Latest news with #DistributedDenial-of-Service
TECHx
3 days ago
- Business
- TECHx
AWS Announces New Cloud Security Capabilities
Home » Emerging technologies » Cyber Security » AWS Announces New Cloud Security Capabilities Amazon Web Services (AWS) has announced a range of new security capabilities at AWS re:Inforce, its annual cloud security conference. The event brings together global security experts, partners, and developers to address growing cybersecurity challenges in the generative AI era. As organizations face increasingly complex threats, AWS revealed a dozen new tools aimed at strengthening cloud defenses and simplifying security management. One of the key services announced was AWS Security Hub. This service helps customers detect and prioritize threats to their systems. Acting as a central security command center, it connects alerts from various sources to provide a unified view. Security Hub is now available in preview to AWS customers. Another major update came to AWS Shield, which now proactively identifies security configuration issues. It maps customer resources and spots vulnerabilities to common attacks like SQL injection and Distributed Denial-of-Service (DDoS). The tool includes a severity-based dashboard and step-by-step instructions for fixing issues. Users can also get help from Amazon Q, AWS's generative AI assistant. Additionally, Amazon GuardDuty has expanded its Extended Threat Detection (XTD) to include container-based applications running on Amazon Elastic Kubernetes Service (EKS). This update allows for deeper threat detection by analyzing audit logs, runtime behavior, and AWS activity. It can now identify complex, multi-stage cyberattacks, enabling faster and more accurate threat response. Key updates revealed: AWS Security Hub now available in preview AWS Shield provides guided fixes with Amazon Q GuardDuty XTD supports EKS-based container applications AWS also reported that it now enforces multi-factor authentication for all root users across every AWS account. The company emphasized that strong security is critical for enabling innovation. By offering deeper visibility, streamlined operations, and proactive protection, AWS aims to help customers scale confidently and securely in the cloud. These announcements underscore AWS's commitment to building robust cloud security tools that support business growth with minimal complexity.
Economic Times
09-05-2025
- Business
- Economic Times
FM Nirmala Sitharaman reviews banking sector's operational and cybersecurity preparedness amid rising tensions with Pakistan
Live Events (You can now subscribe to our (You can now subscribe to our Economic Times WhatsApp channel Finance Minister Nirmala Sitharaman on Friday chaired a high level meeting with the Managing Directors and CEOs of Public and Private Sector Banks and insurance companies amidst emerging security concerns arising from tensions at the border to review baking sector's operational and cyber security preparedness, including digital applications such as net banking and UPI, the Ministry of Finance said in a the meeting, Sitharaman asked directed all banks to remain fully alert and be prepared to deal with in case with an eventuality or crisis, ensuring uninterrupted banking also directed banks to conduct regular audits of their cybersecurity systems and data centres and ensure that all digital and core banking infrastructure is fully firewalled and monitored round the clock to prevent breaches or any hostile cyber Finance Minister instructed banks to designate two dedicated senior officials identified at the headquarters, one for reporting all cyber-related matters and the other to ensure operational matters, including the functioning of bank branches and the availability of cash in ATMs. Both dedicated officers should report any incident to CERT-In / relevant agencies and DFS on a real-time this regard, banks were also asked to coordinate in real time with the Reserve Bank of India , CERT-In and relevant Government agencies to ensure robust and agile information exchange and the Finance Minister also asked the banks to ensure the safety of employees and their families working at branches in border also ordered insurance companies to give timely settlements along with uninterrupted Managing Directors and CEOs of all the banks and insurance companies apprised the Union Finance Minister about the measures they are undertaking, given the ongoing tensions at the MDs & CEOs informed that cybersecurity measures have been reinforced throughout the banking system. Anti-DDoS (Distributed Denial-of-Service) systems have been implemented by banks to protect against massive cyber-attacks. To guarantee institutional readiness, mock drills have been held encompassing cybersecurity and disaster recovery scenarios at the highest levels. They apprised that phishing attempts are being actively watched, and staff members have received several internal alerts to increase officials stated that their Security Operations Centre (SOC) and Network Operations Centres are fully operational and on high alert. These centres are coordinating closely with CERT-In and the National Critical Information Infrastructure Protection Centre (NCIIPC), facilitating real-time data sharing and threat monitoring.
