Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber News. Show all posts
trending news
Cyber Attacks Cyber News DDOS Attack ransomware news trending news

DDoS Attacks Emerge as Geopolitical Weapons in 2025

 

The first half of 2025 witnessed more than 8 million distributed denial-of-service (DDoS) attacks worldwide, according to new figures from Netscout. The EMEA region absorbed over 3.2 million incidents, with peak strikes hitting 3.12 Tbps in speed and 1.5 Gpps in volume. Once used mainly to cause digital disruption, DDoS has now evolved into a strategic instrument of geopolitical influence. 

Adversaries are increasingly timing attacks to coincide with politically sensitive moments, striking at critical infrastructure when disruption carries maximum impact. The surge highlights how cheap and accessible DDoS-for-hire services have lowered the bar for attackers, enabling even novices to launch campaigns using AI-driven automation, multi-vector strikes, and carpet-bombing techniques. 

Botnets and Hacktivist Tactics

In March 2025 alone, attackers executed over 27,000 botnet-powered DDoS campaigns, often exploiting existing IoT vulnerabilities rather than new flaws. That month averaged 880 bot-driven incidents daily, peaking at 1,600. The assaults lasted longer too, averaging 18 minutes 24 seconds as adversaries combined multiple attack vectors to evade defenses. 

Among hacktivist actors, NoName057 remained dominant, launching TCP ACK floods, SYN floods, and HTTP/2 POST attacks against governments in Spain, Taiwan, and Ukraine. A newer group, DieNet, carried out more than 60 strikes against targets ranging from U.S. transit systems to Iraqi government sites, expanding its scope to energy, healthcare, and e-commerce. 

“As hacktivist groups leverage automation and AI-driven tools, traditional defenses are being outpaced,” warned Richard Hummel, Director of Threat Intelligence at Netscout. 

He emphasised that the rise of LLM-enabled malware tools like WormGPT and FraudGPT is deepening the risk landscape. While the takedown of NoName057(16) slowed activity temporarily, Hummel cautioned that resilience, intelligence-led strategies, and next-generation DDoS defenses are essential to stay ahead of evolving threats.
Read more »
US data protection law
CFPB Regulations Cyber News Data protection law Data Regulation Privacy US data protection law

CFPB US Agency Proposes Rule to Block Data Brokers from Selling Sensitive Personal Information

The Consumer Financial Protection Bureau (CFPB) has proposed a groundbreaking rule to restrict data brokers from selling Americans’ personal and financial information, marking a significant step toward strengthening privacy protections in the digital age. The rule, introduced under the Fair Credit Reporting Act (FCRA), targets practices that exploit regulatory loopholes, particularly the sale of sensitive data such as Social Security numbers and phone numbers.

CFPB's Initiative to Curb Data Exploitation

CFPB Director Rohit Chopra emphasized the agency’s commitment to addressing the “widespread evasion” of federal privacy laws by data brokers. He noted that these companies often operate outside the regulatory frameworks governing credit bureaus and tenant screening firms, profiting from data sales while exposing consumers to significant risks. 

"This rule represents a decisive step to ensure that those trafficking in Americans' most sensitive information face accountability," Chopra stated during a press briefing.

The proposed rule aims to reclassify data brokers under the same legal framework as credit bureaus and background check companies, thereby closing a longstanding regulatory gap. It would impose restrictions on selling data that identifies individuals, such as Social Security numbers, income histories, and credit scores, limiting the ability of data brokers to monetize private information.

Building on Momentum from Federal Initiatives

The CFPB’s proposal aligns with momentum from President Biden’s recent executive order targeting the sale of Americans’ personal data. The move reflects growing public and governmental scrutiny of data brokers, who have faced criticism for exploiting lax regulations to generate profits at the expense of consumer privacy.

Chopra underscored the dangers of unregulated data sales, describing the risks as "staggering." He highlighted the threat to individuals and national security posed by the unrestricted availability of Americans’ private information to virtually anyone willing to pay.

FCRA and the Call for Stronger Privacy Protections

The FCRA, enacted in 1970, was designed to ensure the privacy and accuracy of consumer data managed by reporting agencies. However, the absence of comprehensive national data protection laws has left Americans more vulnerable compared to citizens in other Western democracies.

If enacted, the new rule would represent a significant step in federal efforts to regulate data brokers, building on Congress’s original intent in passing the FCRA—to protect Americans’ personal data. The public will have until March 2025 to provide comments on the proposed rule, which could face challenges from the incoming administration's deregulatory stance.

