Locky-style nasty will squeeze you for two whole bitcoins The Necurs botnet has been harnessed to fling a new strain of ransomware dubbed “Jaff”.…
See more here:
‘Jaff’ argh snakes: 5m emails/hour ransomware floods inboxes
Locky-style nasty will squeeze you for two whole bitcoins The Necurs botnet has been harnessed to fling a new strain of ransomware dubbed “Jaff”.…
See more here:
‘Jaff’ argh snakes: 5m emails/hour ransomware floods inboxes
A tweet from conservative media icon Matt Drudge’s verified Twitter account Thursday night appeared to accuse the government of interfering with his website, DrudgeReport.com , just hours after the Barack Obama administration announced new sanctions against Russia over election hacking. “Is the US government attacking DRUDGE REPORT? Biggest DDoS since site’s inception. VERY suspicious routing [and timing],” the tweet to Drudge’s 457,000 followers read. There were no other tweets from the account at the time. A large-scale distributed denial of service attack, or DDoS, can cause major Internet disruptions. In the past, such attacks have shut down major websites such as Twitter, Spotify, Netflix, Amazon, Tumblr, and Reddit. The attack sends a server many illegitimate requests to make it hard for real requests to get through, effectively shutting down the site. Drudge Report was down briefly around 7 p.m. EST, but working hours later. The top headline read: “MOSCOW MOCKS OBAMA ‘LAME DUCK’” Meanwhile, the conservative Washington Times wrote: “Matt Drudge suggests U.S. government cyberattack on Drudge Report website. DDoS attack comes same day Obama announced countermeasures against Russia for hacking of Democrats.” Conservatives on Twitter also accused the government of shutting down the Russian news website, RT. “Numerous reports of Russian state-run Network RT being unavailable. Drudge Report also under ‘Biggest DDoS attack since site’s inception,’” wrote one user. President Barack Obama announced Thursday sanctions against several Russian agencies and individuals after cyberattacks during the 2016 presidential election against Democratic Party institutions that appeared to help Donald Trump win over Hillary Clinton. “All Americans should be alarmed by Russia’s actions. In October, my administration publicized our assessment that Russia took actions intended to interfere with the U.S. election process,” Obama said. “These data theft and disclosure activities could only have been directed by the highest levels of the Russian government. Moreover, our diplomats have experienced an unacceptable level of harassment in Moscow by Russian security services and police over the last year. Such activities have consequences.” Government officials have wrangled with Drudge before over his alleged false claims. With 2 million daily unique visitors and around 700 million monthly page views, DrudgeReport.com was the top site for referral traffic in 2014 to the Daily Mail, CNN, Fox News, Roll Call, Breitbart, The New York Times, USA Today, Associated Press and other news sites. Its readers were loyal, staying on the site for an average of 30 minutes, Politico reported. “People are religious in how they come to Drudge,” Vipul Mistry, Intermarket’s Business Development manager, told Politico’s On Media blog. “When we analyzed all our audience that’s what it is, people are on there not only in morning, they tend to leave it open as it refreshes.” Source: http://www.ibtimes.com/us-government-attacks-drudge-report-conservative-website-down-because-distributed-2467391
Continued here:
US Government Attacks Drudge Report? Conservative Website Down Because Of DDoS Attack, Matt Drudge Tweets
Enterprises going it alone against such an attack ‘would have been toast The DDoS attacks that flooded Dyn last month and knocked some high-profile Web sites offline don’t mean businesses should abandon it or other DNS service providers, Gartner says. In fact, the best way to go is to make sure critical Web sites are backed by more than one DNS provider, says Gartner analyst Bob Gill. It’s also the easiest way for an enterprise to defend against this type of attack and the only one known to be effective . “There’s nothing more elegant anyone has come up with in the intervening week,” he says. The high-volume, high-velocity attack was based largely on a botnet backed by Mirai malware that finds and infects internet of things devices that are virtually defenseless against it. It has proven capable of DDoS traffic of 1Tbps or more and the source code has been made public, so experts say it’s certain there will be more such attacks. Before the Dyn attacks, DNS services were considered vastly more reliable in-house DNS, and it still should be, Gill says. “If an enterprise had been hit with the volume Dyn was they would have been toast,” Gill says. He says he has been briefed by Dyn about the Oct. 21-22 attacks, most of which he can’t discuss publicly. But he says those Dyn customers that recovered quickly were those who dual-sourced their DNS service. “A significant number of Dyn customers popped back up after 10 to 15 minutes,” he says, and likely they were the ones with more than one DNS provider. Downsides of multiple providers is they represent an extra expense and not all providers offer exactly similar features such as telemetry, local-based routing and fault tolerance. So switching from one to another in an emergency might be complicated and might mean winding up with a different set of features. Coordinating multiple providers is an added headache. If cost is a concern, businesses could use a DNS provider like Amazon Web Service’s Route 53 that is inexpensive, relatively easy to set up and pay-as-you-go, he says. Gill says the motivation for the attack is hard to know. Dyn was a very attractive target for many possible reasons. It had advertised its security, and that might have been considered a reason for a glory-seeking attacker to go after it and take it down. A Dyn researcher delivered a paper on the links between DDoS mitigation firms and DDoS attacks the day before Dyn was hit, so perhaps the attack was revenge. Dyn has many high-profile customers, so perhaps the real target was one of them. It’s impossible to know for sure what the motive was. Gill says Dyn has learned a great deal about how to successfully mitigate this new class of attack. In general, after such incidents, providers ally themselves with other providers to help identify and block malicious traffic at the edges between their networks. Attacks may result in identifying new profiles of attack traffic that make it easier to sort out bad from good in future incidents. Source: http://www.networkworld.com/article/3137456/security/gartner-despite-the-ddos-attacks-don-t-give-up-on-dyn-or-dns-service-providers.html
Original post:
Gartner: Despite the DDoS attacks, don’t give up on Dyn or DNS service providers
After last September's arrest of an alleged member of the gang that has been developing and spreading the Dridex banking malware, and last October's temporary disruption of the Dridex botnet at the ha…
View post:
Someone hijacked the Dridex botnet to deliver Avira AV's installer
The latest security update (XSA-145 through 153) for the popular Xen virtualization software fixes nine issues. Eight of them can lead to Denial of Service, but the ninth is much more serious than…
Read More:
Xen Project plugs critical host hijacking flaw, patch ASAP
Or not, if you look at the numbers Australia has won the dubious honour of being named in the global top-10 DDoS sources, and in its quarterly State of the Internet report, Akamai reckons our tiny number of high-speed fibre broadband users are the cause.…
Visit link:
NBN vaults Australia into global top-10 … DDoS attack sources
Turns out, it wasn’t that big of a deal after all The Register has discovered that the unspecified IT attack which left 1,400 passengers of LOT Polish Airlines stranded in Warsaw was a simple DDoS issue, which had so impeded the airline’s connection that it could not produce its flight plans in time for take offs.…
See more here:
Polish plane IT attack? Apparently not, just a simple DDoS
Site flooded with 2.6 billion requests an hour Chinese activist site Greatfire.org which masks censored traffic into the country is under a sustained distributed denial of service (DDoS) attack that is racking up $30,000 a day in server costs.…
See the original post:
Massive DDoS racks up $30,000-a-day Amazon bill for China activists
Dell analysis shows ZeroAccess botnet still slinging out A combined attack on one of the world’s biggest networks of infected PCs has been partially successful: analysis from Dell SecureWorks shows you can’t keep a bad botnet down.…
View post:
We take bots down, but they get up again – you’re never going to keep them down