The Internet of Things (IoT) is now a major force in the weaponization of DDoS. In 2016, IoT botnets have fueled a number of attacks, including the largest-ever DDoS attack, and that role will only grow in the coming years. The tools to carry out these attacks are freely available to the public, and the IoT is expected to be 20 billion devices strong by 2020, so expect more frequent and disruptive attacks from a … More ?
Read the article:
How hackers will exploit the Internet of Things in 2017
The recent massive DDoS attack against DNS provider Dyn has jolted (some of) the general public and legislators, and has opened their eyes to the danger of insecure IoT devices. It is clear by now that it will take joint action by all stakeholders – users, manufacturers, the security industry, ISPs, law enforcement and legislators – to put an end to this particular problem, but it will take quite some time. Theoretical stopgap solutions In … More ?
View post:
Can we extinguish the Mirai threat?
Spam volume is back to mid-2010 heights, and Cisco Talos researchers say that the Necurs botnet is partly to blame. “Many of the host IPs sending Necurs’ spam have been infected for more than two years. To help keep the full scope of the botnet hidden, Necurs will only send spam from a subset of its minions. An infected host might be used for two to three days, and then sometimes not again for two … More ?
Originally posted here:
Spam is once again on the rise
Akamai Technologies released its Second Quarter, 2016 State of the Internet / Security Report, which highlights the cloud security landscape, specifically trends with DDoS and web application attacks, as well as malicious traffic from bots. During May 2016, the number of attacks spiked, fueled by campaigns targeting the gaming industry “While attack sizes are decreasing, we continue to see an uptick in the number of attacks as launch tools grow increasingly pervasive and easy to … More ?
Visit link:
DDoS and web application attacks keep escalating
In September 1996, New York City’s original ISP, Panix, was hit by a SYN flood denial of service attack that took them offline for several days. At a time when only 20 million Americans were online, this was one of the first high profile examples of the growing importance of network and service availability. It also demonstrated how fragile internet infrastructure was at the time. According to an advisory from Carnegie Melon’s CERT, “There is, … More ?
Originally posted here:
Business still ill-prepared to handle modern DDoS attacks
A recent report raiseed concerns about the abuse of DNSSEC to conduct DDoS attacks. The article reported that DNSSEC-signed domains can be used to conduct reflected DDoS attacks with large amplification factors (averaging 28.9x in their study) that could potentially cripple victim servers. The report went on to recommend that organizations deploying DNSSEC should configure their DNS servers to prevent this and other types of abuse. While this report presents some useful information about the … More ?
See more here:
DNSSEC: Don’t throw the baby out with the bath water
The global mobile deep packet inspection (DPI) market will grow at an impressive CAGR of almost 22% until 2020, according to Technavio. Stateful packet inspection Stateful packet inspection (SPI), also known as shallow packet inspection technology, was widely used for detecting abnormal packets by inspecting the packet headers only. SPI was not able to detect many new network attacks such as network intrusion detection systems (NIDS) evasion and distributed denial of service. Thus, DPI became … More ?
Excerpt from:
Global mobile deep packet inspection market explodes
At Black Hat USA 2016, Spirent Communications will be presenting CyberFlood, a security and performance testing platform suitable for complex testing scenarios. With CyberFlood, users can ensure that their security and performance testing addresses their unique environments by emulating realistic traffic volume, threats, and attack scenarios including fuzzing, malware, and DDoS attacks. Designed with team testing in mind, CyberFlood’s intuitive web UI extends easy-to-use best practices for faster, repeatable, and more accurate testing. Users can … More ?
Read More:
Security testing platform for app-aware infrastructures
DDoS attacks increased 83 percent to more than 182,900 attacks in the second quarter of the year, according to Nexusguard. The newest report shows that Russia has become the No. 1 victim country. Starlink – a Russian ISP supporting small, medium and large enterprises – received more than 40 percent of the DDoS attacks measured over a two-day period. This targeted DNS attack also pushed the mean average DDoS duration to hours instead of minutes, … More ?
Read the original:
DDoS attacks increase 83%, Russia top victim
AVG malware analyst Jakub Kroustek has devised a decryptor for Bart ransomware, and the company has made it available for download (for free). Bart ransomware This particular piece of malware was first spotted in late June, being delivered via spam emails sent out by the Necurs botnet – the botnet that’s responsible for the onslaught of Locky ransomware and the Dridex Trojan. Bart is not your typical crypto ransomware as it doesn’t encrypt victims’ files. … More ?
See the original article here:
Bart ransomware victims get free decryptor