Category Archives: DDoS Criminals

Hackers who DDoSed African telecom and US hospital get long prison sentences

Two men who launched DDoS attacks against a variety of targets have received substantial prison sentences on Friday. Attacks against Liberian telecom 30-year-old Daniel Kaye (aka “BestBuy”), from Egham, Surrey (UK) has been sentenced to spend 2 years and 8 months in prison for DDoS attacks targeting the Liberian telecommunications provider Lonestar MTN in 2015. According to the UK National Crime Agency (NCA), Kaye first used rented botnets and stressor services to attack Lonestar. He … More ? The post Hackers who DDoSed African telecom and US hospital get long prison sentences appeared first on Help Net Security .

See the original article here:
Hackers who DDoSed African telecom and US hospital get long prison sentences

Brit hacker hired by Liberian telco to nobble rival now behind bars

Bloke binned at Blackfriars for blasting botnet to bork broadband A Surrey man has been jailed for 32 months after admitting to launching distributed denial-of-service (DDoS) attacks against an African telco.…

More:
Brit hacker hired by Liberian telco to nobble rival now behind bars

Old and new OpenSSH backdoors threaten Linux servers

OpenSSH, a suite of networking software that allows secure communications over an unsecured network, is the most common tool for system administrators to manage rented Linux servers. And given that over one-third of public-facing internet servers run Linux, it shouldn’t come as a surprise that threat actors would exploit OpenSSH’s popularity to gain control of them. How severe is the threat? Nearly five years ago, ESET researchers helped to disrupt a 25 thousand-strong botnet of … More ? The post Old and new OpenSSH backdoors threaten Linux servers appeared first on Help Net Security .

View article:
Old and new OpenSSH backdoors threaten Linux servers

3ve Offline: Countless Windows PCs using 1.7m IP addresses hacked to ‘view’ up to 12 billion adverts a day

Feds, Google, security orgs dismantle fraud botnet, eight people charged A collection of cybersecurity companies, Google, and the Feds are sharing details on how they uncovered and dismantled a massive ad-fraud operation known as “3ve” (pronounced “Eve”.)…

Read More:
3ve Offline: Countless Windows PCs using 1.7m IP addresses hacked to ‘view’ up to 12 billion adverts a day

Why you shouldn’t be worried about UPnP port masking

Last May, security firm Imperva wrote a blog post discussing a new proof of concept for bypassing DDoS mitigation after discovering reflected network protocols appearing on non-standard network ports. Imperva was able to replicate the same behavior using a technique called UPnP Port Masking, which uses the Universal Plug and Play (UPnP) Protocol to alter the source port of commonly abused network protocols in DDoS attacks. Multiple news outlets picked up on Imperva’s research and … More ? The post Why you shouldn’t be worried about UPnP port masking appeared first on Help Net Security .

View article:
Why you shouldn’t be worried about UPnP port masking

Cequence Security announces application security platform to stop bot attacks

Cequence Security released Cequence ASP, an application security platform that provides a scalable defense against the growing number of bot attacks affecting today’s hyper-connected organizations. These financially-motivated attacks target externally-facing web and mobile apps, as well as API services that provide connections to other applications across their digital ecosystem. Attack objectives can include account takeover, content scraping, distributed denial of service, and much more. “From a bad actor’s perspective, geo-distributed bot attacks are relatively easy … More ? The post Cequence Security announces application security platform to stop bot attacks appeared first on Help Net Security .

View article:
Cequence Security announces application security platform to stop bot attacks

Spammer scum hack 100,000 home routers via UPnP vulns to craft email-flinging botnet

Look out for traffic to and from these IP addresses and ports Once again, a hundred thousand or more home routers have been press-ganged into a spam-spewing botnet, this time via Universal Plug and Play (UPnP).…

See more here:
Spammer scum hack 100,000 home routers via UPnP vulns to craft email-flinging botnet

NTT Security adds botnet infrastructure detection to Managed Security Services

NTT Security has developed a new network analytics technology to detect and defend NTT Group’s Managed Security Services (MSS) customers from attacks launched on botnet infrastructures. The new network flow data analysis uses machine learning and scalable streaming analytics – developed in partnership with NTT Group companies – and pulls data from NTT’s global network infrastructure, which provides visibility into the world’s internet traffic. The enhancement will enable NTT Security to find attacks on customers’ … More ? The post NTT Security adds botnet infrastructure detection to Managed Security Services appeared first on Help Net Security .

Read More:
NTT Security adds botnet infrastructure detection to Managed Security Services

Nastiest malware of 2018: Top attack payloads wreaking havoc

Webroot highlights the top cyberattacks of 2018 in its latest nastiest malware list, which showcases the malware and attack payloads that have been most detrimental to organisations and consumers alike. Three nastiest: Botnets and banking trojans Emotet is this year’s nastiest botnet that delivers banking Trojans. It aspires to increase the number of zombies in its spam botnet, with a concentration on credential gathering. Threat actors have recently developed a universal plug and play (UPnP) … More ? The post Nastiest malware of 2018: Top attack payloads wreaking havoc appeared first on Help Net Security .

Read the original:
Nastiest malware of 2018: Top attack payloads wreaking havoc

Week in review: Top cyber attack sources, serverless botnets, CFO as best cybersecurity friend

Here’s an overview of some of last week’s most interesting news and articles: Repairnator bot finds software bugs, successfully submits patches Can a bot create valid, high-quality fixes for software bugs more rapidly than a human can, and get them accepted by human developers and permanently merged in the code base? How to make the CFO your best cybersecurity friend Good cybersecurity is extremely expensive, and bad cybersecurity is, well… even more expensive. It’s very … More ? The post Week in review: Top cyber attack sources, serverless botnets, CFO as best cybersecurity friend appeared first on Help Net Security .

See the article here:
Week in review: Top cyber attack sources, serverless botnets, CFO as best cybersecurity friend