• Cloudflare says it stopped the largest DDoS attack ever reported

    August 27, 2021

    Cloudflare said it’s system managed to stop the largest reported DDoS attack in July, explaining in a blog post that the attack was 17.2 million requests-per-second, three times larger than any previous one they recorded. Cloudflare’s Omer Yoachimik explained in a blog post that the company serves over 25 million HTTP requests per second on average ...

  • DDoS attacks in Q2 2021

    July 28, 2021

    In terms of big news, Q2 2021 was relatively calm, but not completely eventless. For example, April saw the active distribution of a new DDoS botnet called Simps — the name under which it introduced itself to owners of infected devices. The malware creators promoted their brainchild on a specially set-up YouTube channel and Discord ...

  • TeamTNT Campaigns Emphasize Importance of Addressing Cloud Security Gaps

    July 20, 2021

    Having covered TeamTNT in several of our blog entries over the past couple of years, we embarked on a research that encompasses the malicious actor group’s campaigns, tools, and techniques in 2020 and early 2021. Although believed to have been active since 2011, TeamTNT stayed under the radar for many years before exploding onto the scene ...

  • DDoS attack registered on Russian Defense Ministry website

    July 16, 2021

    The official website of the Russian Defense Ministry is down due to a DDoS attack, a source in the law enforcement informed TASS on Friday. “Specialists from the defense ministry are repelling a DDoS attack on the official website of the Defense Ministry,” the source said. Read more… Source: TASS  

  • DarkSide Hits Toshiba; XSS Forum Bans Ransomware

    May 17, 2021

    For a ransomware gang whose servers were purportedly commandeered last week, DarkSide has had a server-fueled weekend, with a reported hit on Toshiba Business. Late on Thursday night came a post to the “Exploit” underground forum that looked, at least, to be from DarkSide. It described how the gang’s blog, payment processing and denial-of-service (DoS) servers ...

  • Ireland: Health service IT systems forced to shut down after ‘fairly sophisticated’ cyber attack

    May 14, 2021

    Health service IT systems have been shutdown today following a cyber attack that the HSE believes was carried out by international criminals seeking to extort money . The HSE said the main attack began at around 4.30am on Friday and that IT staff switched off systems as a “precaution” in order to protect data and give ...

  • Wormable Windows Bug Opens Door to DoS, RCE

    May 11, 2021

    Microsoft’s May Patch Tuesday release addressed a modest 55 cybersecurity vulnerabilities, including just four critical bugs. It’s the smallest monthly update from the computing giant since 2020, but it does contain a patch for a concerning wormable vulnerability found in the Windows OS. The good news is that none of the vulnerabilities are being actively exploited ...

  • DDoS attacks in Q1 2021

    May 10, 2021

    Q1 2021 saw the appearance of two new botnets. News broke in January of the FreakOut malware, which attacks Linux devices. Cybercriminals exploited several critical vulnerabilities in programs installed on victim devices, including the newly discovered CVE-2021-3007. Botnet operators use infected devices to carry out DDoS attacks or mine cryptocurrency. Another active bot focused on Android devices with the ADB ...

  • New TsuNAME DNS bug allows attackers to DDoS authoritative DNS servers

    May 6, 2021

    Attackers can use a newly disclosed domain name server (DNS) vulnerability publicly known as TsuNAME as an amplification vector in large-scale reflection-based distributed denial of service (DDoS) attacks targeting authoritative DNS servers. In simpler terms, authoritative DNS servers translate web domains to IP addresses and pass this info to recursive DNS servers that get queried by ...

  • 800Gbps DDoS extortion attack hits gambling company

    March 31, 2021

    Distributed denial-of-service (DDoS) attacks started strong this year, setting new records and taking the extortion trend that started last August to the next level. Internet security services company Akamai has already dealt with the largest known ransom DDoS (RDDoS) attack, which was also more complex than previously seen incidents of the same type. Bigger, more complex RDDoS Akamai ...

  • New ZHtrap botnet malware deploys honeypots to find more targets

    March 12, 2021

    A new botnet is hunting down and transforming infected routers, DVRs, and UPnP network devices into honeypots that help it find other targets to infect. The malware, dubbed ZHtrap by the 360 Netlab security researchers who spotted it, is loosely based on Mirai’s source code, and it comes with support for x86, ARM, MIPS, and other ...