Cyber Security Headlines: A rise in complex DDoS attacks, Mi6 warns of data traps, Microsoft expands log access

Complex DDoS attacks on the rise

According to a new report from Cloudflare, the number of DDoS requests in Q2 increased 15% on the quarter to 5.4 trillion, but fell 35% on the year. The complexity and length of these attacks saw a bigger jump, with attacks exceeding three hours increasing 103% on the quarter. When digging into specific industries, a much larger spike becomes visible. Cryptocurrency companies saw a 600% increase in DDoS attacks on the year, with gaming and gambling industries also seeing increased attacks. Cloudflare also noted the rise in virtual machine botnets in DDoS attacks, rather than using infected smart devices. These can use a much smaller number of infected devices to launch powerful attacks.. 

(The Record)

MI6 warns of Chinese data traps

MI6 head Richard Moore warned of countries potentially entering into “data traps” with the Chinese government, potentially leaving these national vulnerable to further influence from the country. He cited China requiring countries buying COVID-19 vaccines to share its vaccinations datasets as an example. MI6 fears access to these datasets could give China a further scale advantage when it comes to training emerging machine learning tools. Moore claimed China can further speed development of these tools as “Chinese authorities are not hugely troubled by questions of personal privacy, or individual data security.”

(The Record)

Microsoft expands cloud log access

Traditionally Microsoft offered advanced logging access as a feature to licensees of its Purview Audit (Premium) tier. However after Chinese-linked threat actors stole a Microsoft signing key that was later used to breach Exchange accounts, the company will broaden access. The US Cybersecurity and Infrastructure Security Agency worked with Microsoft to find critical logging data points. These will be included for free to all cloud customers, starting in September 2023. Logs will include email access and 30 other data points. Microsoft will also increase the retention period for Audit Standard customers to 180 days by default. Microsoft will still offer greater API access, forensic tools, and more data points to Purview Audit Premium subscribers.  

(Bleeping Computer)

Broadcom’s VMware acquisition gets UK greenlight

The UK’s Competition and Markets Authority announced it took an initial view that Broadcom’s proposed acquisition of VMware would not substantially reduce competition. Essentially the regulator found that any use of VMware’s assets to hamper competition would be more than offset by losses to Broadcom’s business. The CMA will consult on these findings and issue a final decision on September 12th. EU regulators approved the deal last week. We also still need to hear from the US Federal Trade Commission, which may still sue to block the deal. 


And now a word from our sponsor, OpenVPN

Karim Hakim, CTO at Hakim Misr Paco, says that CloudConnexa has given him some long-sought peace of mind. “OpenVPN has helped my company to access remote nodes securely without worrying about security protocols,” he says. “My company has been looking for a similar solution for years, and we finally got what we were looking for.” Read more at the link in our show notes.

Google tests “internet-free” PCs

CNBC’s sources say Google began a pilot where some employees use internet-free PCs as a potential way to improve cybersecurity. Employees in the pilot can only access internal web-based tools and Google-owned sites. Users on these machines will also not have root access as a further precaution. Initially the company selected over 2,500 employees for the pilot, but revised it to allow for volunteers and for selected employees to opt-out. 


Citrix and Adobe rush out exploited zero-day patches

Security researchers at Rapid7 warned that attackers began exploiting these remote code execution vulnerabilities. Citrix issued patches for its most critical vulnerability earlier this week, impacting NetScaler ADC and Gateway products. This vulnerability allowed for code execution with no authentication. Adobe patched one of three recently exploited ColdFusion vulnerabilities, however Rapid7 researchers discovered the patch could be easily defeated with trivial changes. Adobe said it began working on a more complete fix. In addition, the researchers also discovered another critical ColdFusion vulnerability hadn’t been patched, but had been listed as closed due to a typo in a security notice. 

(Ars Technica)

UN holds meets on AI

The United Nations Security Council held its first meetings on this emerging technology this week. The council was briefed by the co-founder of Anthropic Jack Clark, as well as the co-director of the China-UK Research Center for AI Ethics and Governance, Professor Zeng Yi. U.N. Secretary-General Antonio Guterres supported calls by some Security Council states for creating a UN body similar to the International Atomic Energy Agency “to support collective efforts to govern this extraordinary technology.” 


Ukraine takes down massive bot farm

In a joint operation, the cyber police and units of the Ukrainian National Police executed 21 search operations across two dozen locations in three cities to disrupt the bot farm. These bots served to push Russia propaganda, spread illegally obtained personal information, and other efforts meant to spread misinformation. In the operation, police seized over 250 GSM gateways as well as about 150,000 SIM cards. Ukrainian police and security services have continually worked to take down Russian-linked bot farms and misinformation infrastructure since the country began its invasion of Ukraine.  

(Bleeping Computer)

Rich Stroffolino is a podcaster, editor and writer based out of Cleveland, Ohio. He's spent the past five years creating media for technology enthusiasts and IT practitioners. He dreams of someday writing the oral history of Transmeta.