Tag Archives: ddos

Plane-tracking site Flight Radar 24 DDoSed… just as drones spotted buzzing over Azerbaijan and Armenia

That’s one way of poking the world’s eyes out for a few hours Popular plane-tracking website Flight Radar 24 has been the victim of multiple DDoS attacks over the past few days – and though the site’s operators haven’t attributed blame, some have wondered if a regional conflict may have been the cause.…

See original article:
Plane-tracking site Flight Radar 24 DDoSed… just as drones spotted buzzing over Azerbaijan and Armenia

Sorry we shut you out, says Tutanota: Encrypted email service weathers latest of ongoing DDoS storms

Privacy-conscious biz insists on rolling its own mitigations, though Encrypted email biz Tutanota has apologised for accidentally shutting its own users out while fending off the latest of a series of distributed denial-of-service (DDoS) attacks.…

More here:
Sorry we shut you out, says Tutanota: Encrypted email service weathers latest of ongoing DDoS storms

DDoS cyberattacks have skyrocketed this year. Just ask the New Zealand stock exchange

The New Zealand stock exchange (NZX) website has gone down again in what appears to be the latest disruption caused by cyber attackers. The NZX website has been targeted by repeated distributed denial of service (DDoS) attacks over the last week, beginning last Tuesday. Such attacks disrupt service by saturating the network with significant volumes of internet traffic, and have caused NZX to halt trading four days in a row. The latest outage comes less than an hour after NZX revealed it had contingency arrangements in place with the Financial Markets Authority should its website go down again. The arrangements, which come after NZX teamed up with cyber defence experts Akamai Technologies, are for the release of and access to market announcements that are intended to allow trading to continue. NZX chief executive Mark Peterson said he’d been advised by independent cyber specialists that the recent attacks are “among the largest, most well-resourced and sophisticated they have ever seen in New Zealand”. On Friday, the Government Communications Security Bureau (GCSB) was directed to help the NZX with the attacks amid reports a crime syndicate was demanding Bitcoin payments. In an appearance on The AM Show on Monday, Rush Digital founder Danu Abeysuriya told host Ryan Bridge the attackers can be difficult to track. “Whoever’s doing it has a lot of resources organised – so it could be a really cashed-up criminal gang, which is highly likely, or something more,” he said. “It’s highly likely that it’s a ransom-type attack.” Abeysuriya said technology company Garmin recently paid a ransom of about 10 million Euros following a cyber-attack. Source: https://www.newshub.co.nz/home/money/2020/08/nzx-website-goes-down-yet-again.html    

See more here:
DDoS cyberattacks have skyrocketed this year. Just ask the New Zealand stock exchange

DDoS attacks in April, May and June 2020 double compared to Q2 2019

Findings from Link11’s H1 2020 DDoS Report reveal a resurgence in DDoS attacks during the global COVID-19 related lockdowns. In April, May and June 2020, the number of attacks registered by Link11’s Security Operations Center (LSOC) averaged 97% higher than the during the same period in 2019, peaking at a 108% increase in May 2020. Key findings from the annual report include: Multivector attacks on the rise: 52% of attacks combined several methods of attack, … More ? The post DDoS attacks in April, May and June 2020 double compared to Q2 2019 appeared first on Help Net Security .

Continued here:
DDoS attacks in April, May and June 2020 double compared to Q2 2019

New defense method enables telecoms, ISPs to protect consumer IoT devices

Instead of relying on customers to protect their vulnerable smart home devices from being used in cyberattacks, Ben-Gurion University of the Negev (BGU) and National University of Singapore (NUS) researchers have developed a new method that enables telecommunications and internet service providers to monitor these devices. An overview of the key steps in the proposed method According to their new study, the ability to launch massive DDoS attacks via a botnet of compromised devices is … More ? The post New defense method enables telecoms, ISPs to protect consumer IoT devices appeared first on Help Net Security .

