The cloud provider OVHcloud mitigated the largest Distributed Denial-of-Service (DDoS) attack in terms of packet rate. Packet rate DDoS attacks overload the processing engines of networking devices near the target, bringing down infrastructure like anti-DDoS systems. OVHcloud says packet rate DDoS attacks are effective because their mitigation requires dealing with many small packets, which is harder than dealing with fewer, larger packets. The largest packet rate attack was recorded in April at 840 Mpps, breaking the 2021 record of 809 Mpps.

Patrick Lin and his colleagues at California Polytechnic State University's Ethics + Emerging Sciences Group recently released a US National Science Foundation (NSF)-funded report to highlight the threat posed by space cyberattacks and help predict novel scenarios. Space cyberattacks are rising due to several factors. As space is remote and challenging to access, a cyberattack would likely be needed to target a space system. Space systems are attractive targets because it is not easy to upgrade their hardware once launched, and this insecurity increases over time.

According to Halcyon researchers, "Volcano Demon" is a double-extortion ransomware player that uses "LukaLocker," a new locker malware, to encrypt victim files with the .nba extension. The attacker installs limited victim logging and monitoring solutions before exploitation. They also make threatening phone calls from "No Caller ID" numbers to extort or negotiate a ransom. This article continues to discuss findings regarding Volcano Demon's attacks.

Researchers at Sekoia found that "FakeBat," a Loader-as-a-Service (LaaS), has become one of the most widely spread loader malware families distributed using the drive-by download technique. According to the company, FakeBat downloads and executes next-stage payloads like "IcedID," "Lumma," "RedLine," "SmokeLoader," "SectopRAT," and "Ursnif." This article continues to discuss the distribution of FakeBat loader malware through drive-by download attacks.

A Royal United Services Institute (RUSI) research paper titled "Your Data is Stolen and Encrypted: The Ransomware Victim Experience" brings attention to ransomware victims' mental health. The paper calls on all incident response stakeholders to address ransomware attacks' psychological and physiological effects. It provides insights into ransomware victims' psychological experiences, including what factors make them better or worse and what policy measures can reduce harm to their well-being.

Europol coordinated a joint law enforcement effort called "Operation Morpheus," which took down nearly 600 Cobalt Strike servers used by cybercriminals to infiltrate victims' networks. Fortra released Cobalt Strike over a decade ago as a legitimate commercial penetration testing tool for red teams to scan network infrastructure for security vulnerabilities. However, threat actors have used cracked copies of the software, making it a popular data theft and ransomware attack tool. This article continues to discuss to discuss the takedown of Cobalt Strike servers used by cybercriminals.

Thousands of people with accounts on darknet websites used to share Child Sexual Abuse Material (CSAM) could be exposed using information stolen by cybercriminals. Recorded Future researchers were able to identify these individuals using credentials harvested by infostealer malware. This type of malware is typically used to steal log-in credentials for banking services. This article continues to discuss the unmasking of darknet child abuse website users through infostealer malware.

Security researchers at Comparitech have discovered that the average extortion demand per ransomware attack was over $5.2m in the first half of 2024.  The most significant ransom demand during the first half of 2024 was a $100m ransom following an attack on India’s Regional Cancer Center (RCC) in April 2024.  The second highest confirmed ransom demand was issued to UK pathology provider Synnovis, with attackers demanding $50m.

Researchers at the University of California, San Diego found that modern Intel processors, including chips from the Raptor Lake and Alder Lake generations, are vulnerable to a new high-precision Branch Target Injection (BTI) attack called "Indirector." The attack could be used to steal information from CPUs. Vulnerabilities in the Indirect Branch Predictor (IBP) and Branch Target Buffer (BTB), two hardware components in modern Intel CPUs, could be exploited by the Indirector attack to manipulate speculative execution for data extraction.

EVA Information Security, a red teaming company, has disclosed details about three vulnerabilities in the CocoaPods dependency manager that affect millions of macOS and iOS applications. CocoaPods is an open source dependency manager for Swift and Objective-C Cocoa projects that has over 100,000 libraries and is used by about three million applications across the Apple ecosystem.