Akamai report finds surge in weighty packets. The number of distributed denial of service attacks rose 149 percent in dying months of 2015 according to Akamai’s networking wonks.…
Continue Reading:
DDoS attacks up 149 percent as brassy booter kids make bank
Reverse proxying traffic might save headaches Google has launched a free service to protect news websites against DDoS attacks.…
See the original article here:
Google punts freebie DDoS shield to hacks, human rights worthies
Researcher who found the flaws will reveal crim-friendly details in three weeks Palo Alto Networks has revealed four new nasties, one of which can allow remote code execution and DDOS attacks on its boxen, and given users until March 16th to patch them.…
Originally posted here:
Palo Alto reveals critical bugs and March 16th patch deadline
Some in the IEEE reckon it’d be a good idea, before your toaster burns more than bread The Internet toaster that’s browning your crumpets, talking to its home servers, and participating in a ransomware-distributing botnet should get the kind of cyber-safety testing that it gets for physical safety.…
See the article here:
Does the Internet of Things need an indie security assessor?
The Serbian president’s website faced a large-scale “hacking” attack on Monday, which brought it down for several hours, his press office said. A statement carried by Tanjug explained that the distributed denial-of-service attack (SYN flood) targeted www.predsednik.rs, and that the president’s website is “subject to daily hacking attacks.” In a SYN flood attack, the server is overwhelmed by a large number of legitimate and false connections requests which consume its resources and render it unresponsive or difficult to access. “The hosting and security of the president’s website falls within the competence of the Defense Ministry. In cooperation with Telekom Srbija, the ministry blocked and prevented further attacks and possible damage to the computer equipment and services,” the statement said. Source:http://www.b92.net/eng/news/crimes.php?yyyy=2016&mm=02&dd=23&nav_id=97147
Read this article:
Serbian President’s website comes under DDoS attack
The contract between Department of Homeland Security (DHS) and Galois was signed in January. However, HackRead had a chance to discuss the contract with Galois. Galois and the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) have formalized a contract to develop technology for preventing and combating extensive, sophisticated DDoS (Distributed Denial of Service) attacks . In fact, an official announcement was made by Galois in which the company informed media about signing up a $1.7million contract with the DHS S&T Cyber Security Division. The contract is part of the larger Distributed Denial of Service Defenses (DDoSD) program initiated by the DHS S&T Cyber Security Division. The problem with DDoS attacks is that these can cripple even the most established and largest organizations. These happen to be devastating for small and/or medium-sized businesses. The generated amount of traffic is adequate to drench their internet connections multiple times and it becomes challenging to get the ISP (internet service provider) to take the matter seriously and respond quickly. DHS Developing Technology to Thwart DDoS attacks Quicker than Ever Before The project that DHS is planning with Galois is dubbed as DDoS Defense for a Community of Peers (3DCoP) and it involves peer-to-peer collaboration mechanism with which the organizations detect and combat DDoS attacks by working in cooperation. According to Adam Wick, Galois’ Research Lead, Mobile & Security Systems Software: “Current DDoS defense systems are proving ineffective because they operate in isolation, which introduces delays in the detection, reporting, and response to a DDoS attack. This delay is critical. It provides positive feedback to the attacker, who will continue to send more and more traffic to the target network. Our solution advances the state of DDoS defense by providing new tools that allow multiple defenders to coordinate their response, resulting in earlier detection and faster DDoS mitigation.” It is not a hidden fact that DDoS attacks are a great threat for all kinds of industries and sectors alike such as news entities, financial institutions, critical infrastructure organizations and government agencies, etc. Under the contract with DHS, Galois aims to curb rising DDoS attack threats via the following measures: 1: Minimizing mitigation response duration by at least 50% and 75 to 90 percent reduction in peak traffic 2: 25% reduction in the duration between the launching of DDoS attack and its detection Resultantly, organizations and institutional entities will be able to thwart DDoS attacks prior to its completion. HackRead had a chance to have a conversation with Adam Wick and here’s what we asked and what he replied: Q: How would you like to explain the difference between your services and services provided by other companies? Answer: “Currently, DDoS defense systems fail to address large DDoS attacks that fully “clog” the internet