HTTP distributed denial-of-service attacks increased by 65% between the second and third quarters of 2023, while layer 3/4 DDoS attacks targeted at compromising infrastructure resources have risen by 14% over the same period, reports SiliconAngle.
Most DDoS attacks during the third quarter have been targeted at gaming and gambling firms, indicating financially motivated intrusions exploiting persistent weaknesses in both sectors, according to a Cloudflare report. However, different industries were subjected to the highest DDoS attack volumes per region, with the software sector and farming industry having the most DDoS attacks in North America and Latin America, respectively, while the cryptocurrency and telecommunications industries were most impacted in Asia and Oceania, respectively.
Meanwhile, nearly 140 billion cybersecurity threats daily have been thwarted by Cloudflare during the third quarter, including a record-breaking DDoS attack that peaked at 201 million requests per second. Organizations have been urged to leverage automated HTTP DDoS Protection amid increasingly prevalent attacks.
Attackers have leveraged trojanized versions of Indian software provider Conceptworld's installers for its Copywhiz, Notezilla, and RecentX programs to facilitate the delivery of information-stealing malware, The Hacker News reports.
Defense and manufacturing organizations across South Korea have been subjected to attacks deploying the new Xctdoor malware through a hacked South Korean enterprise resource planning software update server, echoing a technique previously leveraged by North Korean state-sponsored advanced persistent threat operation and Lazarus Group sub-cluster Andariel to facilitate the delivery of the HotCroissant and Riffdoor backdoors, according to The Register.
Operations of the Intellexa Alliance behind the Predator spyware were noted by cybersecurity experts to have significantly dwindled in the months following sanctions imposed by the Biden administration and other crackdown efforts exposing its infrastructure, reports CyberScoop.