Bipartisan Support and Industry Reactions

Despite potential political obstacles, Chopra pointed to bipartisan acknowledgment of the risks posed by data brokers: "This isn’t a partisan issue. The dangers of unregulated access to Americans’ private data are recognized across the political spectrum."

Stakeholder reactions, including those from consumer advocacy groups and the data broker industry, are expected to shape the final form of the rule. While some industry players may resist the changes, advocates for stronger privacy protections view the proposal as a much-needed step to safeguard consumer rights in an increasingly data-driven economy.

Potential Impact on the Digital Economy

If adopted, the rule would signify a pivotal shift in how sensitive data is handled in the U.S., setting a potential precedent for broader privacy protections. By regulating data brokers more stringently, the CFPB aims to strike a balance between protecting privacy rights and accommodating commercial interests.

Next Steps for the Proposed Rule

To advance the proposal, the CFPB recommends:

  1. Engaging Public Feedback
    Encourage diverse stakeholders to participate in the comment period to address concerns and refine the rule.
  2. Strengthening Compliance Mechanisms
    Develop clear guidelines and enforcement measures to ensure adherence by data brokers.
  3. Collaborating with Lawmakers
    Build bipartisan support to overcome political hurdles and facilitate legislative backing for the rule.
  4. Raising Awareness
    Educate consumers about their privacy rights and the implications of data sales on their personal security.

Looking Ahead

As the CFPB leads the charge on this critical issue, the debate over privacy rights versus commercial interests enters a decisive phase. The proposed rule has the potential to reshape the digital economy’s relationship with personal data, paving the way for stronger consumer protections and greater accountability among data brokers.

Read more »
Safety
Central Bank of Lesotho Cyber News Cyber Security Cyberattack Intelligence Cloud Outages Safety

Cybersecurity Incident Causes Outage at Lesotho's Central Bank

 

Lesotho's central bank is grappling with widespread disruptions following a cyberattack detected earlier this week. The landlocked country, surrounded by South Africa and home to over 2 million people, disclosed multiple statements acknowledging the impact of the recent cyber incident on various systems.

In an official announcement on Tuesday, the Central Bank of Lesotho revealed, "The Central Bank of Lesotho advises the public that, on Monday 11th December 2023, it experienced a cybersecurity incident on its systems. The Bank has investigated the matter and is working around the clock to restore the systems."

Despite assuring the public that no financial losses occurred, the bank has suspended certain systems to prevent further intrusion by the attackers. Consequently, the suspension may lead to delayed payments as the institution focuses on restoring normalcy to its systems.

In a subsequent statement on Wednesday, in conjunction with the Bankers Association of Lesotho, it was revealed that the National Payments System's continued downtime is hindering inter-bank transactions across the country. Although technical teams are actively addressing the issue, officials have agreed to implement business continuity processes and measures to facilitate payments and transactions among banks. However, the specifics of these alternatives were not detailed in the statement.

Local news sources reported concerns about the potential impact on the exchange rate, given that Lesotho's currency, the Loti, is pegged to South Africa's rand. This cyber incident adds to a series of cybersecurity challenges faced by South Africa, including ransomware attacks on the state-owned Development Bank of Southern Africa in June and the Defense Department in September, which almost caused an international incident during the BRICS Summit in Johannesburg.

Earlier this week, cybersecurity company Zimperium reported an increase in cyber threats, with 29 malware families targeting 1,800 banking applications across 61 countries over the past year. This marks a significant escalation compared to 2022, where researchers identified 10 prolific malware families targeting 600 banking apps.
Read more »
Vkontakte
Cyber News Mobile Security Pavel Durov Russia Telegram Telegram Messenger Ukraine VK Vkontakte

Telegram has Experienced a Global Outage

 

On Thursday, March 3, the popular messenger Telegram experienced a failure. Users reported about the problems on the website of the service Downdetector, which tracks problems with access to Internet resources. 

According to Downdetector, the failure occurred at about 14 o'clock Moscow time. The majority of those who left complaints (56 percent) reported problems with the server connection. Users also noted problems with receiving messages (22 percent) and the operation of the application (23 percent). 

The failure affected residents of Russian cities, including Moscow and St. Petersburg. Users from Ukraine and Belarus also complained about the problems. 

