The Growing Threat of Malware Concealed Behind Cloud Services
Cybersecurity threats evolve with malware operators using cloud services like UNSTABLE and Condi botnets. FortiGuard Labs advises enhancing cloud security defenses to combat growing cybercriminal activities effectively.
Read original article
Cybersecurity threats are evolving as malware operators increasingly use cloud services to store and distribute malicious payloads. FortiGuard Labs has observed botnets like UNSTABLE and Condi leveraging cloud storage for their operations, making it challenging to disrupt attacks. These botnets exploit vulnerabilities in various devices to enhance their capabilities. The UNSTABLE botnet, for example, targets JAWS webservers and uses XOR encoding for its configuration. On the other hand, the Condi DDoS botnet exploits CVE-2023-1389 to control devices and establish connections with a central Command and Control server. These attacks highlight the growing trend of cybercriminals leveraging cloud platforms for malicious activities. Organizations are urged to strengthen their cloud security defenses by implementing multi-layered security measures, regular updates, and network segmentation to mitigate potential breaches. Fortinet provides protections against these malware variants and supports various security services to help organizations combat sophisticated cyber threats effectively.
Related
Indonesian government datacenter locked down in $8M ransomware rumble
A ransomware attack on Indonesia's national datacenter disrupted services for 210+ institutions. LockBit 3.0 variant Brain Cipher caused delays in immigration services and student registrations. Attackers demanded $8 million ransom. Indonesia faces cybersecurity challenges.
Bots Compose 42% of Overall Web Traffic; Nearly Two-Thirds Are Malicious
Akamai Technologies reports 42% of web traffic is bots, 65% malicious. Ecommerce faces challenges like data theft, fraud due to web scraper bots. Mitigation strategies and compliance considerations are advised.
Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack
A supply-chain attack compromised 36,000 websites using backdoored WordPress plugins. Malicious code added to updates creates attacker-controlled admin accounts, manipulating search results. Users urged to uninstall affected plugins and monitor for unauthorized access.
Polyfill supply chain attack hits 100K+ sites
A supply chain attack on Polyfill JS affects 100,000+ websites, including JSTOR and Intuit. Malware redirects mobile users to a betting site. Users advised to switch to trusted alternatives like Fastly and Cloudflare.
Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack
Namecheap took down Polyfill.io due to a supply chain attack. Malware was distributed to 110,000 websites, redirecting mobile users to a betting site. Google warned affected pages. Users should remove Polyfill.io and consider alternatives like Cloudflare or Fastly.
2 commentsThe greatest threat to the internet currently is not the malware concealed behind cloud services but cloud services themselves breaking the distributed nature of the internet. Some of the clouds, particularly those that flare, just have too much influence and control of internet networking and should be split up. I can't even access congress.gov because it's behind cloudflare. They are running a very effective and very long lasting DoS against millions of americans preventing them from accessing government services and information.
Related
Indonesian government datacenter locked down in $8M ransomware rumble
A ransomware attack on Indonesia's national datacenter disrupted services for 210+ institutions. LockBit 3.0 variant Brain Cipher caused delays in immigration services and student registrations. Attackers demanded $8 million ransom. Indonesia faces cybersecurity challenges.
Bots Compose 42% of Overall Web Traffic; Nearly Two-Thirds Are Malicious
Akamai Technologies reports 42% of web traffic is bots, 65% malicious. Ecommerce faces challenges like data theft, fraud due to web scraper bots. Mitigation strategies and compliance considerations are advised.
Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack
A supply-chain attack compromised 36,000 websites using backdoored WordPress plugins. Malicious code added to updates creates attacker-controlled admin accounts, manipulating search results. Users urged to uninstall affected plugins and monitor for unauthorized access.
Polyfill supply chain attack hits 100K+ sites
A supply chain attack on Polyfill JS affects 100,000+ websites, including JSTOR and Intuit. Malware redirects mobile users to a betting site. Users advised to switch to trusted alternatives like Fastly and Cloudflare.
Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack
Namecheap took down Polyfill.io due to a supply chain attack. Malware was distributed to 110,000 websites, redirecting mobile users to a betting site. Google warned affected pages. Users should remove Polyfill.io and consider alternatives like Cloudflare or Fastly.