• Microsoft Azure and Outlook outages were caused by DDoS attacks

    June 19, 2023

    Microsoft has confirmed that outages to its Azure and Outlook services were caused by DDoS attacks, which the company puts down to the threat actor that it tracks as Storm-1359. This follows the tech giant’s new nomenclature for threats, whereby Storm denotes a group that is in development. Otherwise known as Anonymous Sudan, it is said ...

  • Decade Old DDoS-for-Hire Service Taken Down, Administrators Arrested

    June 19, 2023

    Polish authorities took down a DDoS-for-hire service that’s been around for a decade following an investigation with support of the FBI, Europol and law enforcement agencies from Germany, Belgium and the Netherlands. DDoS attacks are always a nuisance, but they can inflict serious damage to companies and organizations. The simple fact that a webpage or a ...

  • Rosenergoatom official says Zaporozhye NPP has to deal with daily cyberattacks

    June 15, 2023

    Every day, the Zaporozhye nuclear power plant (ZNPP) has to deal with cyberattacks, an adviser to the director general of Russia’s Rosenergoatom nuclear power engineering company has said. “Every day, networks of the Rosenergoatom concern, of the Rosatom state corporation and of the plant’s operating company, JSC Zaporozhye NPP, are subjected to powerful DDoS attacks,” Renat ...

  • Senegalese government websites hit with cyber attack

    May 27, 2023

    A group of hackers called Mysterious Team made multiple Senegalese government websites go offline overnight on Friday by hitting them with denial-of-service (DDoS) attacks, a government spokesperson said. The group claimed responsibility for the cyber attacks in a series of Twitter posts using the hashtag #FreeSenegal used by campaigners alleging political repression in Senegal. Read more… Source: Reuters  

  • Abuse of the Service Location Protocol May Lead to DoS Attacks

    April 25, 2023

    The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated remote attacker to register arbitrary services. This could allow an attacker to use spoofed UDP traffic to conduct a denial-of-service (DoS) attack with a significant amplification factor. Researchers from Bitsight and Curesec have discovered a way to abuse SLP—identified as CVE-2023-29552—to conduct high amplification factor DoS ...

  • European air traffic control confirms website ‘under attack’ by pro-Russia hackers

    April 22, 2023

    Europe’s air-traffic agency appears to be the latest target in pro-Russian miscreants’ attempts to disrupt air travel. Eurocontrol confirmed on Friday its website has been “under attack” since April 19, and said “pro-Russian hackers” had claimed responsibility for the disruption. Read more… Source: The Register  

  • DDoS attacks shifting to VPS infrastructure for increased power

    April 12, 2023

    Hyper-volumetric DDoS (distributed denial of service) attacks in the first quarter of 2023 have shifted from relying on compromised IoT devices to leveraging breached Virtual Private Servers (VPS). According to internet security company Cloudflare, the newer generation of botnets gradually abandoned the tactic of building large swarms of individually weak IoT devices and are now shifting ...

  • New ‘HinataBot’ botnet could launch massive 3.3 Tbps DDoS attacks

    March 19, 2023

    A new malware botnet was discovered targeting Realtek SDK, Huawei routers, and Hadoop YARN servers to recruit devices into DDoS (distributed denial of service) swarm with the potential for massive attacks. The new botnet was discovered by researchers at Akamai at the start of the year, who caught it on their HTTP and SSH honeypots, seen ...

  • KillNet and affiliate hacktivist groups targeting healthcare with DDoS attacks

    March 17, 2023

    In the last year, geopolitical tension has led to an uptick of reported cybercrime events fueled by hacktivist groups. The US Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn organizations about these attacks and teamed with the FBI on a distributed denial-of-service (DDoS) response strategy guide. KillNet, a group that the US ...

  • Fortinet warns of new critical unauthenticated RCE vulnerability

    March 8, 2023

    Fortinet has disclosed a “Critical” vulnerability impacting FortiOS and FortiProxy, which allows an unauthenticated attacker to execute arbitrary code or perform denial of service (DoS) on the GUI of vulnerable devices using specially crafted requests. This buffer underflow vulnerability is tracked as CVE-2023-25610 and has a CVSS v3 score of 9.3, rating it critical. This type ...

  • 2022 in review: DDoS attack trends and insights

    February 21, 2023

    As organizations strengthen their defenses and take a more proactive approach to protection, attackers are adapting their techniques and increasing the sophistication of their operations. Cybercrime continues to rise with the industrialization of the cybercrime economy providing cybercriminals with greater access to tools and infrastructure. In the first half of 2022, the cyberthreat landscape was focused ...