Tag Archives: copyright

Mirai Linux Trojan corrals IoT devices into DDoS botnets

Mirai, a newly discovered and still poorly detected piece of Linux malware, is being used to rope IoT devices into DDoS botnets. Researchers from MalwareMustDie have recently gotten their hands on several variants of the threat, and have discovered the following things: It comes in the form of an ELF file (typical for executable files in Unix and Unix-like systems) It targets mostly routers, DVR or WebIP cameras, Linux servers, and Internet of Things devices … More ?

Read More:
Mirai Linux Trojan corrals IoT devices into DDoS botnets

Global mobile deep packet inspection market explodes

The global mobile deep packet inspection (DPI) market will grow at an impressive CAGR of almost 22% until 2020, according to Technavio. Stateful packet inspection Stateful packet inspection (SPI), also known as shallow packet inspection technology, was widely used for detecting abnormal packets by inspecting the packet headers only. SPI was not able to detect many new network attacks such as network intrusion detection systems (NIDS) evasion and distributed denial of service. Thus, DPI became … More ?

Excerpt from:
Global mobile deep packet inspection market explodes

Twitter-controlled Android backdoor delivers banking malware

A backdoor Trojan named Twitoor is the first instance of Android malware that receives its commands from a Twitter account. Keeping their botnet out of law enforcement’s and other criminals’ hands is imperative for botmasters if they want to keep earning. C&C servers are the norm, but they can be tracked down, seized by the authorities and, ultimately, reveal crucial information about the botnet, allowing them to shut it down or cripple it. Twitter or … More ?

Originally posted here:
Twitter-controlled Android backdoor delivers banking malware

Subverting protection into DDoS attacks

On average, DNSSEC reflection can transform an 80-byte query into a 2,313-byte response, an amplification factor of nearly 30 times, which can easily cause a network service outage during a DDoS attack, resulting in lost revenue and data breaches, according to Neustar. DNSSEC was designed to provide integrity and authentication to DNS, which it accomplishes with complex digital signatures and key exchanges. As a result, when a DNS record is transferred to DNSSEC, an extraordinary … More ?

Originally posted here:
Subverting protection into DDoS attacks

DDoS attacks increase 83%, Russia top victim

DDoS attacks increased 83 percent to more than 182,900 attacks in the second quarter of the year, according to Nexusguard. The newest report shows that Russia has become the No. 1 victim country. Starlink – a Russian ISP supporting small, medium and large enterprises – received more than 40 percent of the DDoS attacks measured over a two-day period. This targeted DNS attack also pushed the mean average DDoS duration to hours instead of minutes, … More ?

Read the original:
DDoS attacks increase 83%, Russia top victim

US Congress websites recovering after three-day DDoS attack

Library of Congress among the victims to go temporarily offline. Several websites owned and operated by the United States Congress are recovering from a three-day distributed denial-of-service (DDoS) attack. The DDoS campaign began on July 17 when the websites for the Library of Congress (LoC) began experiencing technical difficulties. A day later, the websites went temporarily offline: During the attack, Library of Congress employees were unable to access their work emails or visit any of the Library’s websites. Softpedia reports the attackers ultimately overcame initial defense measures to escalate their campaign. Specifically, they brought down two additional targets: congress.gov, the online portal for the United States Congress; and copyright.gov, the website for the United States Copyright Office. On Tuesday morning, things started to get back to normal. Some email accounts were functioning, writes FedScoop, but other online properties by the LoC remained offline. As of this writing, the three government portals affected by the attack are back online. Tod Beardsley, a senior research manager for Boston-based cybersecurity firm Rapid7, feels that denial-of-service attacks remain popular because of how difficult it is for a target to mitigate a campaign while it is still in progress. As he told FedScoop : “DoS attacks that leverage DNS as a transport is a common mechanism for flooding target sites with unwanted traffic for two reasons. [First,] DNS traffic is often passed through firewalls without traffic inspection, since timely responses to DNS are critical for many networked environments. [And] second, DNS nearly always uses User Datagram Protocol, or UDP, rather than Transmission Control Protocol, or TCP, and UDP-based protocols like DNS are connectionless. As a result of this design, it’s easier for attackers to forge data packets with many fake source addresses, making it difficult to filter good data over bad.” Network filtering devices can help, but only if a company decides to buy one. Perhaps the Library of Congress didn’t own such a device or lacked a service provider with expertise in mitigating DoS/DDoS attacks. There’s little companies can do to protect against DDoS attacks, as script kiddies with a few bucks can rent a botnet online to attack whichever target they choose. With that in mind, organizations should prepare for these attacks by investing in DDoS mitigation technologies that can in the event of an attack help accommodate and filter attack traffic. Source: https://www.grahamcluley.com/2016/07/congress-website-ddos/

See more here:
US Congress websites recovering after three-day DDoS attack

UK: Cybercrime now bigger threat than traditional crime

The accelerating pace of technology and criminal cyber capability currently outpaces the UK’s collective response to cybercrime, calling for stronger collaborative working between government, law enforcement and, crucially, business to reduce vulnerabilities and prevent crime. Cybercrime as a proportion of total UK crime in 2015 An assessment by the National Crime Agency shows that cybercrime activity is growing fast and evolving, with the threats from DDoS and ransomware attacks increasing significantly in 2015. The most … More ?

View original post here:
UK: Cybercrime now bigger threat than traditional crime

DDoS extortion campaigns increasingly target businesses

80 percent of European IT security professionals expect their business to be threatened with a DDoS ransom attack during the next 12 months, according to Corero Network Security. The research, which polled over 100 security professionals at the Infosecurity Europe conference in London, highlights the growing threat of cyber extortion attempts targeting businesses in the United Kingdom and continental Europe. The rise of DDoS extortion campaigns Last month, (May 2016), the City of London Police … More ?

Visit link:
DDoS extortion campaigns increasingly target businesses

25,000-strong CCTV botnet used for crippling DDoS attacks

A DDoS attack against a jewelry shop website has lead researchers to the discovery of a CCTV botnet comprised of some 25,000 cameras from around the globe. The website had been repeatedly attacked, first with 35,000 HTTP requests per second and then, when those efforts were thwarted, with 50,000 HTTP requests per second. Looking into the IP addresses from which the attack was coming from, Sucuri researchers discovered that all of them were running the … More ?

See more here:
25,000-strong CCTV botnet used for crippling DDoS attacks

Godless Android malware offers serious firepower to a botnet herder

One of the most concerning characteristics of the Godless malware is the ability to receive remote instructions on which app to download and install on mobile devices, without the user’s knowledge. This is called command and control (C&C). Being a DDoS subject matter expert, I believe this has the makings of something more insidious than malicious ads. Nearly one million infected Android devices connected to 4G LTE networks offers some serious firepower for a botnet … More ?

Visit site:
Godless Android malware offers serious firepower to a botnet herder