Traffic to Pirate Bay and others redirected to AirTel banned URL notice An unknown agency in India, possibly telco Airtel, is quietly capitalising on encryption gaps in sites tended by DDOS-buster CloudFlare to intercept and redirect users.…
See the original article here:
CloudFlare probes mystery interception of site traffic across India
magnoliareporter.com experienced some technical issues on Friday. Our website is hosted by a service known as TownNews.com , which hosts and provides technical assistance to thousands of media-oriented websites across the country. TownNews.com was hit by a directed denial of service (DDoS) attack on Friday afternoon. This mainly manifested itself by making it difficult for us — and hundreds of other websites — to access our servers and make changes. People may have had difficulty accessing our website during that time. We do not think that our thousands of daily visitors have anything to worry about as TownNews.com technology responded immediately. That said, it is probably a good thing that we are not president of the United States. To us, hackers present a clear and present danger to the security of the United States, which has our permission to deal with them with extreme prejudice. North Korea is bent out of shape over the pending deployment by South Korea of the U.S.-made Terminal High Altitude Defense System, or THAAD. THAAD launchers and fire control systems are made in East Camden. North Korea’s military said in a statement that, “There will be physical response measures from us as soon as the location and time that the invasionary tool for U.S. world supremacy, THAAD, will be brought into South Korea are confirmed. It is the unwavering will of our army to deal a ruthless retaliatory strike and turn (the South) into a sea of fire and a pile of ashes the moment we have an order to carry it out.” Ohhhhhhh. We’re scared. Seriously, how many submarines, cruisers, aircraft carriers, bombers and drones are circling offshore North Korea, ready to unleash hell at any given moment? And that’s just the U.S. military. That sea of fire and pile of ashes looks a lot like future downtown Pyougyang to us. The Magnolia School District website is having a makeover. We’ll let you know when the site is up and running. Looking for more widely spread drought conditions when the new report comes out later this week. We’re expecting more abnormally dry conditions in South Arkansas. Patrick Posey died Saturday at his home near Benton, LA. Posey and his wife, Susan, performed much of the mural restoration work around the square a few years ago. Some fool vandalized highway signs in the Walkerville area on during the weekend, but the hate speech written on them was cleaned up. Our new online poll asks for your opinion about the state of race relations in Columbia County – whether they are better, worse or about the same as a decade ago. Another question might be what each of us, as individuals, is doing to make things better. Five years ago, we reported that Walkerville Cumberland Presbyterian Church was dedicating a new manse. A year ago, we reported that Betsy Production was drilling an oil well on the SAU campus. Vice President Aaron Burr shot and mortally wounded former Treasury Secretary Alexander Hamilton in a duel on this date in 1804. Author E.B. White was born on this date in 1899. George Gershwin died on this date in 1937. Source: http://www.magnoliareporter.com/news_and_business/mike_mcneills_diary/article_733b45f8-4720-11e6-9e2d-97f7f136ad46.html
Taken from:
Mike McNeill’s Diary for Monday, July 11, 2016: Fighting off the DDoS
There is a phrase I am finding quite relevant lately. It is attributed to the philosopher George Santayana and it goes like this: “Those who cannot remember the past are condemned to repeat it.” The reason it comes to my mind a lot these days is the headlines we are seeing relating to the latest ransomware attacks against companies’, hospitals’ and government departments’ systems. Previous headlines highlighted how criminals used DDoS attacks to extort money … More ?
See the article here:
Ransomware: Can we finally start learning from past mistakes?
80 percent of European IT security professionals expect their business to be threatened with a DDoS ransom attack during the next 12 months, according to Corero Network Security. The research, which polled over 100 security professionals at the Infosecurity Europe conference in London, highlights the growing threat of cyber extortion attempts targeting businesses in the United Kingdom and continental Europe. The rise of DDoS extortion campaigns Last month, (May 2016), the City of London Police … More ?
