Pandemiya is 25,000 lines of original password-pinching botnet badassery An RSA researcher claims to have found an entirely new trojan during his trawls of the criminal underground.…
Follow this link:
Entirely new trojan quietly wheeled into black hat forums
Update 7.26am PST (June 12) After initially giving the all-clear for business to resume, Feedly has announced that it’s currently suffering a second round of DDoS attacks. The company says in a blog post: “We are currently being targeted by a second DDoS attack and are working with our service providers to mitigate the issue. As with yesterday’s attack, your data is safe. We apologize for the inconvenience and will update this blog post as more information is available or the situation changes.” Update 3:40PM PT: Feedly has posted on its blog that it has neutralized the DDoS attack as of 3:07PM PT. “You should now be able to access your feedly from both feedly.com, mobile apps and third party applications. Our ops team is closely monitoring the situation in case the attacks resume. It might take a few hours for some of the 40 million feeds we poll to be fully updated. We would like to re-iterate that none of your data was compromised by this attack.” Original post below: If you’ve been having issues accessing your RSS feed via Feedly today, well, there’s a good reason for that. Feedly has announced that it’s currently suffering a DDoS (distributed denial-of-service) attack, with the perpetrator(s) attempting to garner money from the company to make it stop. “We refused to give in and are working with our network providers to mitigate the attack as best as we can,” explains Edwin Khodabakchian, founder and CEO of Feedly. Feedly is assuring its users that their data remains safe, and access will be restored once the “attack is mitigated.” Other companies have been affected by a DDoS too, as Feedly alludes to when it says “we are working in parallel with other victims of the same group and with law enforcement.” Just yesterday, Evernote reported it had been subjected to a similar attack, though it was quickly restored. It’s not clear whether this is directly related to the current attack on Feedly. We’ll update here when we receive any updates. Source: http://thenextweb.com/insider/2014/06/11/feedly-suffers-ddos-attack-perpetrator-tries-extort-money/
More here:
Feedly suffers second round of DDoS attacks after perpetrator tried to extort money
Various websites associated to the World Cup have been struck by a distributed denial of service (DDoS) attack ahead of the tournament’s opening match on Thursday. The official government World Cup website has been down for more than a day, as well as the websites of some host states. Hacking collective Anonymous has claimed responsibility for the attacks. The hacker group has published a list of over 60 websites that have successfully taken down and are still offline at the time of writing, including as the Brazil website of recording giant Universal Music. Public figures that are perceived by the hackers as supportive of the government and the World Cup are also being targeted. Various performers such as Caetano Veloso, Mariana Aydar, and Filipe Catto have had the content of their websites replaced by anti-FIFA messages or taken down. Last month, the internal communications system of the Brazilian Ministry of External Relations was also hacked, with a possible leak of confidential information. Even though Anonymous has not claimed direct responsibility for the attack, it has released a YouTube video justifying it and citing general dissatisfaction with the World Cup. Back in February, the hackers said they were preparing for a string of cyberattacks to FIFA and sponsor websites during the World Cup, including DDoS attacks, as well as website defacement and data theft. The Anonymous group has vowed to continue the attacks and is posting regular updates on Twitter under the hashtags #OpHackingCup and #OpWorldCup. Source: http://www.zdnet.com/world-cup-websites-struck-down-by-ddos-attacks-7000030479/#ftag=RSSbaffb68
See the article here:
World Cup websites struck down by DDoS attacks
Feedly, one of the most popular post-Google Reader RSS readers, has been unavailable for hours due to a denial of service attack against the site. According to a post on Feedly’s blog, whoever is perpetrating the attack is trying to extort money from the company, but it “refused to give in.” Feedly is currently working on infrastructure changes that will prevent this kind of thing from happening in the future. I have long been of the opinion that denial of service attacks – the process of flooding a website with so many requests for web pages that it essentially becomes overwhelmed and stops working – doesn’t really qualify as hacking. It doesn’t grant the person doing it with access to anyone’s data. In fact, it doesn’t really have any effect on the data at all. It’s more like a sit-in, effectively shutting down a business by blocking access. Don’t get me wrong, it’s a nuisance. If I were the owners of Feedly, I’d be apoplectic. But I think if no data is stolen or damaged, the punishments for these types of behaviors generally exceeds the seriousness of the crime. Extortion, on the other hand, is a different thing entirely. Here’s hoping Feedly is back on its feet soon. Source: http://www.onthemedia.org/story/rss-reader-feedly-being-held-hostage-ddos-attack/
Continue Reading:
