800Gbps DDoS extortion attack hits gambling company
By
05:31 PM
Distributed denial-of-service (DDoS) attacks started strong this year, setting new records and taking the extortion trend that started last August to the next level.
Internet security services company Akamai has already dealt with the largest known ransom DDoS (RDDoS) attack, which was also more complex than previously seen incidents of the same type.
Bigger, more complex RDDoS
Akamai says that in February they dealt with “three of the six biggest volumetric DDoS attacks” the company has ever recorded.
Two of these were the largest known ransom DDoS attacks and the most recent of them peaked at 800Gbps; it targeted a gambling company in Europe and was also the most complex Akamai saw since extortion DDoS started.
Windows 10 emergency updates released to fix printing crashes
By
Update: Microsoft now warns of additional issues when printing after installing the March updates.
Microsoft has released out-of-band non-security updates to fix a know Windows 10 issue causing blue screens when printing to network printers after installing the March 2021 cumulative updates.
According to Microsoft, the cumulative updates released today are addressing an issue that might cause a blue screen when attempting to print to certain printers using some apps and might generate the error, APC INDEX MISMATCH.
The cumulative updates containing the fix released today are published as optional updates so they will not be installed automatically via Windows Update.
Microsoft 365 outage knocks down Teams, Exchange Online
By
04:09 PM
An Azure Active Directory outage is preventing users from logging into Microsoft 365, Microsoft Teams, Exchange Online, Forms, Xbox Live, and Yammer.
Starting at approximately 3:34 PM EST, users began reporting being unable to login to their Microsoft 365 accounts, Microsoft Teams, or access other Microsoft apps.
It appears @Microsoft365 is having a few issues at the moment; currently unable to access Forms. Hopefully back up soon for my @syscouts quiz on tree recognition James Garnett (@jamesmgarnett) March 15, 2021
The outage is also affecting Microsoft sites, such as the Tech Community web site, as users are not able to log into the site.
GandCrab ransomware affiliate arrested for phishing attacks
By
10:07 AM
A suspected GandCrab Ransomware member was arrested in South Korea for using phishing emails to infect victims.
The GandCrab ransomware operation started in January 2018 when it quickly became a malware empire threatening businesses worldwide.
Operated as a Ransomware-as-a-Service (RaaS), the GandCrab developers teamed up with affiliates in a revenue share partnership, with affiliates earning between 70-80% of a ransom payment.
The operation shut down in the summer of 2019, but many security researchers believe the core developers went on to start the REvil ransomware group.
Suspected affiliate arrested in South Korea
As first reported by TheRecord, a 20-year-old man was arrested on February 25th by South Korean police after an international investigation traced GandCrab ransom payments to withdrawals made by the suspect.
More hacking groups join Microsoft Exchange attack frenzy
By
More state-sponsored hacking groups have joined the ongoing attacks targeting tens of thousands of on-premises Exchange servers impacted by severe vulnerabilities tracked as ProxyLogon.
After Microsoft s initial report that the vulnerabilities were actively exploited by a Chinese APT group named Hafnium, Slovak internet security firm ESET shared info on at least three other Chinese-backed hacking groups abusing the ProxyLogon flaws in ongoing attacks.
Besides those three (APT27, Bronze Butler aka Tick, and Calypso), ESET also said that it also identified several additional yet-unclassified clusters.
In a Friday update to their announcement, Microsoft said that several other threat actors beyond HAFNIUM are also exploiting the four critical Exchange flaws.