The other day Pavel Durov published the following statement: "We do not want Telegram to be used as a tool to exacerbate conflicts and incite interethnic discord. In the event of an escalation of the situation, we will consider the possibility of partially or completely restricting the operation of Telegram channels in the countries involved during the conflict." 

According to him, recently Telegram has been increasingly used to spread fakes and unverified data related to the war, and the administration does not have the opportunity to check all publications for authenticity. However, soon Durov promised not to limit the work of the messenger in Ukraine. 

According to him, "a lot of users have asked us not to consider disabling Telegram channels for the period of the conflict, since we are the only source of information for them." But he urges users to "double-check and not take for granted the data that is published in Telegram channels during this difficult period." 

It is worth noting that in the week since the beginning of Russia's military operation in Ukraine, news channels in the Telegram messenger have added 19.5 million new subscribers. Another Russian social network, created at the time by Pavel Durov, is experiencing a new surge in popularity due to technical problems of other social networks. In VK, views in the news feed increased by 5% over the week, and the average daily number of video views increased by 15%. People are looking on platforms for up-to-date information from media that are subject to hacker attacks, and from eyewitnesses of events. 

Earlier, CySecurity News reported that three popular foreign social networks - Facebook, Instagram and Twitter began to receive complaints from residents of Russia in large numbers.
Read more »
malware
Cyber News Cyber Security News Cybersecurity Malicious actor malware

VIP72: 15-Year-Old Malware Proxy Network Goes 'Dark' Without Notice



A 15-year-old cybercrime anonymity service called VIP72, in the past, allowed a large number of cybercriminals to cover up their actual location by routing traffic via dozens of hacked computers seeded with malware – suddenly went offline for a period of two weeks and has not shown any signs of return. 

Similar to other proxy networks advertised on the darknet and other cybercrime forums, VIP72 also routed its clients' traffic via systems that have been infected by malware. Employing the malicious service, users could choose network nodes in almost any of the countries to relay their traffic as they conceal themselves behind some unsuspecting user's URL. 

Over the past few days, the darknet has been flooded with  "R.I.P" texts for the malware proxy network, VIP72 that went dark without any prior notice. Initially, the authors of VIP62 told their customers that they will be back online shortly, indicating it's a maintenance issue that's restricting their operations. “Sorry for the inconvenience but we're performing some maintenance at the moment. We'll be back online shortly!”, read a notice titled “We'll be back soon!” 

It was updated to read, “Socks client will be unavailable within next 5 (FIVE) days for planned upgrades. We will resume normal work of socks client till the end of this week. All active subscriptions will have +8 days to existed paid period.” 

“—We only work on web vip72.com and sellvip72.com/en. Do not access fraudulent websites on google search e.g: vip72.cx, .us etc...”, the notice further read in 'red' letter font. 

Originally set up in 2006, VIP72, had a long run assisting malicious actors in concealing their real location via a well-founded proxy service. Basically, the proxying service of VIP72 effectively obscured the identity and true location of malware campaigners by routing their traffic via multiple network bounces. In a nutshell, VIP72 essentially offered its customers safety from the security police. 

However, ironically enough, the U.S.-hosted proxy service itself has presumably faced something serious, perhaps, a case of policing. Other experts speculate, that VIP72 might have experienced trouble in competing against newly emerged sophisticated anonymity network services. Although the reason behind VIP72's sudden disappearance remains unclear and the website has gone offline for two weeks now, the proxy service is still accessible to some of the users, which makes sense as the compromised hosts would still be infected with the malware and will indefinitely continue to forward traffic for as long as they remain under the effect of proxy malware.
Read more »
Ukraine
Bank Cyber Security Cyber Crime Cyber News PrivatBank Ukraine

Ukraine’s PrivatBank Database for Sale on a Hacking Forum

 

PrivatBank is the biggest commercial bank in Ukraine, as far as the number of customers, assets value, loan portfolio, and taxes paid to the national budget are considered. Headquartered in Dnipro, in central Ukraine, the bank was nationalized by the government of Ukraine to ensure its 20 million clients and to preserve "financial stability in the country", on 18 December 2016. 

As per their site, PrivatBank's net profit for 2020 was 25.3 billion UAH, which is around $910 million. The database is said to contain 40 million records of customers such as full name, DOB, taxpayer identification number, place of birth, passport details, family status, etc. 