RSS Reader Feedly is Being Held Hostage By a DDOS Attack
RSS bods stand up to cyber creeps News aggregator Feedly has been knocked offline by a distributed denial of service (DDoS) attack after refusing to pay criminals to stop the attack.…
More here:
Feedly DDoSed by ransom-threat crims: ‘We refused to give in’
The popular online notes and web clippings saving service Evernote has suffered disruption after coming under cyberattack. The firm said it was hit by a distributed denial of service attack that began on Tuesday. Some members were temporarily unable to synchronise their filings from one device to another while it continued. The California-based company announced last month that it had more than 100 million users. Distributed denial of service (DDoS) attacks are caused by what can be thousands of computers sending huge amounts of data to a target’s servers in an effort to overwhelm them. This sometimes involves hijacked PCs – whose owners may be unaware of their involvement – in what is known as a botnet. This is not the first time the storage service has been compromised. In 2013 it said hackers had managed to access user names, email addresses and encrypted passwords. However, it appears that the latest cyber-assault is more limited. Spokeswoman Ronda Scott told the BBC that the cyber-assault, caused by an unknown perpetrator, began at 14:25 local time [22:25 BST] on Tuesday and had not yet ended. “We continue to mitigate the effects of the attack, but have successfully returned Evernote to service,” she added. “As is the nature of DDoS attacks, there was no data loss, and no accounts were compromised.” Source: http://www.bbc.com/news/technology-27790068
Streaming music service Deezer experienced several hours of downtime this weekend just gone, thanks, apparently, to one of those Distributed Denial Of Service attacks that were so fashionable a few years back. The source of the DDoS isn’t clear, but the streaming service says its servers were first targeted on Friday, with no real impact, but that a high level attack occurred on Saturday afternoon, taking the service offline on all platforms. DDoS attacks swamp a server with traffic so that it crashes under the weight. Deezer bosses say that while the DDoS was enough to force their service offline, no data was accessed by the attackers. The company’s IT experts identified the course of the problem and put in place measures to limit the impact of the DDoS, so that even though the server attack continued through Sunday, the service has been back online since just after midnight Saturday night. Deezer Founder Daniel Marhely said yesterday in a message to users: “As soon as we became aware of the issue we launched an investigation. We assigned ten staff members to the incident and worked to get the service back up, fuelled by a winning mix of adrenalin and pizza. The method of attack was quickly identified and actions were taken to minimise the impact on the service. We regularly adapted solutions to the changing methods of attack. New protective measures (filters to distinguish between normal incoming traffic and flooding traffic from the attack) were set up by our team, and the attacks finally stopped around 00.22 GMT”. Stressing that no user data had leaked during the attack, the Deezer man went on: “We apologise for any inconvenience. We’re continuing to investigate and are working hard on measures to counter this type of attack in the future. We have taken steps to strengthen our servers and security systems and will continue to do so. Thanks for your patience. We really appreciated your kind messages and encouraging tweets throughout the weekend”. Source: http://www.completemusicupdate.com/article/ddos-attack-takes-deezer-offline/
Original post:
DDoS attack takes Deezer offline
The “National Strategic Assessment of Serious and Organised Crime 2014”, published in May by the UK National Crime Agency, listed DDoS as a major concern for business critical systems for the first ti…
See the article here:
Winning the war on web stealth attacks
Distributed denial of service (DDoS) attacks attempt to flood a server with so many requests that they render a website useless. The effects are many, from lost customer conversions and revenue to punished SEO ranking and blacklisting. The reality is that DDoS attack methods and the criminals behind them are evolving. Understanding this evolution is key to making sure companies that place any sort of importance on their websites stay protected. The type and style of attack is changing – there are headless browsers and application layer attacks, and DDoS attacks as cover for more sinister cyberattacks. Every reseller with security in the portfolio needs to understand that DDoS is not a static problem that can be dealt with and then ignored. It changes, and the tactics for defending against this type of attack need to advance even faster. Better general awareness about DDoS attacks has forced attackers to develop new ways to get around the basic defences. Media attention on high-profile DDoS attacks attracts activists with a message. Groups try to outdo one another in a bid for attention. A growing variety of coding practices, web platforms and web design features have multiplied the number of variables which can result in application exploits, rendering a website useless. With more access to high-CPU devices available through the cloud and dedicated