Here are some interesting updates about cybersecurity threats and new trends.
The Global Secure Layer (GSL) neutralized the biggest packet rate DDoS attack ever recorded, which targeted a Minecraft gaming customer at a peak of 3.15 billion packets per second (Gpps). The attack occurred on August 25, 2024, breaking previous records by a ratio of 3.2 to 3.5. A preliminary strike on August 24 peaked at 1.7 Gpps while functioning as a reconnaissance mission. The main attack used a "carpet bombing" strategy, attacking all advertising prefixes on the victim's network. Two separate botnets were employed, with the major one responsible for the record-breaking packet rate attack coming primarily from Russia, Vietnam, and Korea. Over 42,000 sources took part in the attack, with many tracing back to Korea Telecom's network.
The second botnet concentrated on volumetric attacks, reaching 1.516 terabits per second (Tbps). GSL's Goliath platform, spread across 33 worldwide points of presence, was critical in limiting the attacks, with response times of less than 100 milliseconds. The incident illustrates the growing threat of DDoS attacks, especially in the gaming industry. Despite the attack's enormous scale, GSL's quick response avoided any long-term damage to the Minecraft server.
Source: Cyber Security News
Mastercard has acquired Recorded Future, a worldwide threat intelligence company, from Insight Partners for $2.65 billion. The agreement intends to strengthen Mastercard's cybersecurity services and improve its capabilities to protect the digital economy. Recorded Future, the world's largest threat intelligence company, with over 1,900 clients in 75 countries, including 45 governments and more than half of the Fortune 100. This acquisition will combine Recorded Future's real-time threat visibility and AI-powered analytics with Mastercard's existing identification, fraud prevention, and cybersecurity offerings. The decision comes as cybercrime expenses are expected to exceed $9.2 trillion globally by 2024, emphasizing the growing need for strong cyberdefenses.
Both firms use AI to scan billions of data points to identify potential risks, and their combined expertise is likely to promote innovation in cybersecurity procedures. Recorded Future will benefit from Mastercard's global reach, and Recorded Future's capabilities will boost Mastercard's product offerings. The acquisition is expected to assist consumers across many industries by offering improved insights and intelligence. Recorded Future will continue to operate as an autonomous subsidiary of Mastercard, with an open intelligence platform. The transaction is scheduled to occur in the first quarter of 2025, pending regulatory clearances and other closing conditions.
Source: Mastercard
MoneyGram International, the world's second-largest money transfer company, has revealed that a cybersecurity issue is to blame for a days-long outage that has impacted its global services. The company discovered the problem on Friday, September 20, and proactively took its systems offline, affecting network connectivity and causing severe interruptions for consumers wanting to send or receive money. MoneyGram's website and mobile app remain inaccessible, as do in-person and online transactions. The corporation has not disclosed specific information about the nature of the cybersecurity incident or whether consumer data has been compromised. MoneyGram is collaborating with external cybersecurity experts and law enforcement to investigate and solve the issue, but has not provided a timetable for when services will be restored.
This outage has serious consequences for MoneyGram's massive customer base, which includes over 50 million people in more than 200 countries who use the service for international money transfers and bill payments. The problem has also impacted MoneyGram's global partners, including remittance businesses and financial institutions that provide its services. As of Monday afternoon, hundreds of outages were still being reported, emphasizing the continuous nature of the issue. MoneyGram has acknowledged the severity of the issue for its clients and partners, stating that it is working hard to bring its systems back online and resume normal operations.
Source: CBS News
Verizon users across the United States experienced extensive cellular service delays on Monday morning, affecting major cities as well as much of the Midwest. By 11:20 a.m. Eastern Time, more than 104,000 outages had been recorded, with customers unable to make calls or text messages because their phones were in SOS mode. Verizon confirmed the problem and indicated that engineers were working fast to address it, while the FCC declared that it was looking into the cause and scope of the outages. This incident follows a series of high-profile technical issues hitting telecommunications operators in 2024. By noon, the number of reported outages had dropped to around 78,000, however Verizon would not elaborate on the cause or potential link to isolated power outages. The extensive service outages highlight the continuous difficulty that telecom firms confront in ensuring constant connectivity in our more interconnected society.
Source: The New York Times
Kaspersky, the antivirus company, has defended its choice to automatically replace its software with UltraAV on US clients' computers without their explicit permission. This action affected around one million customers and was caused by the US government's prohibition on Kaspersky software sales and upgrades. Kaspersky maintains that it notified qualified US customers via email about the move, which began in early September. To provide continued protection, Windows users were automatically switched to UltraAV, whilst Mac and mobile users were instructed to install it manually. Some consumers were alarmed by the unexpected software shift, citing worries about user autonomy and privacy. Kaspersky attributed missed notifications to unregistered email addresses, directing users to in-app messages and an online FAQ. The corporation defended the automatic migration, claiming it was vital to avoid a security vulnerability for users. Critics, including former NSA cybersecurity director Rob Joyce, have highlighted the risks of entrusting such control to antivirus software. UltraAV, owned by the American corporation Pango, is a new antivirus with no documented security track record, which raises users' fears. The event has created a debate about the appropriate balance between maintaining user security and preserving user autonomy in software updates.
Source: TechCrunch