Tag Archives: internet

Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)

Cloudflare, Google, and Amazon AWS revealed that a zero-day vulnerability in the HTTP/2 protocol has been used to mount massive, high-volume DDoS attacks, which they dubbed HTTP/2 Rapid Reset. Decoding HTTP/2 Rapid Reset (CVE-2023-44487) In late August 2023, Cloudflare discovered a zero-day vulnerability developed by an unknown threat actor. The vulnerability exploits the standard HTTP/2 protocol—a fundamental piece to how the Internet and most websites operate. HTTP/2 is responsible for how browsers interact with a … More ? The post Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487) appeared first on Help Net Security .

More here:
Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)

The power of passive OS fingerprinting for accurate IoT device identification

The number of IoT devices in enterprise networks and across the internet is projected to reach 29 billion by the year 2030. This exponential growth has inadvertently increased the attack surface. Each interconnected device can potentially create new avenues for cyberattacks and security breaches. The Mirai botnet demonstrated just that, by using thousands of vulnerable IoT devices to launch massive DDoS attacks on critical internet infrastructure and popular websites. To effectively safeguard against the risks … More ? The post The power of passive OS fingerprinting for accurate IoT device identification appeared first on Help Net Security .

Originally posted here:
The power of passive OS fingerprinting for accurate IoT device identification

Zerobot malware now shooting for Apache systems

Upgraded threat, time to patch The Zerobot botnet, first detected earlier this month, is expanding the types of Internet of Things (IoT) devices it can compromise by going after Apache systems.…

Read this article:
Zerobot malware now shooting for Apache systems

Office exploits continue to spread more than any other category of malware

The latest Internet Security Report from the WatchGuard Threat Lab shows a reduction in overall malware detections from the peaks seen in the first half of 2021, along with an increase in threats for Chrome and Microsoft Office and the ongoing Emotet botnet resurgence. Office exploits on the rise “While overall malware attacks in Q2 fell off from the all-time highs seen in previous quarters, over 81% of detections came via TLS encrypted connections, continuing … More ? The post Office exploits continue to spread more than any other category of malware appeared first on Help Net Security .

More:
Office exploits continue to spread more than any other category of malware

NETSCOUT launches AI solution to help customers block DDoS attacks

NETSCOUT SYSTEMS launched a new, innovative AI-based solution enabling its customers to automatically and instantaneously block a large proportion of DDoS attacks thus simplifying operations and minimizing risk to their businesses. The solution leverages NETSCOUT’s ATLASnetwork, an unmatched source of visibility into DDoS attack activity on the Internet. Multiple ATLAS datasets are analyzed, curated, and correlated using artificial intelligence. This automated intelligent pipeline is developed using NETSCOUT’s ATLAS Security Engineering and Response Team (ASERT) expertise … More ? The post NETSCOUT launches AI solution to help customers block DDoS attacks appeared first on Help Net Security .

More:
NETSCOUT launches AI solution to help customers block DDoS attacks

EMEA continues to be a hotspot for malware threats

Ransomware detections in the first quarter of this year doubled the total volume reported for 2021, according to the latest quarterly Internet Security Report from the WatchGuard Threat Lab. Researchers also found that the Emotet botnet came back in a big way, the infamous Log4Shell vulnerability tripled its attack efforts and malicious cryptomining activity increased. Although findings from the Threat Lab’s Q4 2021 report showed ransomware attacks trending down year over year, that all changed … More ? The post EMEA continues to be a hotspot for malware threats appeared first on Help Net Security .

View the original here:
EMEA continues to be a hotspot for malware threats

Why global DDoS protection is essential for Anycast networks

‘If you don’t have Anycast it’s not a good DNS service’ Paid Feature   In October 2021, in an incident lasting more than six hours, Facebook disappeared from the Internet. This wasn’t a temporary .com outage on the company’s primary domain but a complete shutdown of its public existence that also dragged into the darkness WhatsApp, Instagram, and Messenger.…

More:
Why global DDoS protection is essential for Anycast networks

Huygens if true: Dutch police break up bulletproof hosting outfit and kill Mirai botnet

Cops also Cruyff cloggy couple Dutch police said in a translated news release that they have busted a local ‘bulletproof’ server hosting operation in a major takedown that also nabbed a pair of Mirai botnet operators.…

Follow this link:
Huygens if true: Dutch police break up bulletproof hosting outfit and kill Mirai botnet

Get rekt: Two years in clink for game-busting DDoS brat DerpTrolling

It’s all lulz until someone goes to prison Austin Thompson, aka DerpTrolling, who came to prominence in 2013 by launching Distributed Denial of Service (DDoS) attacks against major video game companies, has been sentenced to 27 months in prison by a federal court .…

Read more here:
Get rekt: Two years in clink for game-busting DDoS brat DerpTrolling

Huawei bungled router security, leaving kit open to botnets, despite alert from ISP years prior

Chinese kit slinger was told of UPnP flaw in 2013, didn’t do too much about it Exclusive   Huawei bungled its response to warnings from an ISP’s code review team about a security vulnerability common across its home routers – patching only a subset of the devices rather than all of its products that used the flawed firmware.…

Read More:
Huawei bungled router security, leaving kit open to botnets, despite alert from ISP years prior