Alleged cyber-crims unleashed 140Gbps of duff packets at networks The US Department of Justice (DoJ) has charged seven Iranian hackers over a string of high-profile distributed denial-of-service (DDoS) attacks against banks.…
See the article here:
US charges Iranians with hacking into an NY dam, blasting banks offline
News sites bork-bork-borked for spreading ‘false propaganda’ News outlets in Sweden went dark over the weekend in the face of a large-scale distributed denial-of-service (DDoS) attack.…
Follow this link:
Swedish sysadmins reach for the hex key, reassemble services after weekend DDoS
A number of Swedish government websites and major media outlets were knocked offline for hours over the weekend, police say. No one has taken responsibility for the cyberattacks, which silenced at least seven of Sweden’s most prominent news organizations for hours amid growing tension with Russia. A flood of web traffic Saturday night either crippled or totally shut down the news sites Dagens Nyheter, Svenska Dagbladet, Expressen, Aftonbladet, Dagens Industri, Sydsvenskan and Helsingborgs Dagblad for roughly three hours. Police launched an investigation Sunday, Agence France-Presse reported, with investigators telling many of the same sites the traffic appears to have originated in Russia. Cyberattackers, ranging from Anonymous to state hacking groups, often use distributed denial of service, or DDoS, attacks to direct a wave of falsified web traffic at a single or small number of sites, overwhelming them with traffic for hours or days. This attack was “extremely dangerous and serious,” Jeannette Gustafsdotter, the head of the Swedish Media Publishers’ Association, told the news agency TT, as quoted by the Local.se. “To threaten access to news coverage is a threat to democracy.” The onslaught came after an anonymous Twitter account, using the handle @_notJ, warned of imminent attacks against sites that posted “propaganda.” Aftonbladet, one of the sites mentioned in the tweets, has published a number of stories on the Russian plane crash that killed 62 people and other topics that don’t portray Russia in a positive light. This is what happends when you spread false propaganda. Aftonbladet.se #offline@Aftonbladet — J (@_notJ) March 19, 2016 The following days attacks against the Swedish goverment and media spreading false propaganda will be targetted. — J (@_notJ) March 19, 2016 The attacks also came after a Swedish government report cited Russian “extreme movements, information operations and misinformation campaigns” aimed at Swedish lawmakers and the public as Sweden’s most formidable intelligence threat. The Swedish government asked Russian Embassy staff to leave Sweden in 2015, though the report noted that suspected spies were still working as diplomats, airline employees and business executives. Source: http://m.ibtimes.com/ddos-attacks-cripple-swedish-news-sites-amid-russia-tension-2340079
Original post:
DDoS Attacks Cripple Swedish News Sites Amid Russia Tension
The increasing popularity of DDoS attacks as a tool to disrupt, harass, terrorize and sabotage online businesses is boosting demand for mitigation solutions. In the face of universal vulnerability to attacks, end users are looking for cost-effective solutions that can defend against the most sophisticated and large scale attacks. DDoS mitigation market New analysis from Frost & Sullivan finds that the DDoS mitigation market earned revenues of $449.5 million in 2014 and estimates this to … More ?