connection. In those cases, locally responding to an attack is no longer possible. In general, most solutions work in isolation, which introduces delays in the detection, reporting, and response to a DDoS attack. To effectively mitigate a large attack, an organization must involve organizations “higher up”, like ISPs, that can stop the flow of malicious traffic. We’re developing a unique collaborative model, where multiple organizations automatically work together to detect DDoS attacks through automatic traffic analysis. They then generate traffic blocking rules for the malicious traffic and send that to ISPs further up the chain. The ISPs can, in turn, block the necessary traffic and mitigate the attacks. One can see the basis of this in the way people react to DDoS attacks now, but many of these steps are manual and require complicated conversations over the telephone. In many cases, the process is further complicated because the parties involved have never spoken before, and have to build trust. After all, the actions that one takes to mitigate a DDoS can also be used to perpetrate an attack, so upstream ISPs need to convince themselves that they’re talking to the right person. What we’re looking to do is speed up this process, dramatically, by automating the detection, analysis, and mitigation steps. At the moment, this mitigation can be automatic, or it can be manual. That way, even if an organization’s ISP isn’t hooked up to our system, network admins will be able to detect the problem early and trust our solution to have all the information (and all the evidence!) they need to convince their ISP to take early and effective action.” Q: How will your firm will defend its client against DDoS attack leading to ransom such as the ProtonMail DDoS attack? Answer: “Ransom in DDoS cases is one of those clear indicators that our current approaches to DDoS defense are failing. Attackers can only ask for ransom when an organization has no way to defend themselves. Ransom cases can be mitigated by having effective DDoS defense that doesn’t allow an attack to become a problem in first place. The most effective defenses in the coming years will take into account the bigger picture by connecting everyone involved, for a more timely response. If we can minimize the effect of large DDoS attacks, we effectively reduce cases where attackers demand ransom.” Galois is a renowned firm in the computer science research and development sector. It has been operating since 1999 and boasts of a world class team of computer science experts, mathematicians, programmers, and engineers. The firm has positioned itself as the world’s most reliable company and is ready to take on even the most challenging computer science related task of the world. It has also partnered with defense and intelligence agencies to develop cutting edge technologies to protect their systems and networks. Very often tech firms consult Galois to create reliable, safe and secure systems for their products and services’ security. Source: https://www.hackread.com/us-homeland-security-vows-to-tackle-ddos-attacks/
See the original article here:
US Department of Homeland SecuUS Department of Homeland Security Vows To Tackle DDoS Attacksrity Vows To Tackle DDoS Attacks
Hacktivists with the Anonymous hacking collective have announced plans to launch widespread DDoS strikes against the Israeli military to protest the ongoing detention of Mohammed Al-Qeeq, a Palestinian journalist who has been on hunger strike since November 2015. Al-Qeeq is a reporter for a Saudi news outlet and was arrested at his Ramallah home on 21 November by Israeli police amid claims was linked to Hamas. According to the Independent, he has been in ‘administrative detention’ ever since, which is permitted under Israeli law to detain someone without referring to a judge on the basis they are a threat to the national security. In the week after his detention he went on hunger strike and after roughly 80 days had lost most of his sight, voice and hearing abilities. “We are calling on all citizens of the world to join us in this fight to free an illegally detained man. We are organising many ongoing operations in relation to this issue,” said the hacktivists in a statement posted to PasteBin, who have branded the so-called ‘emergency operation’ as #OpAlQeeq, #OpSaveGaza and #FreeAlQeeq. The statement requested those taking part in the operation to carry out a range of tasks including calling local Israeli embassys, taking to the streets in protest and raising awareness on social media. However, the note also called for major hacking activity against ‘Israeli military forces’ and posted a slew of IP addresses relating to a range of websites including the defence ministry and the Israeli Defense Force (IDF). “Since it was the Israeli military forces that arrested and detained Mohammed Al Qeeq, then Israel military forces, his blood is on your hands,” the statement said. “We are calling on all ‘anons’ and hacktivists across the world to focus fire on Israeli military forces. Included [are] all websites associated with the Israeli