DDoS


NEWS

  • How it works: The novel HTTP/2 ‘Rapid Reset’ DDoS attack

    October 10, 2023

    A number of Google services and Cloud customers have been targeted with a novel HTTP/2-based DDoS attack which peaked in August. These attacks were significantly larger than any previously-reported Layer 7 attacks, with the largest attack surpassing 398 million requests per second. The attacks were largely stopped at the edge of our network by Google’s ...

  • IZ1H9 Campaign Enhances Its Arsenal with Scores of Exploits

    October 9, 2023

    In September 2023, our FortiGuard Labs team observed that the IZ1H9 Mirai-based DDoS campaign has aggressively updated its arsenal of exploits. Thirteen payloads were included in this variant, including D-Link devices, Netis wireless router, Sunhillo SureLine, Geutebruck IP camera, Yealink Device Management, Zyxel devices, TP-Link Archer, Korenix Jetwave, and TOTOLINK routers. Based on the trigger counts ...

  • Hacktivist attacks erupt in Middle East following Hamas assault on Israel

    October 9, 2023

    Groups range from known collectives to new outfits eager to raise their profile Hacktivism efforts have proliferated rapidly in the Middle East following the official announcement of a war between Palestine and Israel.… The escalation was spurred by a deadly attack on a music festival by Hamas, along with abductions and killings across scores of Israeli ...

  • Russia: Leonardo’s air booking system resumes after cyberattack

    September 28, 2023

    Russian state conglomerate Rostec said on Thursday it had restored normal operations at its Leonardo air booking system following what it called a “massive cyberattack from abroad”. “The cyberattack has been successfully repelled,” Rostec said in a statement. It described the incident as a Distributed Denial-of-Service (DDoS) Attack”, in which the attacker floods a server with ...

  • Deleting Your Way Into SYSTEM: Why Arbitrary File Deletion Vulnerabilities Matter

    September 11, 2023

    Windows arbitrary file deletion vulnerabilities should no longer be considered mere annoyances or tools for Denial-of-Service (DoS) attacks. Over the past couple of years, these vulnerabilities have matured into potent threats capable of unearthing a portal to full system compromise. This transformation is exemplified in CVE-2023-27470 (an arbitrary file deletion vulnerability in N-Able’s Take Control Agent ...

  • CISA Releases Capacity Enhancement Guide to Strengthen Agency Resilience to DDoS Attack

    September 6, 2023

    CISA has released actionable guidance for Federal Civilian Executive Branch (FCEB) agencies to help them evaluate and mitigate the risk of volumetric distributed denial-of-service (DDoS) attacks against their websites and related web services. The Capacity Enhancement Guide: Volumetric DDoS Against Web Services Technical Guidance: Helps agencies prioritize DDoS mitigations based on mission and reputational impact. Describes DDoS ...

  • German Banking Regulator BaFin’s Website Hit by Cyber Attack

    September 4, 2023

    German banking regulator BaFin said its website has only been partially accessible since Friday after a so-called distributed denial of service attack. BaFin took security and defensive measures after the attack which also restrict access to the website, according to a spokeswoman. All of BaFin’s other systems are working without disruption, she said. Read more… Source: Yahoo! News  

  • Anonymous Sudan hacks X to put pressure on Elon Musk over Starlink

    August 31, 2023

    A hacking group called Anonymous Sudan took X, formerly known as Twitter, offline in more than a dozen countries on Tuesday morning in an attempt to pressurise Elon Musk into launching his Starlink service in their country. X was down for more than two hours, with thousands of users affected. “Make our message reach to Elon ...

  • KillNet Showcases New Capabilities While Repeating Older Tactics

    July 20, 2023

    In early 2022, Mandiant predicted that Russian cyber threat activity associated with the invasion of Ukraine would affect government and private sector targets in third-party countries, particularly neighboring countries, North Atlantic Treaty Organization (NATO) allies, and other nations voicing support for Ukraine. Russian government-linked actors have historically employed false hacktivist facades as a means of ...

  • DDoS Botnets Target Zyxel Vulnerability CVE-2023-28771

    July 19, 2023

    In June 2023, FortiGuard Labs detected the propagation of several DDoS botnets exploiting the Zyxel vulnerability (CVE-2023-28771). This vulnerability is characterized by a command injection flaw affecting multiple firewall models that could potentially allow an unauthorized attacker to execute arbitrary code by sending a specifically crafted packet to the targeted device. The severity of this flaw, ...

  • DDoS threat report for 2023 Q2

    July 18, 2023

    The second quarter of 2023 was characterized by thought-out, tailored and persistent waves of DDoS attack campaigns on various fronts, including: Multiple DDoS offensives orchestrated by pro-Russian hacktivist groups REvil, Killnet and Anonymous Sudan against Western interest websites. An increase in deliberately engineered and targeted DNS attacks alongside a 532% surge in DDoS attacks exploiting the Mitel ...