Organizations across the U.S. have been warned by the Cybersecurity and Infrastructure Security Agency regarding ongoing distributed denial-of-service attacks against several entities across different industries, BleepingComputer reports.
Proactive measures should be taken by organizations in defending their networks from DDoS attacks, including the immediate application of firewall rules and the utilization of DoS protection services for redirecting malicious traffic, said CISA.
No specific threat actor has been mentioned by CISA in its advisory but such an alert comes after the websites of the U.S. Treasury Department's Electronic Federal Tax Payment System and the U.S. Commerce Department, as well as Stripe's business payment, refund, and operations management site, were claimed to have been disrupted in a DDoS attack by Anonymous Sudan, also known as Storm-1359.
Anonymous Sudan also admitted being behind the outages of the Microsoft Outlook, Azure, and OneDrive portals last month, as well as other attacks against numerous U.S. hospitals, Tinder, Lyft, and Scandinavian Airlines since May.
Open-source artificial intelligence compute framework Ray has been found to be impacted by a critical vulnerability, tracked as CVE-2023-48023, which could be exploited to facilitate unauthorized node access, according to SecurityWeek.
Vulnerability management: Finding and fixing fatal flaws
Reducing silos between Developers and AppSec in your Software Supply Chain with Snyk and ServiceNow
Vulnerability management: Finding and fixing your fatal flaws
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news