Fed bust of massive attack network caused traffic loads to plummet in Q4 The FBI’s takedown of a group of prolific DDoS-for-hire websites has single-handedly helped to drop attack levels globally.…
More:
Silence of the WANs: FBI DDoS-for-hire greaseball takedowns slash web flood attacks ‘by 11%’
IoT devices in synchronised attacks on targets represent a growing part of global Distributed Denial of Service (DDoS) weapon arsenals. There is a significant potential for attackers to use an IoT-related protocol, the Constrained Application Protocol (CoAP), deployed on IoT devices to marshal attacks. The A10 Networks report on the state of DDoS weapons in the first quarter of 2019 examines the types of weapons and attacks being used and where they are coming from. … More ? The post IoT devices using CoAP increasingly used in DDoS attacks appeared first on Help Net Security .
Continued here:
IoT devices using CoAP increasingly used in DDoS attacks
During the second half of 2018, attackers bulked up existing tactics, rapidly evolvied new performance enhancements, and applied smart business techniques to vastly accelerate attack growth rate, according to the latest Threat Landscape Report by Netscout. IoT’s countdown to attack Constant targets of DDoS malware, IoT devices come under attack within five minutes of being plugged in and targeted by specific exploits within 24 hours. IoT security is minimal to nonexistent on many devices, making … More ? The post Attackers continue to enhance their performance, apply smart business techniques appeared first on Help Net Security .
Original post:
Attackers continue to enhance their performance, apply smart business techniques
Powerful capabilities of modern browser APIs could be misused by attackers to take control of a site visitor’s browser, add it to their botnet, and use it for a variety of malicious actions, researchers from the Foundation for Research and Technology – Hellas and Stony Brook University are warning. To prove their point, they’ve created MarioNet, a prototype framework that allows them to do just that. The hijacked resources could be used for unwanted and … More ? The post Modern browser APIs can be abused for hijacking device resources appeared first on Help Net Security .
Continued here:
Modern browser APIs can be abused for hijacking device resources
The volume and complexity of DDoS attacks continued to grow in Europe during the final quarter of 2018, according to Link11. While Link11’s Security Operations Center (LSOC) registered 13,910 attacks in Q4 (12.7% down compared to Q3), the average attack volume grew by 8.7% to 5Gbps, and 59% of attacks used multiple attack vectors. Key findings of Link11’s Q4 DDoS report include: Average attack volumes grew by 194% in 12 months: In Q4 2018, average … More ? The post Average DDoS attack volumes grew by 194% in 12 months appeared first on Help Net Security .
Read the original:
Average DDoS attack volumes grew by 194% in 12 months
As anyone in the network security world will tell you, it is an extremely intense and stressful job to protect the corporate network from ever-evolving security threats. For a security team, a 99 percent success rate is still a complete failure. That one time a hacker, piece of malware, or DDoS attack brings down your organization’s network (or network availability) is all that matters. It’s even more frustrating when you consider that the proverbial ‘bad … More ? The post How accepting that your network will get hacked will help you develop a plan to recover faster appeared first on Help Net Security .
See the original post:
How accepting that your network will get hacked will help you develop a plan to recover faster
Attackers are increasingly targeting vulnerable cloud infrastructure to exploit it for covert cryptojacking or to deliver ransomware, Securonix researchers warn. Some attacks are fairly trivial, but others are multi-vector/multi-platform threats where multiple functionalities are combined as part of the same malicious threat (e.g., XBash, which combines cryptomining, ransomware and botnet/worm activity). The way in The attacks are automated and probe the infrastructure and cloud services for vulnerabilities and/or weak or default login credentials. Among the … More ? The post Vulnerable cloud infrastructure experiencing increasing attacks appeared first on Help Net Security .
Visit site:
Vulnerable cloud infrastructure experiencing increasing attacks
The Nexusguard Q3 2018 Threat Report has revealed the emergence of an extremely stealthy DDoS attack pattern targeting communications service providers (CSPs). Comparison between normal attack traffic and attack traffic with legitimate traffic This new vector exploits the large attack surface of ASN-level (autonomous system number) CSPs by spreading tiny attack traffic across hundreds of IP addresses to evade detection. The ongoing evolution of DDoS methods suggests that CSPs need to enhance their network security … More ? The post SSDP amplification attacks rose 639% appeared first on Help Net Security .
Continue Reading:
SSDP amplification attacks rose 639%
Plus, Safari security foiled by… a finger swipe? Roundup This week we wrangled with alleged Russian election meddling, hundreds of millions of username-password combos spilled online , Oracle mega-patches , and cliams of RICO swap-gangs .…
Read more here:
DDoS sueball, felonious fonts, leaky Android file manager, blundering building security, etc etc
Two men who launched DDoS attacks against a variety of targets have received substantial prison sentences on Friday. Attacks against Liberian telecom 30-year-old Daniel Kaye (aka “BestBuy”), from Egham, Surrey (UK) has been sentenced to spend 2 years and 8 months in prison for DDoS attacks targeting the Liberian telecommunications provider Lonestar MTN in 2015. According to the UK National Crime Agency (NCA), Kaye first used rented botnets and stressor services to attack Lonestar. He … More ? The post Hackers who DDoSed African telecom and US hospital get long prison sentences appeared first on Help Net Security .
See the original article here:
Hackers who DDoSed African telecom and US hospital get long prison sentences