military. Dump them, load them with viruses, DDoS them, break them, whatever you can do or see fit. Security analysis is already underway on all targets. Targets are listed by priority level. If this man dies in the custody of the Israeli military, Israel you can expect hell.” Anonymous has a long history with hacking Israeli targets. Last year, in a video posted online, the group vowed an ‘electronic holocaust’ against the nation in apparent statement in support of Palestine. “As we did many times, we will take down your servers, government websites, Israeli military websites, and Israeli institutions,” said a masked anonymous individual. “We will erase you from cyberspace in our electronic holocaust.” Meanwhile, in a separate attack in 2012, hackers attacks and shut down a number of websites including the Tel Aviv Stock Exchange after they were threatened by a Saudi hacker. A spokeswoman for the stock exchange confirmed at the time that the site had come under attack, but claimed that trading systems were not affected. Even most recently, following the hack at the Department of Justice that resulted in the loss of thousands of federal credentials, the hacker using the @DotGovs twitter profile who was thought to be behind the incident frequently signed off with the now-familiar phrase: #FreePalestine. Source: http://www.ibtimes.co.uk/anonymous-hackers-plan-ddos-campaign-against-israeli-military-protest-mohammed-al-qeeq-detention-1544723
Follow this link:
Anonymous: Hackers plan DDoS campaign against Israeli military to protest Mohammed Al-Qeeq detention
Security vendor Imperva says it has observed a sharp increase in automated bot traffic directed at florist sites. Cyber criminals have shown a consistent tendency to exploit major news and seasonal events to slip phishing and other malicious attacks past unwary victims. And so it is with this Valentine’s Day as well. Florists apparently have been receiving a lot of attention, of the unwanted variety, from online criminals, security vendor Imperva reported this week. All 34 of the company’s florist customers have experienced a sharp spike in traffic to their sites over the last few days. While some of the traffic is to be expected, considering the rush to order flowers for Valentine’s Day — a lot of it is not. According to Imperva, more than nine in 10 of the florist sites witnessed a sudden surge in bot traffic between February 5 and February 11. In about 23% of the cases, the spike in bot traffic was dramatic enough to cause problems. Contrary to what some might expect, the attack traffic did not appear to be opportunistic in nature. Rather, it looked as if the florists were being individually targeted in denial-of-service campaigns apparently designed to extort money from them. Sponsor video, mouseover for sound One of Imperva’s florist customers reported receiving a ransom note, while another experienced an application-layer denial of service attack, Imperva said. In the case of the latter victim, the company’s Content Distribution Network (CDN) provider interpreted the botnet traffic as regular user sessions, resulting in the site exceeding its contracted cache capacity. This in turn caused the CDN to route the attack traffic through its own origin servers, resulting in their site going down under DDoS traffic. A screenshot published on Imperva’s blog shows that some of the Web application attacks had originated in the United Kingdom, though one appeared to be from Latvia. Somewhat surprisingly, attackers were still going after old vulnerabilities such as Shellshock in an attempt to breach systems belonging to their targets, according to Imperva. Florists can mitigate the threat by monitoring their traffic for unexpected behavior, like heavier than normal traffic spikes, or visits from unfamiliar IP addresses. “Any unusual activity could be ‘dry runs’ by attackers foreshadowing an imminent full-blown attack,” Imperva said. The company also urged florists to monitor Twitter and sites such as Pastebin.com for chatter hinting at a potential attack on their sites. The sudden spike in malicious traffic directed at online florists reflects a common tendency among cyber crooks to escalate malware campaigns and attacks around seasonal events and major news happenings. Earlier this year, mobile network protection vendor Adaptive Mobile reported on a series of picture message spam campaigns on the Kik messenger service that were timed to coincide with seasonal events. The spam messages involved the use of images belonging to well-known brands to try and get recipients to follow links to malicious websites. What was noteworthy was the fact that each campaign was tied to a specific event. For instance, one of the Kik spam campaigns was launched around Halloween, and featured an image message purportedly from Amazon. Another campaign around Thanksgiving involved spam featuring spoofed McDonalds images, while one in the days preceding Cyber Monday featured BestBuy-related spam. While the campaign was not technically very sophisticated, the effort put into creating individual picture messages purporting to be from major brands, suggested a specialist campaign, Adaptive Mobile had noted. Source: http://www.darkreading.com/endpoint/valentines-day-inspires-ddos-attacks-against-online-florists-/d/d-id/1324312
