October 10, 2023
A number of Google services and Cloud customers have been targeted with a novel HTTP/2-based DDoS attack which peaked in August. These attacks were significantly larger than any previously-reported Layer 7 attacks, with the largest attack surpassing 398 million requests per second. The attacks were largely stopped at the edge of our network by Google’s ... October 9, 2023
In September 2023, our FortiGuard Labs team observed that the IZ1H9 Mirai-based DDoS campaign has aggressively updated its arsenal of exploits. Thirteen payloads were included in this variant, including D-Link devices, Netis wireless router, Sunhillo SureLine, Geutebruck IP camera, Yealink Device Management, Zyxel devices, TP-Link Archer, Korenix Jetwave, and TOTOLINK routers.
Based on the trigger counts ... October 9, 2023
Groups range from known collectives to new outfits eager to raise their profile Hacktivism efforts have proliferated rapidly in the Middle East following the official announcement of a war between Palestine and Israel.…
The escalation was spurred by a deadly attack on a music festival by Hamas, along with abductions and killings across scores of Israeli ... September 28, 2023
Russian state conglomerate Rostec said on Thursday it had restored normal operations at its Leonardo air booking system following what it called a “massive cyberattack from abroad”. “The cyberattack has been successfully repelled,” Rostec said in a statement.
It described the incident as a Distributed Denial-of-Service (DDoS) Attack”, in which the attacker floods a server with ... September 11, 2023
Windows arbitrary file deletion vulnerabilities should no longer be considered mere annoyances or tools for Denial-of-Service (DoS) attacks. Over the past couple of years, these vulnerabilities have matured into potent threats capable of unearthing a portal to full system compromise.
This transformation is exemplified in CVE-2023-27470 (an arbitrary file deletion vulnerability in N-Able’s Take Control Agent ... September 6, 2023
CISA has released actionable guidance for Federal Civilian Executive Branch (FCEB) agencies to help them evaluate and mitigate the risk of volumetric distributed denial-of-service (DDoS) attacks against their websites and related web services. The Capacity Enhancement Guide: Volumetric DDoS Against Web Services Technical Guidance:
Helps agencies prioritize DDoS mitigations based on mission and reputational impact.
Describes DDoS ... September 4, 2023
German banking regulator BaFin said its website has only been partially accessible since Friday after a so-called distributed denial of service attack.
BaFin took security and defensive measures after the attack which also restrict access to the website, according to a spokeswoman. All of BaFin’s other systems are working without disruption, she said.
Read more…
Source: Yahoo! News
August 31, 2023
A hacking group called Anonymous Sudan took X, formerly known as Twitter, offline in more than a dozen countries on Tuesday morning in an attempt to pressurise Elon Musk into launching his Starlink service in their country.
X was down for more than two hours, with thousands of users affected. “Make our message reach to Elon ... July 20, 2023
In early 2022, Mandiant predicted that Russian cyber threat activity associated with the invasion of Ukraine would affect government and private sector targets in third-party countries, particularly neighboring countries, North Atlantic Treaty Organization (NATO) allies, and other nations voicing support for Ukraine. Russian government-linked actors have historically employed false hacktivist facades as a means of ... July 19, 2023
In June 2023, FortiGuard Labs detected the propagation of several DDoS botnets exploiting the Zyxel vulnerability (CVE-2023-28771).
This vulnerability is characterized by a command injection flaw affecting multiple firewall models that could potentially allow an unauthorized attacker to execute arbitrary code by sending a specifically crafted packet to the targeted device. The severity of this flaw, ... July 18, 2023
The second quarter of 2023 was characterized by thought-out, tailored and persistent waves of DDoS attack campaigns on various fronts, including:
Multiple DDoS offensives orchestrated by pro-Russian hacktivist groups REvil, Killnet and Anonymous Sudan against Western interest websites.
An increase in deliberately engineered and targeted DNS attacks alongside a 532% surge in DDoS attacks exploiting the Mitel ...