively finding network security configuration mistakes and weaknesses. The service now creates a map of customers' security resources, identifying vulnerabilities to common attacks like SQL injections (when hackers try to access data through website forms) and Distributed Denial-of-Service, or DDoS, attacks (when attackers overwhelm websites with fake traffic to make them crash). AWS Shield provides an easy-to-understand dashboard that highlights issues by severity, along with step-by-step instructions for fixing problems quickly. Customers can even use Amazon Q, the most capable generative AI-powered assistant for work, to get guidance through simple conversations, rather than navigating complex security settings. Amazon GuardDuty: launching Extended Threat Detection for container-based applications AWS announced expanded capabilities for Amazon GuardDuty Extended Threat Detection (XTD), which now protects container-based applications running on Amazon Elastic Kubernetes Service (EKS). GuardDuty connects various security signals across customers' systems to detect sophisticated attack patterns that might otherwise go unnoticed. By monitoring EKS audit logs, runtime behavior, and AWS activity, GuardDuty can identify complex, multi-stage attacks. These improved detection capabilities allow security teams to spend less time investigating potential issues and more time addressing genuine threats, reducing the impact on business operations. Balancing AI innovation with safety concerns is within reach, but it requires unprecedented collaboration between governments and companies. As security challenges continue to evolve, AWS is committed to ensuring organizations stay ahead of potential risks. For example, AWS now has 100% multi-factor authentication enforcement for all root users across all types of AWS accounts. The new security capabilities announced today provide customers with deeper visibility, streamline security operations, and help protect their cloud environments more effectively. By building security capabilities that empower innovation and creating guardrails that give organizations the confidence to scale rapidly, AWS is helping customers build stronger security postures with less effort, allowing them to focus more resources on growth. About Amazon Web Services: Since 2006, Amazon Web Services has been the world's most comprehensive and broadly adopted cloud. AWS has been continually expanding its services to support virtually any workload, and it now has more than 240 fully featured services for compute, storage, databases, networking, analytics, machine learning and artificial intelligence (AI), Internet of Things (IoT), mobile, security, hybrid, media, and application development, deployment, and management from 114 Availability Zones within 36 geographic regions, with announced plans for 16 more Availability Zones and five more AWS Regions in Chile, New Zealand, the Kingdom of Saudi Arabia, Taiwan, and the AWS European Sovereign Cloud. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs. About Amazon: Amazon is guided by four principles: customer obsession rather than competitor focus, passion for invention, commitment to operational excellence, and long-term thinking. Amazon strives to be Earth's Most Customer-Centric Company, Earth's Best Employer, and Earth's Safest Place to Work. Customer reviews, 1-Click shopping, personalized recommendations, Prime, Fulfillment by Amazon, AWS, Kindle Direct Publishing, Kindle, Career Choice, Fire tablets, Fire TV, Amazon Echo, Alexa, Just Walk Out technology, Amazon Studios, and The Climate Pledge are some of the things pioneered by Amazon.
HKFP
02-06-2025
- HKFP
5% of Hong Kong critical infrastructure had ‘system vulnerabilities' in 2024, police cybersecurity report finds
Five per cent of more than 90,000 critical infrastructure facilities in Hong Kong had 'varying degrees of system vulnerabilities' last year, according to the cybercrime unit of the city's police force. Credential leakage and compromise, hijackable subdomains, and exposed cloud storage were three critical and high-risk vulnerabilities identified in the systems of some key infrastructure facilities in Hong Kong last year, the Cyber Security and Technology Crime Bureau (CSTCB) said in its Cybersecurity Report released on Sunday. The 36-page document was the CSTCB's first report on cybersecurity issues in Hong Kong and around the world. The bureau found that 89 per cent of the system vulnerabilities identified during the Internet-facing Assets Security Assessment conducted last year on key infrastructure were of medium or low risk. The remaining 11 per cent were critical and high-risk vulnerabilities. One of the medium- and low-risk vulnerabilities identified was email servers of key infrastructure being blacklisted. The CSTCB said it may indicate a compromise and possible integration into a botnet – a network of computers or devices infected with malicious software and remotely controlled by a cybercriminal or hacker. Other low-risk vulnerabilities included invalid or outdated cybersecurity certificates, weak cryptographic keys, unrestricted ports that can be exploited for malicious purposes, and hosting internal or sensitive systems on publicly accessible webpages. 'After the vulnerability testing, all identified system vulnerabilities were promptly patched, and the affected organisation [has] significantly enhanced their system security levels,' the report read. The CSTCB also reported that it 'processed over 25 million pieces of cyber threat intelligence' last year. Among these, around 440,000 specifically targeted Hong Kong. In addition, more than 280,000 phishing-related threats were detected in the past year. Phishing tactics can be used to conduct scams or serve as entry points for broader cyberattacks, the CSTCB warned. In some cases, perpetrators used phishing to hijack WhatsApp accounts in Hong Kong. The CSTCB recorded 2,547 cases of WhatsApp hijacking, which resulted in losses reaching HK$73.5 million. Sixty-five hacking incidents were recorded last year, with financial losses totalling HK$25.5 million. The number of ransomware cases stood at 46, with victims extorted for up to HK$38.8 million in total. The CSTCB also handled five cases of Distributed Denial-of-Service (DDoS) attacks, which resulted in losses of up to HK$4.6 million. 'Despite the large volume of cyber threat intelligence collected, the number of successful attacks remained comparatively low,' the report read. The CSTCB called on enterprises to learn from previous cybersecurity breaches and tackle issues such as inadequate access control and configuration, outdated and unpatched systems, and the lack of an effective threat detection mechanism, as some victim organisations took nearly 260 days to identify and contain a data breach. In March, Hong Kong passed a law to enhance safeguards for the city's key infrastructure systems against cyberattacks, imposing fines of up to HK$5 million for cybersecurity lapses. Under the law, critical infrastructure covers eight sectors: energy, information technology, banking and financial services, land transport, air transport, maritime, healthcare services, and communications and broadcasting. The term also refers to infrastructures 'for maintaining important societal and economic activities,' including research and development parks and major sports and performance venues.
