Tag Archives: brazilian

Record-breaking number of record-breaking DDoS attacks confirmed

And growing abuse of cloud – because using hijacked Brazilian cable modems to down sites is so 2013 Dozens of companies over the weekend were hit by distributed denial-of-service (DDoS) attacks, including the largest one yet recorded, or so Cloudflare says.…

See original article:
Record-breaking number of record-breaking DDoS attacks confirmed

Don’t all rush out at once, but there are a million devices ripe to be the next big botnet

As bad as Mirai was, it could have been much worse A wormable vulnerability involving an estimated one million digital video recorders (DVR) is at risk of creating a Mirai-style botnet, security researchers warn.…

More:
Don’t all rush out at once, but there are a million devices ripe to be the next big botnet

Rio 2016 Olympics Suffered Sustained 540Gbps DDoS Attacks

Arbor security claims Rio was a success in terms of mitigating powerful, prolonged DDoS attacks Public facing websites belonging to organisations affiliated with the 2016 Rio Olympics were targeted by sustained, sophisticated DDoS attacks reaching up to 540Gbps, according to Arbor Networks. Many of these attacks started months before the Olympic Games had begun, but the security company said that attackers increased their efforts significantly during the games, generating the longest-duration sustained 500Gbps+ DDoS attack Arbor has ever seen. “And nobody noticed,” boasted Arbor’s Security Engineering and Response Team (ASERT). Virtual battlegrounds Just like other public services like electricity and water, the ins and outs of keeping websites up and running should be hidden from the general public, allowing them to go about their business without knowing about the virtual warfare being engaged behind server lines. And in ASERT’s opinion, the Rio Olympic Games “set the bar for rapid, professional, effective DDoS attack mitigation under the most intense scrutiny of any major international event to date”. “Over the last several months, several organizations affiliated with the Olympics have come under large-scale volumetric DDoS attacks ranging from the tens of gigabits/sec up into the hundreds of gigabits/sec,” blogged ASERT. “A large proportion of the attack volume consisted of UDP reflection/amplification attack vectors such as DNS, chargen, ntp, and SSDP, along with direct UDP packet-flooding, SYN-flooding, and application-layer attacks targeting Web and DNS services. “The defenders of the Rio Olympics’ online presence knew they’d have their work cut out for them, and prepared accordingly. “A massive amount of work was performed prior to the start of the games; understanding all the various servers, services, applications, their network access policies, tuning anomaly-detection metrics in Arbor SP, selecting and configuring situationally-appropriate Arbor TMS DDoS countermeasures, coordinating with the Arbor Cloud team for overlay ‘cloud’ DDoS mitigation services, setting up virtual teams with the appropriate operational personnel from the relevant organisations, ensuring network infrastructure and DNS BCPs were properly implemented, defining communications channels and operational procedures. “And that’s why the 2016 DDoS Olympics were an unqualified success for the defenders! Most DDoS attacks succeed simply due to the unpreparedness of the defenders – and this most definitely wasn’t the case in Rio.” However, not all defence tactics worked surrounding the Olympic Games. The Brazilian arm of hacking collective Anonymous was successful in targeting websites that included the official website of the federal government for the 2016 games and the Brazilian Ministry of Sports. Anonymous was also able to leak personal and financial data belonging to Brazilian sports domains such as the Brazilian Confederation of Boxing and the Brazilian Triathlon Confederation. “Hello Rio de Janeiro. We know that many have realized how harmful it was (and still is) the Olympic Games in the city. The media sells the illusion that the whole city celebrates and commemorate the reception of tourists from all over the world, many of them attracted by the prostitution network and drugs at a bargain price. This false happiness hides the blood shed in the suburbs of the city, mainly in the favelas thanks to countless police raids and military under the pretext of a fake war,” stated Anonymous. “Therefore, we will continue with our operations to unmask the numerous arbitrary actions of those who are state and therefore its own population enemies.” Source: http://www.techweekeurope.co.uk/security/rio-olympics-ddos-attacks-196998

Excerpt from:
Rio 2016 Olympics Suffered Sustained 540Gbps DDoS Attacks

Week in review: DDoS attacks becoming more effective, and how to build trust between business and IT

Here's an overview of some of last week's most interesting news, articles and interviews: Gathering and using threat intelligence In this interview, Tomer Teller, Security Innovation Manager at…

Read More:
Week in review: DDoS attacks becoming more effective, and how to build trust between business and IT

Critical vulnerabilities in popular DDoS toolkit exposed

Prolexic Technologies exposed weaknesses in the command and control (C&C) architecture of the Dirt Jumper DDoS Toolkit family that could neutralize would-be attackers. The Dirt Jumper family of toolki…

Excerpt from:
Critical vulnerabilities in popular DDoS toolkit exposed