Original post:
Demand for advanced DDoS mitigation on the rise
Event ticket seller Ticketmaster experiences the traffic equivalent of a huge DDoS attack every time a major gig or show goes on sale, necessitating a steady migration to the cloud. That’s according to Simon Tarry, director of engineering strategy at the firm, speaking to V3 ahead of the V3 Cloud and Infrastructure Live event on 20 and 21 April 2015. “Ticketmaster’s been handling web traffic for almost two decades now, so we’ve built up our own infrastructure, and part of the problem with that, as a US company, is we’ve grown through acquisition and bought up a lot of ticketing businesses round the world – as well as all the infrastructure that comes with it,” Tarry explained. With ticketing platforms scaling, and a growing audience increasingly consisting not just of fans “but automated bots as well”, Tarry said Ticketmaster’s existing infrastructure was reaching critical mass. Ticketmaster currently handles around 1,300 users per second at peak times. “We basically suffer huge DDoS attacks from a large on-sale, so we try to separate our human traffic from bot traffic,” Tarry told V3 . Having already been using a private cloud for the past three years, Ticketmaster is now going through a “strategic push” to AWS. “We’re assessing at the moment that kind of journey – how to move what we have into an AWS architecture. So a lot of planning and training is going on right now,” Tarry said. The initial migration to private cloud was an e-commerce stack for a one-off event. “We tried that first, as a short project, as it was limited in scope to a certain degree,” said Tarry. “But we made a lot of assumptions about the infrastructure that weren’t true,” he added. “So we had to challenge a lot of our thinking about the infrastructure and how it would perform. The key criteria for us is to handle a very large on-sale on any platform.” Keeping the lights on and maintaining the ability to cope with a punishing level of traffic was achieved by “strong tooling”, said Tarry, including load testing products from SOASTA. Mechanisms to interrogate the traffic in order to block out traffic Ticketmaster doesn’t want also help in this. “Part of our DevOps culture is a kind of ‘swat team’ of guys who play ‘hunt the bottleneck’, spending time diagnosing, testing, and finding the next problem,” Tarry said. “Ultimately, when we’re cloud based we want that capacity on-tap – it’s not something you can just do,” he said. “You need to configure your systems to use that capability.” Source: http://www.v3.co.uk/v3-uk/news/2451092/ticketmaster-turns-to-the-cloud-to-handle-ddos-level-traffic-during-big-event-launches
More here:
Ticketmaster turns to the cloud to handle ‘DDoS-level’ traffic during big event launches
Notorious hacking team set to launch DDoS attacks on Trump websites on April 1 Donald Trump’s seemingly inevitable rise to power in the United States may be about to hit a fairly major obstacle in the form of an Anonymous cyber-attack. The hacking collective, which has been behind a number of major attacks against individuals or companies it considers to have done wrong to the public, has said it is preparing a DDoS attack against Trump’s campaign website. The “declaration of war” was set out in a video posted to YouTube which says that the attacks, dubbed #OpTrump, will take place on April 1, targeting websites including trump.com, donaldjtrump.com andtrumphotelcollection.com. “Hateful campaign” “Dear Donald Trump, we have been watching you for a long time and what we see is deeply disturbing,” the video says. “Your inconsistent and hateful campaign has not only shocked the United States of America [but] you have shocked the entire planet with your appalling actions and ideas. You say what your audience wants to hear but in reality you don’t stand for anything except for your personal greed and power.” “We need you to shut down his websites, to research and expose what he doesn’t want the public to know. We need to dismantle his campaign and sabotage his brand. We are encouraging every able person with a computer to participate in this operation. This is not a warning, this is a declaration of total war. Donald Trump – it is too late to expect us.” In a separate written message posted online to accompany the video, Anonymous also listed what is claims are personal details belonging to Donald Trump, including his social security number, personal phone number and the contact details of his agent and legal representation. The animosity between Anonymous and Trump dates back to December 2015, when the former officially ‘declared war’ on Trump after a radical speech in which he said Muslims should be banned from entering the United States, which saw a number of Trumps’ websites taken offline. Anonymous has not been shy to wage war on opponents in the past, most famously attacking terrorist group Isis last December following the terrorist attacks in Paris that left 130 people dead. Earlier that month, the group also published the details of a thousand alleged KKK sympathisers as part of its #HoodsOff campaign, which it described as “a form of resistance” against racial violence, following earlier major cyberattacks which included posting several messages on the KKK’s official Twitter feed, and taking control of another account affiliated with the Klan. Source: http://www.techweekeurope.co.uk/security/cyberwar/anonymous-declares-war-donald-trump-187898
