Items tagged with DDoS

If you thought that the massive DDoS attack earlier this month on Brian Krebs’ security blog was record-breaking, take a look at what just happened to France-based hosting provider OVH. OVH was the victim of a wide-scale DDoS attack that was carried via network of over 152,000 IoT devices. According to OVH founder and CTO Octave Klaba, the DDoS attack reached nearly 1 Tbps at its peak. Of those IoT devices participating in the DDoS attack, they were primarily comprised of CCTV cameras and DVRs. Many of these types devices' network settings are improperly configured, which leaves them ripe... Read more...
The web is becoming the wild, wild west all over again it seems. You could argue the Internet's always been a potentially dangerous place, but with the proliferation of smart devices becoming increasingly commonplace, cybercriminals now have more points of entry into home networks than ever before. Smart home automation gadgets collectively comprise much of what's referred to as the Internet of Things (IoT), and just like your PC, they can be silently hijacked and enlisted into a botnet, a malicious network of systems under the control of a foreign party. Individually, all these smart lighting,... Read more...
Today the bad guys have won. Not the war, mind you, but a skirmish with renowned security journalist Brian Krebs, author of The New York Times bestseller "Spam Nation," a former writer for the The Washington Post, and owner of KrebsOnSecurity, a popular security blog that's no longer live after cloud service provider Akamai gave Krebs just 2 hours to pack his things and leave. Of course, there's more to the story than that. Akamai isn't some evil company secretly working for the bad guys (we hope not, anyway). But it was providing free service to Krebs for his blog. You get what you pay for. In... Read more...
Researchers from the Negev Cyber-Security Research Center at Ben-Gurion University recently released a terrifying piece of news. It explains that if a malicious entity decided to craft malware that infected only a few thousand mobile phones, it would be possible to cripple an entire 911 system. That means legitimate calls couldn't make it through, and staffers manning the lines would be inundated with fake calls. The research published last week reveals that in most states, if as few as 6,000 mobile phones were infected with malware that serves no other purpose but... Read more...
Two 18-year-olds from Israel find themselves in hot water with the United States Federal Bureau of Investigation (FBI) for their alleged roles in running a lucrative attack service called vDOS. They're said to have earned over $600,000 in the past two years by helping customers coordinate over 150,000 Distributed Denial of Service (DDoS) attacks.Israeli authorities arrested the two teenagers, Itay Huri and Yarden Bidani, on Thursday as part of an investigation by the FBI. They were questioned and released the next day for what amounts to around $10,000 bond each. Authorities also seized their passports... Read more...
Have you ever seen a dog chase its own tail? That pretty much describes what's going on at BBC News this morning. The site suffered a pretty large distributed denial of service (DDoS) attack earlier today, one that knocked out the company's entire network and iPlayer streaming service, causing grief for web visitors who grew impatient with how long it took to restore service. As for the image of a dog chasing its own tail, it's based on BBC's reporting of the situation. The site posted a statement on Twitter in the early morning hours saying it was "aware of a technical issue" affecting its website,... Read more...
If you were having trouble connecting to the PlayStation Network yesterday, you might have the hacking group Lizard Squad to thank. An hour after the group's founder posted to Twitter that "itz bouta rain packets", Sony's "Ask PlayStation" account tweeted that it was investigating connectivity issues. Lizard Squad either delivered on its promise, or is trying to reap the benefits of a major coincidence. Video games are always a hot item on big shopping days like Black Friday, so it can be expected that networks like PSN are going to get hammered simply due to the fact that so many people are trying... Read more...
It's hard to argue that "Internet of Things" (IoT) devices can enrich our lives. From making it easier to moderate temperature in our homes to securing them, IoT is going to be a big part of our future. Unfortunately, that does lead to one problem: as more and more devices get rolled out, the inevitability is that we're going to encounter more and more vulnerabilities. Once such example is with security cameras, of which security firm Incapsula estimates there are 245 million operating around the world. This isn't the first time vulnerabilities have been discovered with such cameras. Back in 2013,... Read more...
If you have an Android smartphone running on AT&T or Verizon’s wireless network, you could be at the mercy of hackers according to a new advisory posted to the Carnegie Mellon University CERT database. The vulnerability, which was discovered by a group of South Korean researchers, targets LTE wireless networks. LTE uses packet switching instead of older circuit switching to transfer data back and forth over the Internet. The researchers say that the new packet switching allows malicious parties to use the SIP protocol to enable a new generation of attack vectors via wireless networks. ... Read more...
If we may impart some words of wisdom to our younger readers out there, it's to choose your role models carefully. It's a piece of advice that comes too late for half a dozen teenagers living in the U.K. who were arrested as part of a sting operation targeting users of hacking group Lizard Squad's Lizard Stresser tool. The Lizard Stresser tool is a piece of software that aids with Distributed Denial of Service (DDoS) attacks. These attacks typically consist of numerous infected systems pinging a single target with the intent of overwhelming the victim's server. Those arrested for using the tool... Read more...
It's not often that we learn of a DDoS attack that can be sourced from mobile devices, but as it happens, it's something that's possible on iOS devices not running the latest 8.3 software. The bug isn't exclusive to iOS, however. Because the 'Darwin Nuke' flaw exists in the Darwin kernel, the desktop OS X is also affected. To be protected there, an upgrade to 10.10.3 is required. It's unfortunately not mentioned when this bug first surfaced, but Kaspersky notes that affected devices include the iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad Air 2, iPad mini 2, and iPad mini - in effect, iOS... Read more...
Think stealing hundreds of thousands of dollars from an enterprise organization is difficult? You might be surprised after learning about how the 'Dyre' malware that IBM has been tracking operates. Like most malware, Dyre needs to infect a PC in order to work. This can be done via a number of different methods, but email is the most common. Once someone takes the bait, the waiting game begins for a bank transfer to be made. If the thieves behind Dyre are lucky enough to infect an important PC, an error message will be displayed in the event that a bank transfer is initiated, complete with a phone... Read more...
While so many of us were getting our college basketball on this weekend, Rutgers University was dealing with an entirely different kind of challenge in the form of a distributed denial-of-service (DDoS) attack. Triggered by the efforts of a malicious entity consisting of two or more people or bots, the intent of a DDoS is to indefinitely interrupt or suspend the services of a host connected to the Internet. The attack on the Rutgers computer networks apparently took place on Friday afternoon and originated in both China and Ukraine, according to NBC New York. In an email sent out Sunday to tens... Read more...
A mere two weeks after Google decided to pull the plug on Google Code, competitor GitHub is experiencing the "largest DDoS attack" in the site's history. While the company itself isn't coming out with it, Baidu acknowledges that a great deal of traffic is coming from China. On GitHub's site, we're told that the attack began on Thursday, and while a number of common attack vectors are being exploited, some new techniques have been brought in: namely, unsuspecting people are having their traffic rerouted and are in effect contributing to the attack. At this point, the blame points to China. GitHub... Read more...
1 2 3 Next