Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261)
Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute …
Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717)
Advanced, persistent attackers have exploited a zero-day vulnerability (CVE-2024-39717) in Versa Director to compromise US-based managed service providers with a custom-made …
Breaking down FCC’s proposal to strengthen BGP security
In this Help Net Security interview, Doug Madory, Director of Internet Analysis at Kentik, discusses the FCC’s proposal requiring major U.S. ISPs to implement RPKI Route …
Chinese hackers compromised an ISP to deliver malicious software updates
APT StormBamboo compromised a undisclosed internet service provider (ISP) to poison DNS queries and thus deliver malware to target organizations, Volexity researchers have …
Cloud hosting firms hit by devastating ransomware attack
Danish cloud hosting firms CloudNordic and Azero – both owned by Certiqa Holding – have suffered a ransomware attack that resulted in most customer data being …
DDoS attacks increase 341% amid pandemic
During the pandemic, cyber attackers targeted industries providing connectivity, services and entertainment to populations forced to shelter-in-place, resulting in a 341% …
Bad bot traffic reaching an all-time high over the past year
In 2020, Imperva saw the highest percentage of bad bot traffic (25.6%) since 2014, while traffic from humans fell by 5.7%. More than 40% of all web traffic requests originated …
Securing the connected home: A joint task for homeowners and their ISP
As COVID-19 spread over the world and nations and businesses adapted to minimize citizens’ and employees’ personal interactions to help contain the infection, a …
Even the world’s freest countries aren’t safe from internet censorship
The largest collection of public internet censorship data ever compiled shows that even citizens of what are considered the world’s freest countries aren’t safe …
DDoS traffic capitalizes on remote working connectivity reliance to disrupt service provider targets
In the first quarter of 2020, DDoS attacks rose more than 278% compared to Q1 2019 and more than 542% compared to the last quarter, according to Nexusguard. Working from home …
Guidelines for assessing ISPs’ security measures in the context of net neutrality
According to the EU’s net neutrality regulation, called the Open Internet Regulation, which came into force in 2016, internet providers should treat all internet traffic to …
Europol wants ISPs to aid law enforcement by dropping CGN technologies
Europol is urging ISPs to stop using Carrier Grade Network Address Translation technologies, because they make identifying and tracking criminals a lot harder. What is Carrier …