Tag Archives: hot stuff

Researchers analyze DDoS attacks as coordinated gang activities

In a new report, NSFOCUS introduced the IP Chain-Gang concept, in which each chain-gang is controlled by a single threat actor or a group of related threat actors and exhibit similar behavior among the various attacks conducted by the same gang. IP Gang attack-type classification against attack volume size Researchers analyzed attack types, volume, size of events, gang activities, and attack rates. By studying the historical behavior of the 80 gangs identified in the report, … More ? The post Researchers analyze DDoS attacks as coordinated gang activities appeared first on Help Net Security .

View the original here:
Researchers analyze DDoS attacks as coordinated gang activities

Why you shouldn’t be worried about UPnP port masking

Last May, security firm Imperva wrote a blog post discussing a new proof of concept for bypassing DDoS mitigation after discovering reflected network protocols appearing on non-standard network ports. Imperva was able to replicate the same behavior using a technique called UPnP Port Masking, which uses the Universal Plug and Play (UPnP) Protocol to alter the source port of commonly abused network protocols in DDoS attacks. Multiple news outlets picked up on Imperva’s research and … More ? The post Why you shouldn’t be worried about UPnP port masking appeared first on Help Net Security .

View article:
Why you shouldn’t be worried about UPnP port masking

Intensifying DDoS attacks: ?Choosing your defensive strategy

One of the biggest misconception regarding DDoS attacks is that they are a once-in-a-lifetime event for organizations, says Josh Shaul, VP of Web Security at Akamai. “Over the last six months, our State of the Internet Report found that companies suffered 41 DDoS attacks on average over the last six months,” he points out. The rise and rise of DDoS attacks As Arbor Networks CTO Darren Anstee recently pointed out, DDoS attacks have become a … More ? The post Intensifying DDoS attacks: ?Choosing your defensive strategy appeared first on Help Net Security .

Read more here:
Intensifying DDoS attacks: ?Choosing your defensive strategy

Hacking for fun and profit: How one researcher is making IoT device makers take security seriously

We should all be so lucky to enjoy our work as much as Ken Munro does. Generally attracted by research that “looks fun” and particularly interested in probing the security of technologies that have yet to be comprehensively investigated by security researchers, for the past few years Munro has been poking and probing consumer Internet of Things devices, and doing things such as denial of service attacks on Wi-Fi-enabled kettles, or showing that you can … More ? The post Hacking for fun and profit: How one researcher is making IoT device makers take security seriously appeared first on Help Net Security .

Read More:
Hacking for fun and profit: How one researcher is making IoT device makers take security seriously

Dig this: The future of crypto-mining botnets

The blockchain sector is now bursting with innovation, with developers looking for new, pragmatic ways to use this secure distributed ledger technology across a range of applications. And as always, cybercriminals are among the earliest adopters, and unfortunately helping to push forward public awareness of the technology. Crypto-mining malware is now by far the most common event we are seeing attacking our user base, and this is only the beginning. Since December 2017, the Coinhive … More ? The post Dig this: The future of crypto-mining botnets appeared first on Help Net Security .

Originally posted here:
Dig this: The future of crypto-mining botnets

Do you have what it takes to withstand modern DDoS attacks?

As the latest record DDoS attack hit GitHub and threatened to overwhelm its edge network, the popular Git-repository hosting service quickly switched to routing the attack traffic to their DDoS mitigation service. In the end, GitHub ended up completely unavailable for five minutes and intermittently unavailable for four. But while the effect of the attack could have been worse, GitHub’s engineering team aims to do better next time they are hit. Robert Hamilton, Director of … More ? The post Do you have what it takes to withstand modern DDoS attacks? appeared first on Help Net Security .

View article:
Do you have what it takes to withstand modern DDoS attacks?

Will IoT botnets catapult the industry toward security regulation in 2018?

Attackers demonstrated the power of an IoT-fueled botnet in 2016 when the Mirai botnet took down major websites like Reddit, Twitter and GitHub. Despite the damages, no significant changes to the IoT industry occurred. As a matter of fact, consumers continue to purchase and deploy IoT devices with little care outside the guarantee that the device works and the price tag is cheap. Manufacturers continue to pump out new IoT devices at a rapid pace, … More ?

Read more here:
Will IoT botnets catapult the industry toward security regulation in 2018?

How the Necurs botnet influences the stock market

After a three-months-long partial hiatus, the Necurs botnet is back to flinging spam emails left and right. But unlike before the break, when it was mostly delivering the infamous Locky ransomware or the Dridex banking Trojan, the botnet is now engaged in distributing emails with no malicious attachment or link. According to Cisco Talost researchers, the botnet has been spotted firing off short-lasting but sizeable bursts of penny stock pump-and-dump emails. Necurs botnet’s latest campaign … More ?

Taken from:
How the Necurs botnet influences the stock market

Innovation and exploitation fuel DDoS attack landscape

Arbor Networks released its 12th Annual Worldwide Infrastructure Security Report offering direct insights from network and security professionals at global service providers, cloud/hosting and enterprise organizations. The stakes have changed for network and security teams. The threat landscape has been transformed by the emergence of IoT botnets. As IoT devices proliferate across networks, bringing tremendous benefits to businesses and consumers, attackers are able to weaponize them due to inherent security vulnerabilities. The largest DDoS attack … More ?

Read More:
Innovation and exploitation fuel DDoS attack landscape

Linux/IRCTelnet creates new, powerful IoT DDoS botnet

Linux/IRCTelnet (new Aidra), a new piece of Linux malware targeting IoT devices and turning them into DDoS-capable bots, has been spotted and analyzed by one of the researchers who share their discoveries on the MalwareMustDie! blog. Linux/IRCTelnet is an interesting mix of capabilities associated with older malware. The base of Linux/IRCTelnet is the source code of the Aidra bot, used years ago by an anonymous researcher to build a botnet (or, as he called it, … More ?

View article:
Linux/IRCTelnet creates new, powerful IoT DDoS botnet