Tag Archives: read-our-privacy-policy

Cyber terrorism seen as biggest single future threat

47% of UK IT decision makers (ITDMs) are more worried about cyber terrorism attacks now than they were 12 months ago, according to IP EXPO Europe. This was identified as the biggest cyber security risk in the future (27%), followed by attacks to national infrastructure (13%). In light of this newly perceived risk, more traditional cyber threats such as ransomware and DDoS are rated as a lower risk, with only 11%, 10% and 9% of … More ?

See more here:
Cyber terrorism seen as biggest single future threat

DDoS downtime calculator based on real-world information

Are you wondering how you can assess the risks associated with a DDoS attack? Incapsula’s free DDoS Downtime Calculator offers case-specific information adjusted to the realities of your organization. The algorithm inside the DDoS Downtime Calculator is based on real-world information from a DDoS impact survey for which participants provided detailed information about the actual impact of DDoS attacks. Subsequent data analysis uncovered factors that cause impact cost variances. The DDoS Downtime Calculator provides personalized … More ?

Visit site:
DDoS downtime calculator based on real-world information

US 911 emergency system can be crippled by a mobile botnet

What would it take for attackers to significantly disrupt the 911 emergency system across the US? According to researchers from Ben-Gurion Univerisity of the Negev’s Cyber-Security Research Center, as little as 200,000 compromised mobile phones located throughout the country. The phones, made to repeatedly place calls to the 911 service, would effect a denial-of-service attack that would made one third (33%) of legitimate callers give up on reaching it. And if the number of those … More ?

Read this article:
US 911 emergency system can be crippled by a mobile botnet

DNSSEC: Don’t throw the baby out with the bath water

A recent report raiseed concerns about the abuse of DNSSEC to conduct DDoS attacks. The article reported that DNSSEC-signed domains can be used to conduct reflected DDoS attacks with large amplification factors (averaging 28.9x in their study) that could potentially cripple victim servers. The report went on to recommend that organizations deploying DNSSEC should configure their DNS servers to prevent this and other types of abuse. While this report presents some useful information about the … More ?

See more here:
DNSSEC: Don’t throw the baby out with the bath water

Subverting protection into DDoS attacks

On average, DNSSEC reflection can transform an 80-byte query into a 2,313-byte response, an amplification factor of nearly 30 times, which can easily cause a network service outage during a DDoS attack, resulting in lost revenue and data breaches, according to Neustar. DNSSEC was designed to provide integrity and authentication to DNS, which it accomplishes with complex digital signatures and key exchanges. As a result, when a DNS record is transferred to DNSSEC, an extraordinary … More ?

Originally posted here:
Subverting protection into DDoS attacks

DDoS attacks increase 83%, Russia top victim

DDoS attacks increased 83 percent to more than 182,900 attacks in the second quarter of the year, according to Nexusguard. The newest report shows that Russia has become the No. 1 victim country. Starlink – a Russian ISP supporting small, medium and large enterprises – received more than 40 percent of the DDoS attacks measured over a two-day period. This targeted DNS attack also pushed the mean average DDoS duration to hours instead of minutes, … More ?

Read the original:
DDoS attacks increase 83%, Russia top victim

Bart ransomware victims get free decryptor

AVG malware analyst Jakub Kroustek has devised a decryptor for Bart ransomware, and the company has made it available for download (for free). Bart ransomware This particular piece of malware was first spotted in late June, being delivered via spam emails sent out by the Necurs botnet – the botnet that’s responsible for the onslaught of Locky ransomware and the Dridex Trojan. Bart is not your typical crypto ransomware as it doesn’t encrypt victims’ files. … More ?

See the original article here:
Bart ransomware victims get free decryptor

Slew of WP-based business sites compromised to lead to ransomware

If an approach works well, there is no reason to change tack, and the masters of the SoakSoak botnet are obviously of the same belief. A year and a half after they have been spotted compromising WP-based websites through vulnerabilities in the Slider Revolution (“RevSlider”) plugin and redirecting visitors to the malware-laden SoakSoak.ru website, they are at it again. “Websites are often compromised by botnets that scan websites for vulnerable software or application plugins,” Invincea’s … More ?

View article:
Slew of WP-based business sites compromised to lead to ransomware

Ransomware: Can we finally start learning from past mistakes?

There is a phrase I am finding quite relevant lately. It is attributed to the philosopher George Santayana and it goes like this: “Those who cannot remember the past are condemned to repeat it.” The reason it comes to my mind a lot these days is the headlines we are seeing relating to the latest ransomware attacks against companies’, hospitals’ and government departments’ systems. Previous headlines highlighted how criminals used DDoS attacks to extort money … More ?

See the article here:
Ransomware: Can we finally start learning from past mistakes?

25,000-strong CCTV botnet used for crippling DDoS attacks

A DDoS attack against a jewelry shop website has lead researchers to the discovery of a CCTV botnet comprised of some 25,000 cameras from around the globe. The website had been repeatedly attacked, first with 35,000 HTTP requests per second and then, when those efforts were thwarted, with 50,000 HTTP requests per second. Looking into the IP addresses from which the attack was coming from, Sucuri researchers discovered that all of them were running the … More ?

See more here:
25,000-strong CCTV botnet used for crippling DDoS attacks