Visit site:
New defense method enables telecoms, ISPs to protect consumer IoT devices

In addition to traditional DDoS attacks, researchers see various abnormal traffic patterns

In the first quarter of 2020, DDoS attacks rose more than 278% compared to Q1 2019, and more than 542% compared to the last quarter, as published in the Nexusguard Q1 2020 Threat Report. DDoS attacks have become a global risk, and as attacks continue to increase in complexity, further spurred by the pandemic, ISPs will have to strengthen their security measures. Undetectable and abnormal traffic patternss While DDoS attacks disrupt service for large companies … More ? The post In addition to traditional DDoS attacks, researchers see various abnormal traffic patterns appeared first on Help Net Security .

Read More:
In addition to traditional DDoS attacks, researchers see various abnormal traffic patterns

CyberX, CyberX, does whatever a CyberX does. Locks IoT, machines too, Microsoft got it so you will to

Plus: DDoS’er jailed, and more In Brief   Redmond is bulking up the security around its AzureStack hardware-to-cloud bundle by acquiring infosec firm CyberX.…

Read More:
CyberX, CyberX, does whatever a CyberX does. Locks IoT, machines too, Microsoft got it so you will to

Docker servers infected with DDoS malware in extremely rare attacks

Up until recently, Docker servers misconfigured and left exposed online have been historically targeted with cryptocurrency-mining malware, which has helped criminal groups generate huge profits by hijacking someone else’s cloud resources. However, in a report published this week, security researchers from Trend Micro have discovered what appears to be the first organized and persistent series of attacks against Docker servers that infect misconfigured clusters with DDoS malware. According to Trend Micro, the two botnets are running versions of the XORDDoS and the Kaiji malware strains. Both malware operations have a long and well-documented history, especially XORDDoS, which has been spotted used in the wild for many years. However, the two DDoS botnets had usually targeted routers and smart devices, and never complex cloud setups, such as Docker clusters. “XORDDoS and Kaiji have been known to leverage telnet and SSH for spreading before, so I see Docker as a new vector which increases the potential of the botnet, a green field full of fresh fruit to pick with no immediate competitors,” Pascal Geenens, cybersecurity evangelist at Radwa r e , told ZDNet via email earlier this week. “Docker containers will typically provide more resources compared to IoT devices, but they typically run in a more secured environment, and it might be hard to impossible for the container to perform DDoS attacks,” Geenens added. “The unique perspective of IoT devices such as routers and IP cameras is that they have unrestricted access to the internet, but typically with less bandwidth and less horsepower compared to containers in a compromised environment,” the Radware researcher told ZDNet . “Containers, on the other hand, typically have access to way more resources in terms of memory, CPU, and network, but the network resources might be limited to only one or a few protocols, resulting in a smaller arsenal of DDoS attack vectors supported by those ‘super’ bots.” However, these limitations don’t usually impact crypto-mining botnets, which only need an open HTTPS channel to the outside world, Geenens said. But despite the limitations in how a DDoS gang could abuse hacked Docker clusters, Geenens says this won’t stop hackers from attacking this “green field full of fresh fruit to pick” as there are very few vulnerable IoT devices that haven’t been infected already, which has forced hackers to target Docker servers to begin with. And on a side note, Geenens also told ZDNet that he suspects that DDoS operators are already quite familiar with Docker systems already. While this is the first time they’re hacking Docker clusters, Geenens believes hackers often use Docker to manage their own attack infrastructure. “I have no immediate proof, but I’m pretty sure that in the same way as legitimate applications benefit from [Docker’s] automation and agility (DevOps), so will illegal applications.” The most common source of Docker hacks is the management interface (API) being left exposed online without authentication or being protected by a firewall. For readers looking to secure their servers, that would be a good first thing to check. In its report, Trend Micro also recommends that server administrators secure their Docker deployments by following a series of basic steps, detailed here . Source: https://www.zdnet.com/article/docker-servers-infected-with-ddos-malware-in-extremely-rare-attacks/

Originally posted here:
Docker servers infected with DDoS malware in extremely rare attacks