Business Standard
12-05-2025
- Business
- Business Standard
Finance Minister highlights critical role of banking and financial sector in ensuring economic stability during heightened geopolitical tensions
Union Minister for Finance and Corporate Affairs Nirmala Sitharaman, recently convened a high-level meeting with the Managing Directors and CEOs of Public and Private Sector Banks and insurance companies amidst emerging security concerns arising from tensions at the border. Senior officials from the Department of Financial Services (DFS), Ministry of Finance, CERT-In, RBI, IRDAI and NPCI attended the meeting that focused on reviewing the banking sector's operational and cybersecurity preparedness, including digital applications such as internet banking and UPI. The Managing Directors and CEOs of all the banks and insurance companies apprised the Union Finance Minister about the measures they are undertaking, given the ongoing tensions at the border. Bank MDs & CEOs informed that cybersecurity measures have been reinforced throughout the banking system. Anti-DDoS (Distributed Denial-of-Service) systems have been implemented by banks to protect against massive cyber-attacks. To guarantee institutional readiness, mock drills have been held encompassing cybersecurity and disaster recovery scenarios at the highest levels. They apprised that phishing attempts are being actively watched, and staff members have received several internal alerts to increase awareness. Bank officials stated that their Security Operations Centre (SOC) and Network Operations Centres are fully operational and on high alert. These centres are coordinating closely with CERT-In and the National Critical Information Infrastructure Protection Centre (NCIIPC), facilitating real-time data sharing and threat monitoring. Sitharaman stressed on the critical role of the banking and financial sector in ensuring economic stability during heightened geopolitical tensions and challenging times. The Union Finance Minister directed all banks to remain fully alert and prepared to deal with any eventuality or crisis, ensuring uninterrupted access to banking & financial services for citizens across the country, especially in border areas. Sitharaman remarked that banking services, both physical and digital, must function without disruption and glitches, and emergency protocols should be updated and tested to handle any arising contingencies.
The Print
10-05-2025
- Business
- The Print
Indo-Pak conflict: Sitharaman asks banks to ensure uninterrupted services
Banking services, both physical and digital, must function without disruption and glitches, she said, adding that emergency protocols should be updated and tested to handle any contingencies. Addressing a meeting of CEO of banks and insurance companies on cybersecurity preparedness, the finance minister stressed the critical role of the banking and financial sector in ensuring economic stability in challenging times. New Delhi, May 9 (PTI) Finance Minister Nirmala Sitharaman on Friday asked banks to remain vigilant and take all steps to ensure uninterrupted services to customers in view of heightened military conflict between India and Pakistan. She advised banks to ensure the safety of bank employees and their families working at branches along the border areas. Sitharaman also directed banks to ensure their adequate safety by effectively coordinating with the security agencies, the finance ministry said in a statement after the high-level meeting. It was attended by top officials of banks and insurance companies and senior officials from the Department of Financial Services (Ministry of Finance), CERT-In, RBI, Irdai and NPCI. She also asked banks to ensure that citizens and businesses do not suffer under any circumstances, and priority must be given to seamless cash availability at ATMs, uninterrupted UPI and internet banking services, and continued access to essential banking facilities. Earlier in the day, public sector banks, including State Bank of India and Punjab National Bank, said their ATMs are fully functional, well-stocked, and that digital services are operating smoothly. Sitharaman reiterated that the government is firmly committed to national security and economic stability, noting that the country's banking and financial system remains robust and resilient. During the meeting, the finance minister reviewed operational and cybersecurity preparedness, including digital public-facing applications like internet banking and UPI. Bank MDs and CEOs informed that cybersecurity measures have been reinforced throughout the banking system. Anti-DDoS (Distributed Denial-of-Service) systems have been implemented by banks to protect against massive cyberattacks, the statement said. To guarantee institutional readiness, mock drills have been held covering cybersecurity and disaster recovery scenarios at the highest levels, it said, adding that they apprised that phishing attempts are being actively watched, and staff members have received several internal alerts to increase awareness. Bank officials stated that their Security Operations Centre (SOC) and Network Operations Centres are fully operational and on high alert, it said. These centres are coordinating closely with CERT-In and the National Critical Information Infrastructure Protection Centre (NCIIPC), facilitating real-time data sharing and threat monitoring, it added. To meet any eventuality, Sitharaman directed banks to conduct regular audits of their cybersecurity systems and data centres and ensure that all digital and core-banking infrastructure is fully firewalled and monitored around the clock to prevent breaches or any hostile cyber activity. She instructed banks to designate two dedicated senior officials identified at the headquarters, one for reporting all cyber-related matters and the other to ensure operational matters, including the functioning of bank branches and the availability of cash in ATMs. Both dedicated officers should report any incident to CERT-In/relevant agencies and DFS on a real-time basis, the statement said. In this regard, it said, banks were also asked to coordinate in real time with the Reserve Bank of India, CERT-In and relevant government agencies to ensure robust and agile information exchange and response. As regards the insurance sector, the finance minister asked insurance companies to ensure timely claim settlements and uninterrupted customer service. Sitharaman also said the Sponsor Banks should ensure that RRBs are well-supported during these times and hand-hold them for any issues that they are facing. PTI DP CS DP BAL BAL This report is auto-generated from PTI news service. ThePrint holds no responsibility for its content.