hosting, DDoS attackers can now use those CPUs to run more sophisticated attacks. For these reasons, we are seeing more sophistication in attack style, meaning there is less volume and attackers are targeting very specific vulnerabilities in a website by doing their homework to make sure they target the weakest points. One of the stealthiest methods is headless browsers. These can be a clever way for cybercriminals to get around standard DDoS protection and masquerade as legitimate web traffic. The kit itself is used for programmers to test their websites, so to all intents and purposes, it is a legitimate browser web kit, just modified to run a series of queries and target basic web user interfaces. Detection is difficult and stopping a headless browser DDoS attack can take a trained professional to spot and remediate it. Importantly, with headless browsers Javascript and Captcha can be processed and can jump through the hoops, as it were, of the website, as it was designed for testing. This will be a big problem for more traditional DDoS protection, such as box solutions. What will be most effective here is real-time support, where there is a human involved who can develop some rule sets to determine what is going on and implement the modules within seconds. Application layer attacks are also becoming more prevalent, although you might not even notice them, if you don’t know what you are looking for. Attackers are getting better at reconnaissance and research, facilitating smarter attacks that can keep the volume low and under the radar, meanwhile killing the site in the background and fooling IT into spending time on the wrong part of the site when it is down. It is these application attacks and headless browser attacks that we see as the biggest concern for the future. I can only surmise that media hype is fuelling the focus on volumetric DDoS attacks, which is where the industry seems to be concentrating to meet customer expectations. Actually there is a rise in application attacks and we should be educating companies about these threats, as they indicate serious consequences for businesses that place any sort of importance on their websites. Jag Bains is chief technology officer of DOSarrest Source: http://www.channelweb.co.uk/crn-uk/opinion/2348218/facing-a-criminal-denial-of-service
See the original post:
Facing a criminal DDoS attack
“We’re looking at what we can do to make sure this won’t happen again. We’re sorry. I’ve had no sleep for two days” – Tony Neate, GSO chief executive During the first hour after the National Crime Agency (NCA) advised Internet users to check out the Get Safe Online web site in the wake of the Gameover Zeus/CryptoLocker botnet takedown, the site suffered what some have described as an unintended DDoS attack. The reality for most users who heeded the 2pm Monday call was that site either froze as they were trying to access it, or simply became inaccessible as too many people overloaded the site server’s access facility. Get Safe Online (GSO) has blamed the effective outage as simply down to the fact that two many people were trying to access the site at the same time. As a result, the servers could not complete the IP requests, resulting in an outage lasting two days, until late yesterday. This was despite the site operators moving swiftly to quadruple site capacity. Tony Neate, GSO’s chief executive – the man who set up the company back in 2006 after a 30-year career in the Police – told the BBC newswire that it is important for people to realise that this has been a learning curve for him and his team. “We’re looking at what we can do to make sure this won’t happen again. We’re sorry. I’ve had no sleep for two days,” he said. GSO is a jointly funded operation supported by the UK government and a variety of commercial sponsors, including Barclays, NatWest, Kaspersky Lab and PayPal. The idea behind the site is that it is a one-stop shop for cybersecurity safety for individuals and small businesses. Sean Power, security operations manager with DOSarrest, the DDoS remediation specialist, said that the overload of GSO is a great example of the `Slashdot effect’ or the `Reddit hug of death.’ This, he explained, is where a site’s sudden popularity – usually initiated by reference in a popular community site – is more than the infrastructure can handle. “This is akin to a small cart vendor opening a free money stall in Times Square,” he said, adding that the nett effect is a sudden denial of service that is both unintentional and unexpected. It is, says Power, vital that a denial-of-service incident response team is able to tell the difference between a malicious attack and a sudden dramatic increase in popularity, because you will want to treat the two situations very differently. “For this reason many firms elect to employ a seasoned denial-of-service mitigation company who have the expertise to make this distinction – and act accordingly to ensure that the site is up and available to all legitimate visitors,” he said.” “One of the added advantages of having a good distributed-denial-of-service protection provider is their ability to handle extremely large legitimate requests, whereby the customer gets to leverage their caching and distributed architecture,” he added. Source: http://www.scmagazineuk.com/get-safe-online-suffers-ddos-attack/article/351148/
Continue reading here:
Get Safe Online suffers ‘DDoS’ attack