Ukraine has a population of 44 million, and the database’s 40 million records would cover 93% of the population. In any case, it isn't evident whether these are unique records, and it would be improbable that PrivatBank has records of 93% of Ukraine's population, considering ages that wouldn't have bank accounts. 

The threat actor is asking $3,400 in bitcoin for the release of the database. At the point when CyberNews took a gander at the bitcoin address provided, it gives the idea that nobody has purchased the database yet from that specific wallet. However, it is additionally conceivable that the threat actor is generating another wallet for each sale, a process that can be done automatically.

In 2016, hackers allegedly took $10 million from the bank through a loophole in the SWIFT international banking system. Before then, in 2014, the pro-Russian hacker group CyberBerkut asserted credit for hacking into the bank and mining client information, and afterward publishing the information on the Russian social media platform VKontakte. This was obvious retaliation for a PrivatBank accomplice who offered a $10,000 bounty for capturing Russian-backed militants in Ukraine. Earlier in 2014, another group named Green Dragon asserted credit for a DDoS assault on PrivatBank and guaranteed it got to client information during the assault. 

A 2018 report by a US corporate investigations company stated that “PrivatBank was subjected to a large scale and coordinated fraud over at least a ten-year period ending December 2016, which resulted in the Bank suffering a loss of at least USD 5.5 billion.”
Read more »
Smart Watch
Apple Apple Watch Cyber News Health Series 4 Smart Watch

Apple Series 4 Watches- Primary Focus on Health; A Bridge between Users and Doctors!





Last year apple made a gigantic announcement for its “Watch Fanatics”. That’s right, the Series 4 which is bulked with heart monitoring, ECG and fall detection for a richer doctor-patient relationship.

Apple’s VP of Health , Dr. Sumbul Desai voiced that the latest products are being designed in regard with the “partnership with your physician”.

As it happens, before associating with Apple, Dr. Desai was the vice-chair of strategy and innovation for the department of medicine at Stanford Medical.

According to her there is something “sacred and special” about the doctor-patient dynamic and if ways could be found to make it better they should be thought upon.

The Apple watches will make it all the easier for doctors as well as patients to focus more on counselling than collecting data and doing research.

The Apple watch would help capture the data and then give it to the physician in “a meaningful way”. This will help the sessions be more productive.


Apple, with the announcement of Series 4 and related health features is certainly looking forward to expanding its hold in the health industry.

Apple is all about, according to Dr. Desai, empowering consumers and guiding them towards a better understanding of health.

The Apple Watch is a device that will help you stay connected and aid you to be healthier and fit especially with the newly introduced activity trends in watch OS 6.

The other features of the excitingly fantastic compact device include the noise app, cycle tracking and heart features.

Per Dr. Desai, wearing the Apple watch every day will help the users lead a healthier and more conscious life as it’s a powerful way to keep on the track of health.

Evidence and science based methods are being employed to develop the aforementioned features and study how the information is surfaced individuals.

Apple conducted a heart study in collaboration with Stanford medicine which covered over 400,000 patients to contemplate whether the watch’s heart-rate sensor could detect irregular rhythms.

The heart study happened to be an example of a new data type and its relation with the clinical medicine. Also it reflected upon the creation of scientific evidence based on these new data.

Apple is known for the way it keeps the data all safe and secure always keeping in mind the importance of the users’ control over the decisions of how to share it and whom to share with.

And now it is going to be pretty prominent in the field of health because at Apple they consider it to be their responsibility.

Read more »
Youtube
Cloud Computing. Cyber News Cyber Security Google Server Network Congestion Snapchat Youtube

Congested Google Servers Render Snapchat and YouTube Inaccessible!



The eastern parts of the USA were hit by a sudden congestion of the Google servers which triggered famous apps like YouTube and Snapchat to be inaccessible.


Quite immediately, Google addressed the matter citing that it was dealing with the “high levels of network congestion”.

This was highlighted to be the reason for the inoperative applications. It also affected many other services in the Google Cloud, YouTube and G Suite.

Slow performance or/and sporadic errors are other repercussions of the network congestion. Google engineers are halfway through the restoration process.


Twitter blew up with the questions and worries of the social media users as the applications ceased to work as smoothly as they do.

On the other hand, YouTube and Snapchat also took to their Twitter handles to concede the alarming issue at hand.

Computing happens to be one of the most profitable services Google has to provide but it faces serious rivalry at the hands of other technology organizations like Microsoft and Amazon.


Read more »
Subscribe to: Posts (Atom)