In light of the rise of “DDoS hacktivism” and the recent DDoS attacks aimed at disrupting French and Alabama government websites, the Cybersecurity and Infrastructure Security Agency (CISA) has updated its guidance of how governmental entities (but also other organizations) should respond to this type of attacks. DDoS attacks explained First and foremost, the document explains the main difference between a DoS attack (from a single source) and a DDoS attack (from multiple sources). “The … More ? The post CISA: Here’s how you can foil DDoS attacks appeared first on Help Net Security .
Tag Archives: don’t miss
Cybersecurity sectors adjust as DDoS attacks reach new heights
In this Help Net Security video, Andrey Slastenov, Head of Security Department at Gcore, discusses the findings of their latest report that provide insights into the current state of the DDoS protection market and cybersecurity trends. Key highlights from Q3–Q4 2023: The maximum attack power rose from 800 Gbps (1H 2023) to 1.6 Tbps. UDP floods constitute 62% of DDoS attacks. TCP floods and ICMP attacks remain popular at 16% and 12% respectively and SYN, … More ? The post Cybersecurity sectors adjust as DDoS attacks reach new heights appeared first on Help Net Security .
Follow this link:
Cybersecurity sectors adjust as DDoS attacks reach new heights
FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities
The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) vulnerabilities for lateral movement and privilege escalation. The FritzFrog botnet The FritzFrog botnet, initially identified in August 2020, is a peer-to-peer (rather than centrally-controlled) botnet powered by malware written in Golang. It targets SSH servers by brute-forcing login credentials, and has managed to compromise thousands of them worldwide. “Each compromised host … More ? The post FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities appeared first on Help Net Security .
Excerpt from:
FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities
Essential DDoS statistics for understanding attack impact
The impact of DDoS attacks extends far beyond mere inconvenience, as they can result in financial losses, compromised data, and erosion of customer trust. Understanding the nature and consequences of DDoS activity is essential for organizations and individuals alike as they strive to protect their online presence and ensure the uninterrupted flow of critical services. In this article, you will find excerpts from DDoS attack surveys we covered in 2023. This data will enable your … More ? The post Essential DDoS statistics for understanding attack impact appeared first on Help Net Security .
Link:
Essential DDoS statistics for understanding attack impact
Bogus OfficeNote app delivers XLoader macOS malware
A new macOS-specific variant of the well known XLoader malware is being delivered disguised as the “OfficeNote” app. “Multiple submissions of this sample have appeared on VirusTotal throughout July, indicating that the malware has been widely distributed in the wild,” SentinelOne researchers said. The new XLoader macOS malware variant XLoader is a malware-as-a-service infostealer and botnet that has been active since 2015, but first appeared as a macOS variant in 2021, written in Java. “The … More ? The post Bogus OfficeNote app delivers XLoader macOS malware appeared first on Help Net Security .
Macs are getting compromised to act as proxy exit nodes
AdLoad, well-known malware that has been targeting systems running macOS for over half a decade, has been observed delivering a new payload that – unbeknown to the owners – enlisted their systems into a residential proxy botnet. According to AT&T Alien Labs threat intelligence researchers, who analyzed over 150 samples of the malware they found in the wild, many devices are infected. “Alien Labs has identified over 10,000 IPs reaching out to the proxy servers … More ? The post Macs are getting compromised to act as proxy exit nodes appeared first on Help Net Security .
Follow this link:
Macs are getting compromised to act as proxy exit nodes
How to accelerate and access DDoS protection services using GRE
As we entered 2023, the cybersecurity landscape witnessed an increase in sophisticated, high-volume attacks, according to Gcore. The maximum attack power rose from 600 to 800 Gbps. UDP flood attacks were most common and amounted to 52% of total attacks, while SYN flood accounted for 24%. In third place was TCP flood. The most-attacked business sectors are gaming, telecom, and finance. The longest attack duration in Q2/Q3 was seven days, 16 hours, and 22 minutes. … More ? The post How to accelerate and access DDoS protection services using GRE appeared first on Help Net Security .
Read More:
How to accelerate and access DDoS protection services using GRE
Unraveling the multifaceted threats facing telecom companies
In today’s interconnected world, telecom companies serve as gateways, connecting individuals, businesses, and governments. However, this role also makes them prime targets for cyberattacks. From DDoS attacks to sophisticated spyware infiltration, telecom providers face a wide range of threats that can disrupt services, compromise data, and compromise subscriber privacy. In this Help Net Security interview, Georgia Bafoutsou, Cybersecurity Officer at the European Union Agency for Cybersecurity (ENISA), explores some of the common attack vectors that … More ? The post Unraveling the multifaceted threats facing telecom companies appeared first on Help Net Security .
Read More:
Unraveling the multifaceted threats facing telecom companies
Compromised Linux SSH servers engage in DDoS attacks, cryptomining
Poorly managed Linux SSH servers are getting compromised by unknown attackers and instructed to engage in DDoS attacks while simultaneously mining cryptocurrency in the background. The Tsunami DDoS bot Tsunami, also known as Kaiten, is a type of DDoS bot that is frequently distributed alongside malware strains like Mirai and Gafgyt. What sets Tsunami apart from other DDoS bots is the fact that it functions as an internet relay chat (IRC) bot, meaning it uses … More ? The post Compromised Linux SSH servers engage in DDoS attacks, cryptomining appeared first on Help Net Security .
Read the article:
Compromised Linux SSH servers engage in DDoS attacks, cryptomining
Microsoft confirms DDoS attacks against M365, Azure Portal
The Microsoft 365 and Azure Portal outages users expirienced this month were caused by Layer 7 DDoS attacks, Microsoft has confirmed on Friday. The DDoS attacks against Microsoft 365 and Azure Portal Throughout the first half June 2023 Microsoft confirmed, at various times, ongoing issues with its cloud-based services – Microsoft 365 (including Outlook on the web and OneDrive) and Azure Portal – but did not say at the time that they were caused by … More ? The post Microsoft confirms DDoS attacks against M365, Azure Portal appeared first on Help Net Security .
Link:
Microsoft confirms DDoS attacks against M365, Azure Portal