Read the original:
Valentine’s Day Inspires DDoS Attacks Against Online Florists
DDoS as an attack vector is on the rise: here’s how to stop it from stopping your business. Distributed Denial of Service (DDoS) attacks maybe as old as the hills but they continue to be a popular, and highly effective, attack vector for hackers. In the past couple of months alone we have seen a persistent DDoS attack on the UK academic computer network JANET, which was swiftly followed by one against cloud hosting company Linode, leading to service interruptions at DNS infrastructure and data centers across the U.S. and the U.K. Indeed, recent research released by Arbor Networks in its Annual Worldwide Infrastructure Security Report stated that DDoS attacks are on the rise, with half of the 354 global respondents’ data centers suffering DDoS attacks – a 33% increase from 2014. DDoS attacks have increased in frequency for some time – giving hackers a relatively uncomplicated method to bring a website down or disrupt a web service. Although DDoS attacks do not involve the stealing of data, they can be highly damaging in other ways, not least by affecting the trust and reputation that a company has among its customers. This can lead to financial damage through lost customers and lost business. Moreover, DDoS attacks can be used as a diversionary smokescreen for more aggressive attacks, as was the case with the recent TalkTalk breach. So what can organisations do to help protect themselves against the threat of DDoS and mitigate the effects of such attacks? The first step is being able to quickly detect that you are under attack, and having a procedure in place to deal with it. Illegitimate traffic can be hard to distinguish from legitimate traffic, but the typical signs of a DDoS attack are a sharp increase in traffic to your website followed by a slowing down of performance (there are services that can continuously monitor your website’s responsiveness from an external point of view, such as Dynatrace and SolarWinds.) Once a DDoS attack is underway, you have a number of options in terms of dealing with the bombardment: ISP blocking and scrubbing – It is advisable to deal with the attack in an environment that’s removed from your network, to prevent it from affecting other areas of network performance. If you suffer a DDoS attack contact your internet service provider, as many offer DDoS protection services such as blocking the originating IP addresses or ‘scrubbing’ malicious packets. They will also probably have greater bandwidth than you and are therefore likely to be able to deal with the attack more efficiently and effectively. Blackholing – A common response to a DDoS attack is to simply route all website traffic into a black hole, thus taking the website offline until the attack ceases. The problem with this approach is that it blocks all traffic, both good and bad, which basically means that the hacker has achieved their objective. Routers and firewalls – You can set up routers and firewalls policies to filter non-critical protocols, block invalid IP addresses and shut off access to specific high-risk segments of your network in the event of an attack. However, be aware that these techniques are somewhat ineffective against more sophisticated attacks that use spoofing or valid IP addresses. Content delivery network – Using a content delivery network to create replicas of your website for customers in different locations can help reduce the impact of the DDoS attack as well as make the extra DDoS related traffic easier to combat. Anti-DDoS technology – Many of the leading firewall appliance vendors offer specialised anti-DDoS modules, that can be deployed at the perimeter of your network or data center, which are designed to detect and filter malicious traffic. However, these are not automated and need to be constantly managed and updated by your operations team. While there is no single ‘silver bullet’ solution that can stop a DDoS attack in its tracks once the traffic starts hitting your website, you can lessen its impact on your business by using a combination of the methods I’ve outlined here. As DDoS continues to be used as a cyber-weapon against websites and online resources, organisations should ensure that they have a response plan in place that includes these mitigation techniques, to help deny attempted denial-of-service attacks. Source: http://www.information-age.com/technology/security/123460891/denying-deniers-how-effectively-tackle-ddos-attacks#sthash.HM41ehWS.dpuf
Continue Reading:
Denying the deniers: how to effectively tackle DDoS attacks
After last September's arrest of an alleged member of the gang that has been developing and spreading the Dridex banking malware, and last October's temporary disruption of the Dridex botnet at the ha…
View post:
Someone hijacked the Dridex botnet to deliver Avira AV's installer