DDoS


NEWS

  • Multistage Attack Delivers BillGates/Setag Backdoor, Can Turn Elasticsearch Databases into DDoS Botnet ‘Zombies’

    July 23, 2019

    Elasticsearch is no stranger to cybercriminal abuse given its popularity and use to organizations. In fact, this year’s first quarter saw a surge of attacks — whether by exploiting vulnerabilities or taking advantage of security gaps — leveled against Elasticsearch servers. These attacks mostly deliveredcryptocurrency-mining malware, as in the case of one attack we saw last year. The latest attack we spotted deviates from the ...

  • AESDDoS Botnet Malware Infiltrates Containers via Exposed Docker APIs

    June 14, 2019

    Misconfiguration is not novel. However, cybercriminals still find that it is an effective way to get their hands on organizations’ computing resources to use for malicious purposes and it remains a top security concern. In this blog post, we will detail an attack type where an API misconfiguration in the open-source version of the popular DevOps tool ...

  • DDoS Attacks Ranked As Highest Threat by Enterprises

    February 22, 2019

    US and EMEA security professionals interviewed by the Neustar International Security Council (NISC) in January 2019 said that DDoS attacks are perceived as the highest threat to their organizations, with roughly half of their companies having been attacked in 2018. Another 75% of all professionals who took part in NISC’s study said that they are deeply concerned about “bot ...

  • Over 485,000 Ubiquiti devices vulnerable to new attack

    February 4, 2019

    Ubiquiti Networks is working on a fix for a newly discovered security issue affecting its devices that attackers have been exploiting since July last year. The issue impacts over 485,000 devices, according to an internet scan conducted by US cyber-security firm Rapid7. Mass-exploitation attacks were first spotted last week by Jim Troutman, co-founder of internet exchange point ...

  • Users of illegal websites targeted in joint law-enforcement activity

    January 29, 2019

    The National Crime Agency, working with law enforcement partners from 14 countries, has taken action against a number of cyber criminals website users linked to four million attacks across the globe. This latest action is part of Operation Power Off, which pursues those individuals and services responsible for committing or facilitating DDoS (Distributed Denial of Service) ...

  • Bit-and-Piece DDoS Method Emerges to Torment ISPs

    January 24, 2019

    Perpetrators are using smaller, bit-and-piece methods to inject junk into legitimate traffic, causing attacks to bypass detection rather than sounding alarms with large, obvious attack spikes. A pioneering distributed denial-of-service (DDoS) attack pattern has emerged, targeting internet service providers (ISPs) with something researchers have dubbed the bit-and-piece “Mongol” attack. The approach involves spreading out junk traffic across ...

  • DHS: Election officials inundated, confused by free cyber-security offerings

    October 29, 2018

    Election officials across the US are inundated and confused by the plethora of free cyber-security offerings that the private sector has made available in the past months, a Department of Homeland Security official said last week. According to a list compiled by CyberScoop, companies that have provided free tools and services to election officials include McAfee, Cylance, Cloudflare, Google’s Jigsaw, Synack, Akamai, Centrify, Microsoft, Valimail, Facebook, Symantec, Netscout, and 1Password. ...

  • New Zealand: Cyber attacks aimed at school websites surge

    October 28, 2018

    Schools are reporting an upsurge in cyber attacks, apparently from disgruntled students who are attacking school websites rather than pressing the fire alarm to disrupt classes. Network for Learning (N4L), a Crown company that provides internet services to 98 per cent of New Zealand schools, says six schools were targeted with “dozens of attacks” aimed at taking ...

  • DDoS Attacks Get Bigger, Smarter and More Diverse

    July 17, 2018

    DDoS attacks are relentless. New techniques, new targets and a new class of attackers continue to reinvigorate one of the internet’s oldest nemeses. Distributed denial of service attacks, bent on taking websites offline by overwhelming domains or specific application infrastructure with massive traffic flows, continue to pose a major challenge to businesses of all stripes. Being ...

  • Wicked Botnet Uses Passel of Exploits to Target IoT

    May 21, 2018

    Yet another variant of the Mirai botnet has appeared on the scene, but this one has a twist: The code is integrated with at least three exploits that target unpatched IoT devices, including closed-circuit cameras and Netgear routers. It also has ties to a web of other botnets, made for DDoS attacks, which can all ...

  • This new type of DDoS attack takes advantage of an old vulnerability

    May 15, 2018

    A newly-uncovered form of DDoS attack takes advantage of a well-known, yet still exploitable, security vulnerability in the Universal Plug and Play (UPnP) networking protocol to allow attackers to bypass common methods for detecting their actions. Attacks are launched from irregular source ports, making it difficult to determine their origin and blacklist the ports in order ...