Tag Archives: ddos news

Researchers open source tools to identify Twitter bots at scale

Duo Security published technical research and methodology detailing how to identify automated Twitter accounts, known as bots, at a mass scale. Using machine learning algorithms to identify bot accounts across their dataset, Duo Labs researchers also unraveled a sophisticated cryptocurrency scam botnet consisting of at least 15,000 bots, and identified tactics used by malicious bots to appear legitimate and avoid detection, among other findings. The research From May to July 2018, researchers collected and analyzed … More ? The post Researchers open source tools to identify Twitter bots at scale appeared first on Help Net Security .

Read More:
Researchers open source tools to identify Twitter bots at scale

ERP applications under attack: How criminals target the crown jewels

Business-critical applications running the biggest organizations in the world are under attack, according to research from Digital Shadows and Onapsis. The report shows a rise in cyberattacks on widely-used enterprise resource planning (ERP) applications such as SAP and Oracle — which currently have a combined 9,000 known security vulnerabilities. The report also highlights an increase in attacks on these systems by nation-state actors, cybercriminals and hacktivists that include both hacking and DDoS attempts to compromise … More ? The post ERP applications under attack: How criminals target the crown jewels appeared first on Help Net Security .

View original post here:
ERP applications under attack: How criminals target the crown jewels

Threat X extends SaaS-Based WAF solution with threat detection

Threat X announced the addition of capabilities to help global customers identify, profile, and intercept a wide range of threats, including DDoS, Bot and zero-day attacks while increasing application performance. Additionally, cloud-native deployment options mean organizations can deploy and scale Threat X in hours—compared to the weeks associated with traditional WAF deployments. Today, security teams are challenged to protect the large attack surfaces presented by complex technology environments from an ever-evolving threat landscape. These teams … More ? The post Threat X extends SaaS-Based WAF solution with threat detection appeared first on Help Net Security .

See more here:
Threat X extends SaaS-Based WAF solution with threat detection

DNS amplification attacks double in Q1 2018

DNS amplification types of DDoS attacks doubled in the first quarter of 2018 over last quarter, and spiked nearly 700 percent year-over-year, according to Nexusguard. Nexusguard’s scanning and attack Memcached honeypot Nexusguard’s Q1 2018 Threat Report, which analyzes thousands of global cyber attacks, reported that 55 of the attacks were due to exploited Memcached servers. The vulnerable servers pose a significant new risk if not properly configured, similar to exposed servers enabled by DNSSEC, a … More ? The post DNS amplification attacks double in Q1 2018 appeared first on Help Net Security .

Read the original post:
DNS amplification attacks double in Q1 2018

E-voting and DDoS concerns: The devil’s in the details

It’s a typical Wednesday. I’m sitting in the lounge at the Imperva office going through emails when I stumble onto a whitepaper titled Trust Implications of DDoS Protection in Online Elections. “That’s an interesting topic,” I think, and dive in. Coincidentally, this whitepaper turns out to be about our own DDoS protection service, which makes it even more interesting. Reading the document, I quickly realize that I don’t agree with several assumptions and interpretations outlined … More ? The post E-voting and DDoS concerns: The devil’s in the details appeared first on Help Net Security .

Read More:
E-voting and DDoS concerns: The devil’s in the details

Pwn goal: Hackers used the username root, password root for botnet control database login

These are not the criminal geniuses you were expecting An IoT botnet has been commandeered by white hats after its controllers used a weak username and password combination for its command-and-control server.…

Originally posted here:
Pwn goal: Hackers used the username root, password root for botnet control database login

How Mirai spawned the current IoT malware landscape

When, in late 2016, US-based DNS provider Dyn suffered a massive DDoS attack that it resulted in the temporary unavailability of many popular online services, the name of the Mirai malware became instantly known outside the cybersecurity industry. Since then, we’ve come to know the identities of the author of the malware and the botmasters who used it to mount that and other attacks. But, even before the attack against Dyn, they released the malware’s … More ? The post How Mirai spawned the current IoT malware landscape appeared first on Help Net Security .

View article:
How Mirai spawned the current IoT malware landscape

OMG, that’s downright Wicked: Botnet authors twist corpse of Mirai into new threats

Infamous IoT menace lives on in its hellspawn Cybercrooks are using the infamous Mirai IoT botnet as a framework to quickly add in new exploits and functionalities, it has emerged.…

See the original post:
OMG, that’s downright Wicked: Botnet authors twist corpse of Mirai into new threats

DHS, FBI warn about malware tied to North Korean threat actor

US-CERT has released a new technical alert on malware used by Hidden Cobra, a threat actor whose activities they believe to be directed by the North Korean government. The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have been documenting malware used by the group for a while now. This time, they warn about Joanap, a remote access tool (RAT) that is used “to establish peer-to-peer communications and to manage botnets … More ? The post DHS, FBI warn about malware tied to North Korean threat actor appeared first on Help Net Security .

More:
DHS, FBI warn about malware tied to North Korean threat actor

Starbucks site slurped, Z-Wave locks clocked, mad Mac Monero mining malware and much more

Some security bites for the long weekend Roundup   While this week was dominated by news of a new Spectre variant , the VPNFilter botnet , and TalkTalk’s badbad routersrouters , plenty of other stories popped up.…

Read this article:
Starbucks site slurped, Z-Wave locks clocked, mad Mac Monero mining malware and much more