One year ago today, Russia launched a massive combined arms ground, air, and sea assault against Ukraine, including a large cyber component designed to sow confusion among Ukrainian authorities. At the first anniversary, the initial takeaway is the role played by cyber has not been as prominent as predicted for what has turned into the largest European land war since 1945. Russia and Ukraine are still actively using their cyber troops to conduct a variety of attacks against their foe.

Read also: GoDaddy reveals multi-year security breach, hackers targeted Asia-based data centers used by major global firms, and more.

Slowloris is a type of DDoS (Distributed Denial of Service) attack that exploits web servers to handle incoming connections. In a Slowloris attack, the attacker sends many HTTP requests to the target web server, but unlike a regular DDoS attack, the requests are sent slowly over a long period of time. The attack sends incomplete HTTP requests to keep the connections open for as long as possible. The attacker then mimics this pattern by sending many incomplete requests to the server.

Social engineering cyberattacks play on the mind, manipulating emotions and engaging in deception to get victims to give up passwords, financial data, and other valuable information. According to Verizon's 2022 Data Breach Investigations Report (DBIR), eight in 10 data breaches (82%) involve a human element. Alongside breaches caused by human error and malicious actions, this statistic also includes social engineering attacks.

The city government of Oakland has declared a state of emergency after it was hit by a ransomware attack. The attack, which began in the evening of February 8th, has forced the city to take all its IT systems offline, and has affected many non-emergency services, including the ability to collect payments, issue permits, and process reports.

Read also: Russian cybercriminal convicted in $90M hack-and-trade scheme, US and UK slap sanctions on 7 Russians tied to TrickBot cybercrime gang, and more.

JD Sports Sportswear Retailer have suffered a cyber attack that exposed the data of 10 million customers accessed by backers in the attack. The personal data which was exposed includes customer’s names, email addresses, contact details and passwords.

Search engines automatically create a business listing based on publicly available information, but they permit business owners to override this automatic listing by publishing their own. This listing may include business hours, slogan, geographical location, a website link, contact information, reviews, and images. Business owners are also permitted to respond to reviews. Recently, Sedara has seen incidents in which the attacker claims control over a business listing that they do not own.

The latest on ESXiArgs ransomware attacks, new QakNote attacks pushing QBot malware via Microsoft OneNote files, and Biden’s attention to data privacy in the State of the Union.

Arguably nothing in tech has changes the landscape more than ‘as a Service’ offerings, the subscription-based IT service delivery model, In fact, the ‘as a Service’ offering has made its way into the cybercrime landscape. And cybercrime, for its part, has evolved beyond a nefarious hobby — today it’s a means of earning for cybercriminals.