View original post here:
Anonymous Declares War On Donald Trump
Another day in the Bitcoin world and another crisis has been averted, even though plenty of users were worried when several exchanges experienced the same issue at the same time. Incapsula, the DDoS protection provider for several major Bitcoin exchanges, was experiencing some issues earlier today. As a result, trading was temporarily unavailable, although the issue was rectified rather quickly. However, this “centralized” form of protection is an annoyance for a decentralized ecosystem. While it is of the utmost important for Bitcoin exchanges to have some form of DDoS protection, it is not helpful if all of these platforms use one and the same provider. Bitcoin and digital currency are all about decentralization, yet companies seem to be using one centralized security solution. Granted, Incapsula is one of the market leaders when it comes to DDoS and platform protection services. It only makes sense when companies such as BTCC , Bitstamp , BitFinex , Vaultoro , and others have taken a liking to this company. Not that there is anything wrong with that, as long as there is no outage as Incapsula itself. There is no mention on the Incapsula Twitter account as to what went wrong exactly, or how the matter was resolved in the end. Whichever way the company handled this issue, the issue was sorted in a matter of minutes, which is commendable. Nor do any of the affected Bitcoin exchanges posted any messages on social media either, which is quite disconcerting. Security is the top priority for any Bitcoin exchange platform, as most companies act as a custodian while watching over customer funds. DDoS attacks, hacking attempts, and database breaches need to be avoided at all costs.Incapsula is a well-respected company capable of delivering such a service. But at the same time, this situation begs the question if there are no other companies who can provide this service as well. Granted, security is an innovative business in the online world right now, and there are hundreds of companies in existence who want to be market leaders. Incapsula has secured their spot already– for now – but other players need to emerge and collaborate with Bitcoin platforms to create more decentralization in the security department. Source: http://themerkle.com/news/brief-incapsula-downtime-disrupts-bitcoin-exchange-trading/
Read the article:
Brief Downtime Disrupts Bitcoin Exchange Trading
600,000 servers are vulnerable to this little-known protocol Security researchers have discovered a new vector for DDoS amplification attacks – and it’s quite literally trivial.…
See the article here:
Trivial path for DDoS amplification attacks found by infosec bods
Customers of a large New Zealand website design company have had their websites shut down due to a cyber attack believed to target one or more of the company’s customers. Customers of Zeald were informed on Thursday that some clients had experienced outages with their websites in recent weeks. The company, formed in 2001, with thousands of customers in New Zealand and Australia, has told clients the outages were caused by Distributed Denial of Service (DDoS) attacks. These attacks attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. They present a major challenge to making sure people can publish and access important information. “Simply put, a DDoS attack simulates millions of computers trying to access a website at the same time. This puts tremendous stress on the online infrastructure, and can make access to a website difficult, or impossible,” the company said in its email. “We believe these attacks are targeted at one of our customers,” it said. It said the attacks were difficult to resolve and were a rapidly expanding class of security attack. They did not involve ‘hacking’ and did not lead to the loss of confidential information, but they made it impossible to access a site. “They can be created by attackers with limited technical skill but options for dealing with them are extremely limited”. “Working with our upstream providers, we have been able to stop these attacks temporarily by blocking international traffic. Unfortunately, these attacks keep resuming and are no longer isolated to international traffic alone. These attacks are also causing major issues for our upstream providers as well as the other websites and services that they provide,” it said. “If you have experienced any kind of extortion attempt or communication threatening an attack like this please let us know. Any feedback regarding recent threats will be treated in the strictest confidence. If we know the target of the attack there are measures we can put in place to eliminate the problem”. Source: http://www.stuff.co.nz/technology/77539929/customers-of-large-nz-website-company-zeald-have-been-hit-by-cyber-attack
Excerpt from:
Customers of large NZ website company Zeald have been hit by DDoS attack
$66 a pop, if you’re the sort who pays for these things OPSEC mistakes by a cybercrook have allowed security researchers to estimate the revenue of a Russian DDoS booter merchant.…
View article:
OPSEC mistakes spill Russian DDoS scum’s payment secrets