Visit link:
DDoS extortion campaigns increasingly target businesses
LizardStresser makes a messer of Brazil banks, gamer outfits Lizard Squad may be mostly behind bars, but their LizardStresser botnet has spawned more than 100 clones.…
Read More:
Hydra hacker bot spawns internet of things DDoS clones
While most of Lizard Squad’s first members are in jail or hiding and hoping that law enforcement won’t come knocking on their door, the group continues to live on through new members, new attacks, but also through the LizardStresser toolkit, which they leaked online at the start of 2015. The toolkit was heavily forked and adapted, as many other hacking groups sought to use it to create their own botnets to use for DDoS attacks, either just to annoy people, extort companies or hacktivism activities. LizardStresser is geared towards infecting IoT devices Arbor Networks says that LizardStresser is not extremely complicated, and is nothing more than a DDoS attack toolkit that uses the ancient IRC protocol to communicate between the C&C server and the client-side component. Because LizardStresser is coded in C and designed to run on Linux architectures, Arbor Networks says that a lot of groups that are deploying new LizardStresser instances are taking advantage of unsecured IoT devices running on platforms such as x86, ARM, and MIPS, where a stripped-down Linux version is the preferred OS. We touched on this topic last year when Lizard Squad’s new members were having trouble with their own botnet after unknown security researchers were trying to hijack some of these infected IoT systems. Webcams make the bulk of the LizardStresser-based botnets According to Arbor Networks, most of these infected IoT devices are Internet-connected webcams, accessible through a page broadcasting the “NETSurveillance WEB” title, and using their default access passwords. In a DDoS attack of over 400 Gbps aimed at a gaming site, Arbor says that 90% of the bots that participated in the attack were these type of webcams. The DDoS attacks are extremely simple and don’t even use traffic amplification/reflection techniques. LizardStresser was created to launch direct DDoS attacks, meaning the bots send UDP or TCP floods directly to the target. LizardStresser launches direct DDoS attacks, no protocol amplification Because of the massive amount of unsecured IoT devices, groups that use LizardStresser can launch massive DDoS attacks, previously thought to be unachievable without UDP-based amplification protocols such as NTP or SNMP. Furthermore, LizardStresser also includes a telnet brute-forcing feature that’s used to test new devices for default passwords and inform the C&C server about possible new victims. All of these make features make LizardStresser a popular choice when hacking outfits and hacktivism groups are looking for tools to build or broaden their DDoS capabilities. Overall, there’s a growing trend in terms of hacking groups adopting LizardStresser. “LizardStresser is becoming the botnet-du-jour for IOT devices given how easy it is for threat actors to make minor tweaks to telnet scanning,” says Matthew Bing of Arbor Networks. “With minimal reseach [sic] into IOT device default passwords, they are able to enlist an exclusive group of victims into their botnets.” Number of C&C servers using LizardStresser in 2016 Source: http://news.softpedia.com/news/there-are-over-100-ddos-botnets-based-on-lizard-squad-s-lizardstresser-505816.shtml#ixzz4D0b6wPkw
See the article here:
There Are over 100 DDoS Botnets Based on Lizard Squad’s LizardStresser
With the prevalence of DDoS attacks, good preparation and planning can go a long way toward making the DDoS response process as manageable, painless, and inexpensive as possible. The Network Ops DDoS Playbook is a guide focused on how to prepare yourself against a DDoS attack on your business and what to do if you are under attack. You’ll find practical tips, best practices and an overview of the cyber security technologies available to protect … More ?
See more here:
The Network Ops DDoS Playbook
A DDoS attack against a jewelry shop website has lead researchers to the discovery of a CCTV botnet comprised of some 25,000 cameras from around the globe. The website had been repeatedly attacked, first with 35,000 HTTP requests per second and then, when those efforts were thwarted, with 50,000 HTTP requests per second. Looking into the IP addresses from which the attack was coming from, Sucuri researchers discovered that all of them were running the … More ?
See more here:
25,000-strong CCTV botnet used for crippling DDoS attacks
All clues lead back to Chinese DVR vendor TVT A botnet of over 25,000 bots lies at the heart of recent DDoS attacks that are ferociously targeting business around the world. More exactly, we’re talking about massive Layer 7 DDoS attacks that are overwhelming Web servers, occupying their resources and eventually crashing websites. US-based security vendor Sucuri discovered this botnet, very active in the last few weeks, and they say it’s mainly composed of compromised CCTV systems from around the world. Their first meeting with the botnet came when a jewelry shop that was facing a prolonged DDoS attack opted to move their website behind Sucuri’s main product, its WAF (Web Application Firewall). Botnet can crank out attacks of 50,000 HTTP requests per second Sucuri thought they had this one covered, just as other cases where companies that move their sites behind their WAF block the attacks, and eventually the attacker moves on to other targets. Instead, they were in for a surprise. While the initial attack was a Layer 7 DDoS with over 35,000 HTTP requests per second hitting the server and occupying its memory with garbage traffic, as soon as the attackers saw the company upgrade their website, they quickly ramped up the attack to 50,000 requests. For Layer 7 attacks, this is an extraordinarily large number, enough to drive any server into the ground. But this wasn’t it. The attackers continued their assault at this high level for days. Botnet’s nature allowed attacks to carry out attacks at higher volumes Usually, DDoS attacks flutter as the bots come online or go offline. The fact that attackers sustained this high level meant their bots were always active, always online. Sucuri’s research into the incident discovered over 25,513 unique IP addresses from where the attacks came. Some of these were IPv6 addresses. The IPs were spread all over the world, and they weren’t originating from malware-infected PCs, but from CCTV systems. Taiwan accounted for a quarter of all compromised IPs, followed by the US, Indonesia, Mexico, and Malaysia. In total, the compromised CCTV systems were located in 105 countries. Top 10 locations of botnet’s IPs The unpatched TVT firmware comes back to haunt us all Of these IPs, 46 percent were assigned to CCTV systems running on the obscure and generic H.264 DVR brand. Other compromised systems were ProvisionISR, Qsee, QuesTek, TechnoMate, LCT CCTV, Capture CCTV, Elvox, Novus, or MagTec CCTV. Sucuri says that all these devices might be linked to Rotem Kerner’s investigation, which discovered a backdoor in the firmware of 70 different CCTV DVR vendors . These companies had bought unbranded DVRs from Chinese firm TVT. When informed of the firmware issues, TVT ignored the researcher, and the issues were never fixed, leading to crooks creating this huge botnet. This is not the first CCTV-based botnet used for DDoS attacks. Incapsula detected a similar botnet last October. The botnet they discovered was far smaller, made up of only 900 bots . Source: http://news.softpedia.com/news/a-massive-botnet-of-cctv-cameras-involved-in-ferocious-ddos-attacks-505722.shtml#ixzz4CsbxFc4A
Read More:
A Massive Botnet of CCTV Cameras Involved in Ferocious DDoS Attacks
Watching us and borking you A massive network of hacked CCTV cameras is being used to bring down computers around the world, we’re told.…
Read More:
25,000 malware-riddled CCTV cameras form network-crashing botnet