figures
Blog

The New Okiru Mirai Botnet, Spectre Is Slowing Down eCommerce Websites And More In This Weeks News

Dr. Eduardo Rocha
22.01.2018
image 2 Min read

Okiru Mirai has the potential to launch the biggest DDoS attack ever

The story about the Mirai botnet isn’t over even though the creators were arrested and jailed. The original source code for Mirai is still openly available on the internet and a new version, dubbed the Okiru Mirai, has appeared. This version hijacks devices that run on ARC (Argonaut RISC Core) embedded processors (which is different from previous Mirai versions that were targeting CPU architectures). ARC powered devices, being that ARC is the world’s second most popular CPU core that’s being shipped in more than 2 billion products every year including cameras, mobile, utility meters, televisions, flash drives and more have the potential to run the most brutal DDoS attack the security landscape has seen so far.

Image Source

Read more: The Hacker News

Spectre patch is affecting the CPU speed of eCommerce websites

Even though Meltdown, the vulnerability closely related to Spectre that infects Intel processors, has been successfully patched – Spectre is still generating some problems. The actual problem isn’t the threat, it’s the patches that are combating the threat. Newly released patches are slowing down websites by using up a lot of CPU power resulting in an estimate of 5% to 30% performance degradation. eCommerce companies should be watching their CPU usage from now on and consult with their cloud providers on the timeline of these patches.

Image Source

Read more: Yottaa

State of app delivery 2018

f5 published a study about the state of app delivery in 2018 where they surveyed 626 security professionals. Some of the most important findings are that most survey participants enlisted security as the most crucial requirement before deploying an app along with availability.

Image Source

Read more: f5 Blog, State of App Delivery 2018 Download

NSA spying bill gets the green light

One of interesting news this week is the fact that the NSA’s (National Security Agency) warrantless Internet surveillance program is officially extended for the next 6 years. This ends a year long debate in the US Congress over the scope of US intelligence collection which was largely influenced by Edward Snowden back in 2013.

“The intelligence community and the Justice Department depend on these vital authorities to protect the homeland and keep Americans safe”
– Mitch McConnell (Republican and Senate Majority Leader)

Image Source

Read more: Hacking Threat

Google, Cloudflare and Fastly continue to add PoPs and expand their network capacity

2018 has started with announcements from Google, Cloudflare and Fastly about overseas expansions of their Points of Presence (PoPs) and growth in network capacity and infrastructure. Following the announcements, Google has added five new regions and three new subsea cables to their infrastructure, Cloudflare announced their 120th data center in Salt Lake City and Fastly announced 46 PoPs and 20Tbps of connected edge capacity.

Image Source

Read more: Bizety

Comments

0 comments

There’s more to see

slider item
Your Innovation Feed

eBook: Don’t Fortify, Amplify: The New Cloud Security Stack

Steven Puddephatt 25.11.21

2021’s Security leaders deal with everything from cloud-native insider threats to staying one step ahead of the unknown. While the cloud is made to amplify and speed up core business processes, the pressure to fortify cloud-borne assets from possible cyber threats painfully slows things down.  GlobalDots harnessed its 17-year cloud security experience to rethink cloud […]

Read more
slider item
Identity & Access Management (IAM)

How IT can Breeze through Onboardings without Additional Hirings

Dror Arie

Which IT Nuisance Would You Automate First? Employee onboarding is one of the heaviest, most complex operations on a company’s IT. This is especially true in fast-growing companies that may see multiple onboardings per day. And, of course, the wider a company’s software tools array, the more accounts to create and permissions to manage. In […]

Read more
slider item
Cloud Workload Protection

GlobalDots Partners with CWP Innovator Lacework

Li-Or Amir 23.11.21

In its constant endeavor to enrich its cloud security offering with the latest innovation, GlobalDots has recently introduced security unicorn Lacework to its vendor portfolio. Founded in 2015, Lacework offers a cloud security monitoring platform which brings together some of today’s top needs: Workload protection, container & K8s security, compliance monitoring. Last weekend (Nov. 18th, […]

Read more

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.
Contact us
figure figure figure figure figure