cloudspec: open source tool for validating your resources

From securityonline.info

loudSpec is an open-source tool for validating your resources in your cloud providers using a logical language that everybody can understand. With its reasonably simple syntax, you can validate the configuration of your cloud resources, avoiding mistakes that can lead to availability or confidentiality issues.

Read more…

Tesco’s website restored after suspected cyberattack

From zdnet.com

UK supermarket giant Tesco has restored access to its website and app after an outage struck the service on Saturday, preventing customers from ordering or cancelling deliveries until Sunday evening.

In a statement to The Guardian, Tesco said that “an attempt was made to interfere with our systems, which caused problems with the search function on the site.”

The retailer, whose 1.3 million online orders per week account for nearly 15% of its UK sales, said there was no reason to believe the attempted interference impacted customer data.

Read more…

A NetOps toolkit for the remote engineer

From itproportal.com

network

While it’s almost difficult now to think of a time before Covid-19, the accepted approach among engineers for fixing networks in years previous would have been traveling to site with a toolkit of applications in hand to diagnose an issue and remedy the problem. With restrictions however in place over the course of the last 16 months, much greater focus has been placed on accessing networks remotely to reduce social contact and unnecessary travel, with organizations also looking to re-focus their resources and push for greater operational efficiencies. The age of the remote engineer has arrived, but what technologies are available for them to perform the role effectively? 

Read more…

450 million cyberattacks attempted on Japan Olympics infrastructure: NTT

From zdnet.com

The NTT Corporation, which provided wide-ranging telecommunications services and network security for the Olympic & Paralympic Games in Tokyo this summer, said there were more than 450 million attempted cyberattacks during the event in July. 

NTT officials said none of the attacks were successful and added that the games went on without a hitch. But the number of attacks was 2.5x the number seen during the 2012 London Summer Olympics.

Read more…

Totalcoolblog.com ads Removal Guide

From 2-spyware.com

Totalcoolblog.com

If Totalcoolblog.com ads won’t stop showing up on your screen, you have been a victim of a scam or enabled notifications on the site by accident. To be more precise, you clicked the “Allow” button within the notification prompt shown to you upon entry. To convince users that doing so is a good idea, crooks commonly use various social engineering tricks, which is a type of fraud that exploits the inexperience or naivety of people.

Read more…

CISA urges admins to patch critical Discourse code execution bug

From bleepingcomputer.com

code bug

A critical Discourse remote code execution (RCE) vulnerability tracked as CVE-2021-41163 was fixed via an urgent update by the developer on Friday

Discourse is an open-source forum, long-form chat, and mailing list management platform widely deployed on the web, offering excellent usability and integration potential while focusing heavily on social features. 

The vulnerable versions are 2.7.8 and older, and the best way to address the risk is to update to 2.7.9 or later, which came out on Friday. The latest beta and test versions have also been patched against the flaw. 

According to official stats, Discourse was used to publish 3.5 million posts viewed by 405 million users in September 2021 alone.

Read more…

Large DDoS attack shuts down KT’s nationwide network

From zdnet.com

South Korea telco KT said on Monday that the temporary nationwide shutdown of its network earlier today was caused by a large-scale distributed denial-of-service (DDoS) attack.

Customers who use the telco’s network were unable to access the internet for around 40 minutes at around 11am on Monday.

Users were unable to use credit cards, trade stocks, or access online apps during that time period. Some large commercial websites were also shut down during the outage.

Read more…