Time of India
09-05-2025
- Business
- Time of India
FM Nirmala Sitharaman reviews banking sector's operational and cybersecurity preparedness amid rising tensions with Pakistan
Live Events (You can now subscribe to our (You can now subscribe to our Economic Times WhatsApp channel Finance Minister Nirmala Sitharaman on Friday chaired a high level meeting with the Managing Directors and CEOs of Public and Private Sector Banks and insurance companies amidst emerging security concerns arising from tensions at the border to review baking sector's operational and cyber security preparedness, including digital applications such as net banking and UPI, the Ministry of Finance said in a the meeting, Sitharaman asked directed all banks to remain fully alert and be prepared to deal with in case with an eventuality or crisis, ensuring uninterrupted banking also directed banks to conduct regular audits of their cybersecurity systems and data centres and ensure that all digital and core banking infrastructure is fully firewalled and monitored round the clock to prevent breaches or any hostile cyber Finance Minister instructed banks to designate two dedicated senior officials identified at the headquarters, one for reporting all cyber-related matters and the other to ensure operational matters, including the functioning of bank branches and the availability of cash in ATMs. Both dedicated officers should report any incident to CERT-In / relevant agencies and DFS on a real-time this regard, banks were also asked to coordinate in real time with the Reserve Bank of India , CERT-In and relevant Government agencies to ensure robust and agile information exchange and the Finance Minister also asked the banks to ensure the safety of employees and their families working at branches in border also ordered insurance companies to give timely settlements along with uninterrupted Managing Directors and CEOs of all the banks and insurance companies apprised the Union Finance Minister about the measures they are undertaking, given the ongoing tensions at the MDs & CEOs informed that cybersecurity measures have been reinforced throughout the banking system. Anti-DDoS (Distributed Denial-of-Service) systems have been implemented by banks to protect against massive cyber-attacks. To guarantee institutional readiness, mock drills have been held encompassing cybersecurity and disaster recovery scenarios at the highest levels. They apprised that phishing attempts are being actively watched, and staff members have received several internal alerts to increase officials stated that their Security Operations Centre (SOC) and Network Operations Centres are fully operational and on high alert. These centres are coordinating closely with CERT-In and the National Critical Information Infrastructure Protection Centre (NCIIPC), facilitating real-time data sharing and threat monitoring.
Economic Times
08-05-2025
- Business
- Economic Times
BSE issues cybersecurity advisory amid rising Pakistan-linked threats to Indian BFSI Sector
BSE has issued a critical advisory to market participants following a cybersecurity alert from the Indian Computer Emergency Response Team (CERT-In), which highlights an ongoing cyber threat campaign specifically targeting organizations within India's Banking, Financial Services, and Insurance (BFSI) sector. ADVERTISEMENT The advisory serves as a precautionary measure, urging market participants to bolster their cybersecurity defenses against potential high-impact cyber-attacks, including ransomware, supply chain intrusions, Distributed Denial-of-Service (DDoS) attacks, website defacements, and malware. "Market participants are particularly advised to take precautionary measures on potential cyber risks including high-impact cyber-attacks such as ransomware, supply chain intrusions, DDoS attacks, website defacement and malware," a circular stated. Precautionary Measures for Indian Market ParticipantsThe advisory urges market participants to take immediate action in response to the ongoing cyber risks. The following steps are recommended:Ensure Security Controls: Review security controls to ensure they comply with the SEBI Cyber Security and Resilience Framework (CSCRF), as per the latest guidelines issued on 20th August 2024. ADVERTISEMENT Conduct Risk Assessments: Identify vulnerabilities and take corrective measures to mitigate Security Monitoring: Enhance system security monitoring and update incident response plans to quickly address any potential breaches. ADVERTISEMENT Leverage Threat Intelligence: Act on the threat intelligence and advisories released by CERT-In and the National Critical Information Infrastructure Protection Centre (NCIIPC).Increase Threat Hunting: Proactively search for potential threats within networks and systems. ADVERTISEMENT Report Incidents: Ensure timely reporting of any cyber incidents to the exchanges and regulators, as per prescribed advisory follows heightened tensions after India struck nine terror-related targets in Pakistan and Pakistan-administered Kashmir (PoK) using precision munitions. (Disclaimer: Recommendations, suggestions, views and opinions given by the experts are their own. These do not represent the views of the Economic Times) (You can now subscribe to our ETMarkets WhatsApp channel)
Time of India
01-05-2025
- Time of India
5 Biggest cyberattacks in history that changed the digital security landscape forever
Cyber-attack refers to the intentional application of computer hardware, networks, or systems to cause damage, steal sensitive data, or disrupt normal operations. One lone hacker, a group of sophisticated cybercriminals, or even a nation state could carry out the attacks. As more data and infrastructure get digitised, governments, organisations, and individuals alike are increasingly threatened by cyberattacks in very concrete ways. These cyberattacks can vary from mere disruption to devastating intrusion with economic losses, loss of reputation, and compromised national security. What is a cyberattack A cyberattack refers to a deliberate and malicious effort to compromise, harm, disrupt, or steal data from a computer system, network, or device. Such attacks are often conducted by hackers, cybercriminals, or even state actors to realise any number of objectives, including stealing confidential information, causing operational interference, or inflicting monetary damage. Types of cyber attacks by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Sulawesi Selatan: AI guru Andrew Ng recommends: Read These 5 Books And Turn Your Life Aroun... Blinkist: Andrew Ng's Reading List Undo The two broad types of cyberattacks are those targeting disruption of system and network operations, and those targeting access to sensitive data. An awareness of these types contributes to enhancing defense systems. Disabling attacks These are meant to take a computer, network, or system offline, essentially cutting access for those who are authorized to use it. Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) are good illustrations. They overwhelm a network with questionable traffic or requests that leave the system unable to handle it and, in the process, crash. Disruption is their primary goal and not theft of information. Data theft and data breaches The second largest category is efforts to steal confidential data. It can be financial data, private data, intellectual property, or state secrets. Phishing, malware, and exploitation of systems are familiar methods used by hackers to acquire unauthorized access to systems. After acquisition, burglars resell looted data or use it for criminal intentions, e.g., identity fraud or corporate espionage. Common hacker techniques Hackers employ an array of advanced methods and tools for mounting their cyber attacks. Hackers' favorite means are: Malware Malware is an umbrella term that refers to any type of bad code with the potential to infect a system and cause mayhem. Viruses, worms, trojans, ransomware, and spyware are a few of the most common types of malware. Malware can steal data, bring down systems, or even hold information for ransom and demand money for its freedom (in ransomware attacks). Phishing Phishing is a social engineering attack in which the attackers pretend to be genuine organizations or entities with a purpose of duping the victims into sharing sensitive information such as passwords, usernames, or financial details. Phishing attacks normally are email or imitation websites in nature, coming across as actual websites but rather made for trapping users' information on being clicked. Social engineering In social engineering attacks, people are used by hackers to leak sensitive information. They can also pose as coworkers or supervisors for the purpose of gaining the confidence of an individual and trick the victim into lowering security protocols such as revealing log-in details or clicking on unsafe links. Group attacks Large-scale cyberattacks are often launched by well-coordinated groups of hackers. The groups will target high-profile entities or government organizations and apply complex methods, including advanced persistent threats (APTs), in order to acquire persistence over a long period. Growth of cybercrime Cybercrime is a quick-growing enterprise. In 2017, it lost 780,000 records daily through various cyberattacks, McAfee's Economic Impact of Cyber Crime recorded. The figures indicate the numbers and volumes of cyberattacks mounting. According to the reports, cybercrime is estimated at $10.5 trillion by 2025. E-mail is still among the most popular attack vectors despite heightened cybersecurity. CSO research indicates that 92% of malware is transmitted through e-mail, most commonly by a malicious link or an attachment within a phishing e-mail. The attackers take advantage of the human factor by tricking people into opening the mail, which in turn leads to unintentional installation of malware on their systems. Major cyberattacks in the history In recent years, there have been a number of high-profile cyberattacks that have hit the headlines, detailing just how sophisticated cyber thugs are getting and what security breaches can entail. Morris Worm (1988) The Morris Worm was the very first ever recorded mass cyberattack. Written by Robert Tappan Morris, at the time an academic at the graduate level, the worm infects computers at a rapid pace across the net and infects around 6,000 computers. Estimated loss resulting from this worm is anywhere from $10 million to $100 million, giving rise to the added concern about systems that are vulnerable on the net. MafiaBoy (2000) One of these 15-year-old Canadian hackers, MafiaBoy, in 2000 launched a DDoS attack on busy websites such as Amazon, CNN, eBay, and Yahoo!. The attack harvested around $1.7 billion worth of losses. The attack highlighted just how simple it is even for novice hackers to make significant disruption using the international internet network. Google China (2009) Google's servers were hacked by the hackers in 2009 to access Chinese human rights activists' e-mails. The hacking was believed to have been carried out by China's government, and thus Google shifted its servers to Hong Kong in 2010 as part of its battle against censorship and surveillance. Jonathan James and the U.S. Department of Defense (1999) Jonathan James, a computer hacker at age 15, infiltrated the U.S. Department of Defense computers and stole sensitive data, including NASA software worth $1.7 million. The breach resulted in damages of $41,000 and demonstrated that even the most secure government networks could be compromised. Stuxnet (2010) The Stuxnet worm was an enormously advanced cyberweapon that attacked the nuclear enrichment facilities of Iran. It dismantled almost 1,000 nuclear centrifuges, slowing down Iran's nuclear ambitions. It is believed widely to have been an American Israeli joint effort, the first use of a cyberattack causing physical damage. Most famous recent cyber attacks Cyberattacks do not only affect operational and technical aspects, but they also lead to humongous economic loss. For example, the Melissa Virus was a cost of $1.1 billion in damages worldwide. Furthermore, data breaches, such as when Albert Gonzalez hacked millions of credit card numbers in 2009, were part of one of the biggest history-making credit card scams. Cyberattacks just keep on rolling, and there are new cyberattacks daily. Some of the most famous recent cyberattacks include: U.S. Treasury Department Incident (2024) U.S. Treasury Department networks were attacked in December 2024 by a state-sponsored Chinese attacker, who penetrated employee desktops and sensitive data. The incident was ranked as a high event, which illustrated the threat level of state-sponsored cyber tapping and its impact on national security. North Korean Crypto Hack (2025) North Korean cyberthieves hacked into a cryptocurrency exchange and stole $1.5 billion worth of digital currency in the largest cyberattack on record in 2025. This hack illustrates the growing necessity of safeguarding digital assets as attacks mount from highly funded and highly advanced cybercrime. Also Read | Elon Musk look-alike rejects comparison, calls him 'not a nice person'; reveals his unwanted fame AI Masterclass for Students. Upskill Young Ones Today!– Join Now
