Category Archives: DDoS Vendors

What analytics can unveil about bot mitigation tactics

25% of internet traffic on any given day is made up of bots, the Kasada Research Team has found. In fact, there is a synthetic counterpart for almost every human interaction online. Bot mitigation tactics These bots work to expose and take advantage of vulnerabilities at a rapid pace, stealing critical personal and financial data, scraping intellectual property, installing malware, contributing to DDoS attacks, distorting web analytics and damaging SEO. Luckily, tools, approaches, solutions and … More ? The post What analytics can unveil about bot mitigation tactics appeared first on Help Net Security .

More:
What analytics can unveil about bot mitigation tactics

As coronavirus cases surge, so do cyberattacks against the healthcare sector

The healthcare sector should brace itself against an increase in cyberattack rates and a variety of attack vectors over the coming months, researchers have warned. On Tuesday, cybersecurity firm Check Point released new statisticsthat show a 45% increase in cyberattacks since November against the global healthcare sector, over double an increase of 22% against all worldwide industries in the same time period. According to the researchers, attack vectors employed by threat actors are wide-ranging; including distributed denial-of-service (DDoS) attacks, social engineering, botnets, phishing, and ransomware. However, ransomware, in particular, is of serious concern. We’ve already seen just how debilitating a ransomware attack wave can be. The WannaCry outbreak of 2017 locked up and disrupted operations for countless businesses worldwide, and in the past four years, ransomware has continued to grow in popularity due to how lucrative a criminal business it has become. When it comes to hospitals, some providers will pay blackmail fees demanded by ransomware operators rather than risk patient care. The death of a patient due to a ransomware attack on a hospital has already occurred. Check Point says that ransomware attack rates are surging against the healthcare sector. The Ryuk ransomware strain is now the most popular malware to deploy in these attacks, followed by Sodinokibi. Overall, an average of 626 attacks was recorded on a weekly basis against healthcare organizations in November, in comparison to 430 in October. Central Europe has been hardest hit in the past two months, with a 145% increase in healthcare-related attacks, followed by East Asia, Latin America, and then the rest of Europe and North America. Healthcare organizations in Canada and Germany experienced the largest surge in cyberattack rates at 250% and 220%, respectively. Check Point says that the reason for the increase is financial, with threat actors seeking to cash in on the worldwide disruption caused by COVID-19. While bog-standard fraudsters are targeting the general public through phishing, emails, texts, and phone calls in coronavirus-related campaigns, other groups are hoping to profit through more debilitating attacks on core services. “As the world’s attention continues to focus on dealing with the pandemic, cybercriminals will also continue to use and try to exploit that focus for their own illegal purposes — so it’s essential that both organizations and individuals maintain good cyber-hygiene to protect themselves against covid-related online crime,” the team says. Source: https://www.zdnet.com/article/as-coronavirus-cases-surge-so-do-cyberattacks-against-the-healthcare-sector/

Read the original post:
As coronavirus cases surge, so do cyberattacks against the healthcare sector

How do I select cyber insurance for my business?

There has been a 70%+ increase in the average cost of a cybercrime to an organization over five years to $13mn and a 60%+ increase in the average number of security breaches, a recent report reveals. Losses resulting from external incidents, such as DDoS attacks or phishing and malware/ransomware campaigns, account for 85% of the value of claims, followed by malicious internal actions (9%) – which are infrequent but can be costly. To select suitable … More ? The post How do I select cyber insurance for my business? appeared first on Help Net Security .

Read this article:
How do I select cyber insurance for my business?

Protect your business from DDoS attacks: Join this webinar to find out more

Expert advice on how to combat one of the most dangerous online threats Promo   With the COVID-19 pandemic leading us all to depend on online services like we never have before, a DDoS attack that takes operations offline can have very serious and long-term consequences for a business. Add to this the huge surge in DDoS attacks this year, with assaults getting bigger, more powerful and disruptive, and it’s clear security leaders need to urgently get to grips with how to deal with them.…

View post:
Protect your business from DDoS attacks: Join this webinar to find out more

Spamhaus Intelligence API: Free threat intelligence data for security developers

Spamhaus Technology releases its Intelligence API. This is the first time Spamhaus has released its extensive threat intelligence via API, providing enriched data relating to IP addresses exhibiting compromised behaviour. Available free of charge, developers can readily access enhanced data that catalogues IP addresses compromised by malware, worms, Trojan infections, devices controlled by botnets, and third party exploits, such as open proxies. The API features live and historical data, including bot names, first seen dates, … More ? The post Spamhaus Intelligence API: Free threat intelligence data for security developers appeared first on Help Net Security .

