In light of the rise of “DDoS hacktivism” and the recent DDoS attacks aimed at disrupting French and Alabama government websites, the Cybersecurity and Infrastructure Security Agency (CISA) has updated its guidance of how governmental entities (but also other organizations) should respond to this type of attacks. DDoS attacks explained First and foremost, the document explains the main difference between a DoS attack (from a single source) and a DDoS attack (from multiple sources). “The … More ? The post CISA: Here’s how you can foil DDoS attacks appeared first on Help Net Security .
Tag Archives: news
U.S. authorities disrupt Russian intelligence’s botnet
In January 2024, an operation dismantled a network of hundreds of SOHO routers controlled by GRU Military Unit 26165, also known as APT 28, Sofacy Group, Forest Blizzard, Pawn Storm, Fancy Bear, and Sednit. This network facilitated various crimes, including extensive spearphishing and credential harvesting against entities of interest to the Russian government, such as U.S. and foreign governments, military, and key security and corporate sectors. This botnet was distinct from prior GRU and Russian … More ? The post U.S. authorities disrupt Russian intelligence’s botnet appeared first on Help Net Security .
See more here:
U.S. authorities disrupt Russian intelligence’s botnet
DDoS attack power skyrockets to 1.6 Tbps
DDoS attack trends for the second half of 2023 reveal alarming developments in their scale and sophistication, according to Gcore. The maximum attack power rose from 800 Gbps (1H 2023) to 1.6 Tbps. UDP floods continue to dominate, constituting 62% of DDoS attacks. TCP floods and ICMP attacks also remain popular at 16% and 12% of the total, respectively. All other DDoS attack types, including SYN, SYN+ACK flood, and RST Flood, accounted for a mere … More ? The post DDoS attack power skyrockets to 1.6 Tbps appeared first on Help Net Security .
See more here:
DDoS attack power skyrockets to 1.6 Tbps
FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities
The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) vulnerabilities for lateral movement and privilege escalation. The FritzFrog botnet The FritzFrog botnet, initially identified in August 2020, is a peer-to-peer (rather than centrally-controlled) botnet powered by malware written in Golang. It targets SSH servers by brute-forcing login credentials, and has managed to compromise thousands of them worldwide. “Each compromised host … More ? The post FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities appeared first on Help Net Security .
Excerpt from:
FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities
FBI disrupts Chinese botnet used for targeting US critical infrastructure
The FBI has disrupted the KV botnet, used by People’s Republic of China (PRC) state-sponsored hackers (aka “Volt Typhoon”) to target US-based critical infrastructure organizations. A botnet for probing critical infrastructure organizations The threat actors used the KV botnet malware to hijack hundreds of US-based, privately-owned small office/home office (SOHO) routers and to hide their hacking activity towards “US and other foreign victims”. “The Volt Typhoon malware enabled China to hide, among other things, pre-operational … More ? The post FBI disrupts Chinese botnet used for targeting US critical infrastructure appeared first on Help Net Security .
More here:
FBI disrupts Chinese botnet used for targeting US critical infrastructure
Essential DDoS statistics for understanding attack impact
The impact of DDoS attacks extends far beyond mere inconvenience, as they can result in financial losses, compromised data, and erosion of customer trust. Understanding the nature and consequences of DDoS activity is essential for organizations and individuals alike as they strive to protect their online presence and ensure the uninterrupted flow of critical services. In this article, you will find excerpts from DDoS attack surveys we covered in 2023. This data will enable your … More ? The post Essential DDoS statistics for understanding attack impact appeared first on Help Net Security .
Link:
Essential DDoS statistics for understanding attack impact
Qakbot returns in fresh assault on hospitality sector
The Qakbot botnet has been disrupted this summer, but cybercriminals are not ready to give up on the malware: Microsoft’s threat analysts have spotted a new phishing campaign attempting to deliver it to targets in the hospitality industry. Qakbot and its (temporary?) downfall Qakbot, also known as Qbot, started as banking malware but has since evolved into a versatile vehicle for malware and ransomware distribution. Its long-term survival and success are attributed to its operators’ … More ? The post Qakbot returns in fresh assault on hospitality sector appeared first on Help Net Security .
View article:
Qakbot returns in fresh assault on hospitality sector
Global rise in DDoS attacks threatens digital infrastructure
In 2022, the total number of DDoS attacks worldwide increased by 115.1% over the amount observed in 2021, according to Nexusguard. The data also showed that cyber attackers continued to alter their threat vectors by targeting the application platforms, online databases, and cloud-based storage systems within ISPs. This resulted in a significantly greater impact globally as organizations continue to move more of their workloads to the cloud. Number of DDoS attacks worldwide While the overall … More ? The post Global rise in DDoS attacks threatens digital infrastructure appeared first on Help Net Security .
Read More:
Global rise in DDoS attacks threatens digital infrastructure
Week in review: Microsoft confirms DDoS attacks on M365 and Azure Portal, Infosecurity Europe 2023
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unraveling the multifaceted threats facing telecom companies In this Help Net Security interview, Georgia Bafoutsou, Cybersecurity Officer at the European Union Agency for Cybersecurity (ENISA), explores some of the common attack vectors that target telecom companies, their third-party providers, and the subscribers of their services. Empowering Google security and networking solutions with AI In this Help Net Security interview, Sunil … More ? The post Week in review: Microsoft confirms DDoS attacks on M365 and Azure Portal, Infosecurity Europe 2023 appeared first on Help Net Security .
Read More:
Week in review: Microsoft confirms DDoS attacks on M365 and Azure Portal, Infosecurity Europe 2023
Compromised Linux SSH servers engage in DDoS attacks, cryptomining
Poorly managed Linux SSH servers are getting compromised by unknown attackers and instructed to engage in DDoS attacks while simultaneously mining cryptocurrency in the background. The Tsunami DDoS bot Tsunami, also known as Kaiten, is a type of DDoS bot that is frequently distributed alongside malware strains like Mirai and Gafgyt. What sets Tsunami apart from other DDoS bots is the fact that it functions as an internet relay chat (IRC) bot, meaning it uses … More ? The post Compromised Linux SSH servers engage in DDoS attacks, cryptomining appeared first on Help Net Security .
Read the article:
Compromised Linux SSH servers engage in DDoS attacks, cryptomining