Singapore’s Banking Sector Moves Away from One-Time Passwords Amid Increased Phishing Risks In a significant shift aimed at enhancing cybersecurity, the Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) announced that retail banks will discontinue the use of one-time passwords (OTPs) for online account authentication…
Surge in DDoS Attacks Targeting Environmental Services Amid Global Climate Summit The environmental services sector has recently experienced an unprecedented increase in HTTP-based distributed denial-of-service (DDoS) attacks, which accounted for a staggering 50% of all HTTP traffic directed at this industry. This sharp rise, reported by Cloudflare in its fourth-quarter…
Polyfill.io Supply Chain Attack Compromises Over 110,000 Websites In a concerning development for e-commerce and web developers, Google has responded to a supply chain attack targeting the widely used Polyfill.io service. The attack follows the acquisition of the domain by a Chinese company, which has modified the JavaScript library "polyfill.js"…
AnyDesk, a prominent developer of remote desktop software, has publicly acknowledged a cyber incident that resulted in the compromise of its production systems. The attack was identified during a routine security audit, and the company clarified that it does not involve ransomware. Based in Germany, AnyDesk has alerted the appropriate…
Cybersecurity experts have identified a significant vulnerability within the RADIUS network authentication protocol, known as BlastRADIUS. This flaw could allow malicious actors to perform Mallory-in-the-middle (MitM) attacks, potentially bypassing essential integrity checks under specific conditions. The discovery raises alarms about the security of RADIUS, an acronym for Remote Authentication Dial-In…
Two individuals from Sudan have been indicted by federal authorities for orchestrating a series of extensive distributed denial of service (DDoS) attacks that targeted prominent technology firms as well as critical infrastructure and governmental entities around the globe. The operation, identified as Anonymous Sudan, is alleged to have launched tens…
Cybersecurity Weekly Recap: Takedowns, DDoS Attacks, and Emerging Threats The realm of cybersecurity continues to evolve with alarming speed, as evidenced by the latest developments in the threat landscape. One significant topic this week is the prevalence of "pig butchering" scams, alongside impactful government interventions and a staggering array of…
Cyber Attack Targets Russian State Media on Putin’s Birthday In a significant escalation in cyber hostilities, Ukraine has claimed responsibility for a cyber attack on Russian state media company VGTRK, which disrupted its operations on October 7. Reports from reputable sources, including Bloomberg and Reuters, detail the incident as an…
The U.K. National Cyber Security Centre (NCSC) is urging smart device manufacturers to align with new regulatory measures set to take effect on April 29, 2024. These regulations prohibit the use of default passwords, marking a significant shift toward enhancing cybersecurity for Internet of Things (IoT) devices. The legislation, known…