See the original article here:
Spamhaus Intelligence API: Free threat intelligence data for security developers

DOSarrest Unleashes new version of its Simulated DDoS Attack platform

VANCOUVER, British Columbia, Dec. 01, 2020 (GLOBE NEWSWIRE) — DOSarrest Internet Security announced today that they have released a new version of its C ybe r A ttack P reparation P latform ( CAPP ) . CAPP is a serve yourself portal allowing customers to test their DDoS protection services they have in place or to stress test their website’s software capability under load. The service has over 50 different types of DDoS attacks in stock, the latest version is a completely new software build of the backend to accommodate a larger and more powerful botnet along with resource management. This version of CAPP, has a new easy to use Wizard to help customers navigate and launch multiple different attacks on multiple targets simultaneously. The customer interface is also integrated into DOSarrest’s customer portal along with all of their other Internet security services. Some of the new attacks now available include: SSL Connection Overload, GRE Protocol Floods, Database Stress Testing, Variable ICMP Type Floods & Advanced TCP Table Exhaustion, Enhanced HTTP Attacks – Able to randomize User agents, URI’s, referrers and much more, all with a high number of concurrent connections. DOSarrest CTO Jag Bains comments, “It’s interesting to see how different systems react to attacks; CAPP not only shows you the traffic to the victim but also shows you the traffic response from the victim. A small attack to a target can actually produce a response back that’s 500 times larger.” Bains adds, “Every time a customer uses the service, they learn something new, sometimes it’s bad news; the good news is, it’s only a test.” CEO of DOSarrest, Mark Teolis states “Pretty much all of the new attacks and enhancements are a result of customer feedback over the last few years of operating the service first launched in 2018. Customers know they have weak or overcommitted resources, and they want test them to make sure they don’t fail.” About DOSarrest Internet Security: DOSarrest founded in 2007 in Vancouver, B.C., Canada serves a global client base and specializes in fully managed cloud based Internet security services including DDoS prot e ction for websites , Net w ork Infrastructure protection , W eb A pplication F ir e w a ll (WAF) , Traff i c Analyzer as well as C A PP . Source: https://www.globenewswire.com/news-release/2020/12/01/2137310/0/en/DOSarrest-Unleashes-new-version-of-its-Simulated-DDoS-Attack-platform.html

Read the original post:
DOSarrest Unleashes new version of its Simulated DDoS Attack platform

How prevalent is DNS spoofing? Could a repeat of the Dyn/Mirai DDoS attack have the same results?

Two separate groups of academics have recently released research papers based on research into the Domain Name System (DNS). One has found that the overwhelming majority of popular site operators haven’t learned from the 2016 Dyn/Mirai incident/attack and set up a backup DNS server, and the other has shown that the rate of DNS spoofing, though still very small, has more than doubled in less than seven years. DNS dependency Carnegie Mellon University PhD student … More ? The post How prevalent is DNS spoofing? Could a repeat of the Dyn/Mirai DDoS attack have the same results? appeared first on Help Net Security .

Continue Reading:
How prevalent is DNS spoofing? Could a repeat of the Dyn/Mirai DDoS attack have the same results?

Cyber insurance claims on the rise

External attacks on companies result in the most expensive cyber insurance losses, but it is employee mistakes and technical problems that are the most frequent generator of claims by number, according to a report from Allianz Global Corporate & Specialty (AGCS). The study analyzes 1,736 cyber-related insurance claims worth EUR 660mn (US$ 770mn) involving AGCS and other insurers from 2015 to 2020. “Losses from incidents such as distributed denial of service (DDoS) attacks or phishing … More ? The post Cyber insurance claims on the rise appeared first on Help Net Security .

Read More:
Cyber insurance claims on the rise

In 2016 Australia’s online census failed. Preparations for the 2021 edition have been rated ‘partly effective’

Devs can make unauthorised changes, data integrity is a work in progress, security is not there yet … and there’s just nine months to go In 2016 Australia’s online census crashed and burned after legitimate attempts to complete the survey were mistaken for a DDOS attack, the routers funneling traffic failed and disaster recovery plans did likewise.…

Continue reading here:
In 2016 Australia’s online census failed. Preparations for the 2021 edition have been rated ‘partly effective’

Russian jailed for eight years in the US for writing code that sifted botnet logs for web banking creds for fraudsters

Harvested usernames, passwords used to drain victims’ coffers A Russian programmer has been sentenced to eight years behind bars in America for his part in a massive cybercriminal network that hacked into and drained victims’ bank accounts.…

Continued here:
Russian jailed for eight years in the US for writing code that sifted botnet logs for web banking creds for fraudsters