A distributed denial-of-service attack targeting a DDoS mitigation vendor somewhere in Western Europe has been spotted and mitigated by FastNetMon.
The firm says the attack peaked at a massive 1.5 billion packets per second, making it one of the largest packet-rate floods confirmed to date. FastNetMon says that the traffic was mainly a UDP flood sourced from compromised customer-premises equipment, including IoT devices and MikroTik routers.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Azov Ransomware is a wiper, destroying data 666 bytes at a time
November 7, 2022
The Azov Ransomware continues to be heavily distributed worldwide, now proven to be a data wiper that intentionally destroys victims’ data and infects other programs. Last month, a threat actor began distributing malware called ‘Azov Ransomware’ through cracks and pirated software that pretended to encrypt victims’ files. However, instead of providing contact info to negotiate a ransom, ...
- DDoS attacks in Q3 2022
November 7, 2022
In Q3 2022, DDoS attacks were, more often than not, it seemed, politically motivated. As before, most news was focused on the conflict between Russia and Ukraine, but other high-profile events also affected the DDoS landscape this quarter. The pro-Russian group Killnet, active since January 2022, took the responsibility for several more cyberattacks. According to the ...
- Robin Banks phishing service returns to steal banking accounts
November 4, 2022
The Robin Banks phishing-as-a-service (PhaaS) platform is back in action with infrastructure hosted by a Russian internet company that offers protection against distributed denial-of-service (DDoS) attacks. Robin Banks faced operational disruption in July 2022, when researchers at IronNet exposed the platform as a highly threatening phishing service targeting Citibank, Bank of America, Capital One, Wells Fargo, ...
- OPERA1ER APT in Africa
November 3, 2022
In 2019, Group-IB Threat Intelligence team detected a series of targeted attacks on financial organizations in Africa. Later in 2020, our professionals in collaboration with Orange, managed to piece together the seemingly disparate attacks into a single timeline and successfully attribute them to the threat actor codenamed OPERA1ER (also known as DESKTOP-GROUP, Common Raven, NXSMS). In ...
- Stopping C2 communications in human-operated ransomware through network protection
November 3, 2022
Command-and-control (C2) servers are an essential part of ransomware, commodity, and nation-state attacks. They are used to control infected devices and perform malicious activities like downloading and launching payloads, controlling botnets, or commanding post-exploitation penetration frameworks to breach an organization as part of a ransomware attack. Blocking these communications can mitigate attacks, sometimes before they’re ...
- Black Basta ransomware gang linked to the FIN7 hacking group
November 3, 2022
Security researchers at Sentinel Labs have uncovered evidence that links the Black Basta ransomware gang to the financially motivated hacking group FIN7, also known as “Carbanak.” When analyzing tools used by the ransomware gang in attacks, the researchers found signs that a developer for FIN7 has also authored the EDR (Endpoint Detection and Response) evasion tools ...

