Tag Archives: security

Pwn goal: Hackers used the username root, password root for botnet control database login

These are not the criminal geniuses you were expecting An IoT botnet has been commandeered by white hats after its controllers used a weak username and password combination for its command-and-control server.…

Originally posted here:
Pwn goal: Hackers used the username root, password root for botnet control database login

OMG, that’s downright Wicked: Botnet authors twist corpse of Mirai into new threats

Infamous IoT menace lives on in its hellspawn Cybercrooks are using the infamous Mirai IoT botnet as a framework to quickly add in new exploits and functionalities, it has emerged.…

See the original post:
OMG, that’s downright Wicked: Botnet authors twist corpse of Mirai into new threats

World’s biggest DDoS-for-hire souk shuttered, masterminds cuffed

Webstresser.org taken down by Europol plod and chums Cops yesterday cuffed IT admins behind the “world’s biggest DDoS marketplace”, webstresser.org, Europol confirmed today.…

Visit site:
World’s biggest DDoS-for-hire souk shuttered, masterminds cuffed

Week in review: New Cybersecurity Framework, Android patching issues, RSA Conference 2018

Here’s an overview of some of last week’s most interesting news and articles: RSA Conference 2018 coverage Check out what you missed at the infosec event of the year. Real-time detection of consumer IoT devices participating in DDoS attacks Could we detect compromised consumer IoT devices participating in a DDoS attack in real-time and do someting about it? A group of researchers Princeton University have presented some encouraging results showing that the first part of … More ? The post Week in review: New Cybersecurity Framework, Android patching issues, RSA Conference 2018 appeared first on Help Net Security .

View article:
Week in review: New Cybersecurity Framework, Android patching issues, RSA Conference 2018

Real-time detection of consumer IoT devices participating in DDoS attacks

Could we detect compromised consumer IoT devices participating in a DDoS attack in real-time and do someting about it? A group of researchers Princeton University have presented some encouraging results showing that the first part of that equation can be relatively easily solved. As IoT traffic is often distinct from that of other Internet connected devices and as machine learning has proved promising for identifying malicious Internet traffic, they decided to use these facts to … More ? The post Real-time detection of consumer IoT devices participating in DDoS attacks appeared first on Help Net Security .

Read the original:
Real-time detection of consumer IoT devices participating in DDoS attacks

Cloudflare promises to tend not two, but 65,535 ports in a storm

But no Daily Stormer please Cloudflare made its name proxying traffic for web servers, on network ports 80 (HTTP) and 443 (HTTPS), as a defense against denial of service attacks and their ilk.…

More:
Cloudflare promises to tend not two, but 65,535 ports in a storm

Do you have what it takes to withstand modern DDoS attacks?

As the latest record DDoS attack hit GitHub and threatened to overwhelm its edge network, the popular Git-repository hosting service quickly switched to routing the attack traffic to their DDoS mitigation service. In the end, GitHub ended up completely unavailable for five minutes and intermittently unavailable for four. But while the effect of the attack could have been worse, GitHub’s engineering team aims to do better next time they are hit. Robert Hamilton, Director of … More ? The post Do you have what it takes to withstand modern DDoS attacks? appeared first on Help Net Security .

View article:
Do you have what it takes to withstand modern DDoS attacks?

World’s biggest DDoS attack record broken after just five days

Memcached attacks are going to be this year’s thing Last week, the code repository GitHub was taken off air in a 1.3Tbps denial of service attack. We predicted then that there would be more such attacks and it seems we were right.…

Read this article:
World’s biggest DDoS attack record broken after just five days

Week in review: Memcached-based reflected DDoS attacks, new issue of (IN)SECURE

Here’s an overview of some of last week’s most interesting news and articles: Automating out of the skill gap sinkhole When thinking about the bigger picture, information security leaders must aim to automate as much of the IR cycle as possible. However, this does not mean automation can replace humans. Microsoft releases Spectre fixes for Windows 10 on Skylake CPUs Microsoft has pushed out a new set of Spectre (variant 2) security updates. For the … More ?

See the article here:
Week in review: Memcached-based reflected DDoS attacks, new issue of (IN)SECURE

Surge in memcached-based reflected DDoS attacks is due to misconfigured servers

Massive memcached-based reflection DDoS attacks with an unprecedented amplification factor have been ongoing for the last few days, by taking advantage of memcached servers exposed to the Internet. What is memcached? Memcached is a distributed memory caching system and is used to speed up dynamic database-driven websites and Internet-facing services by caching data and objects in RAM. It is often deployed in data center, cloud, and IaaS networks. According to both Rapid7 and SANS ISC, … More ?

Read this article:
Surge in memcached-based reflected DDoS attacks is due to misconfigured servers