Author Archives: Enurrendy

50% of companies unprepared for DDoS attacks

Research carried out by Kaspersky Lab and B2B International has revealed that only 50% of companies regard countermeasures against distributed denial of service (DDoS) attacks as an important component of IT security. It means that the other 50% of companies may prove to be unprepared for a sudden attack, which could damage both their finances and their reputation as a result of the unavailability of internet services. Different industries have different views on how important it is to protect against DDoS attacks. For example, 60% of financial institutions, energy companies and utility services are conscious of the need of protection against DDoS attacks. This is the highest percentage of any industry. But it seems quite low considering that IT continuity is critical for these structures as they affect the well-being of many people. There is also a noticeable difference of opinion among different sized organizations: only 38% of small businesses consider protection against DDoS attacks an important component of IT security,but for big companies this figure reaches 60%. In recent years, DDoS attacks have become a common tool for cybercriminals and their clients. There are many different reasons for organizing these attacks — hooliganism, dishonest competition, blackmail. Currently the price to order a large-scale attack starts from just $50. Each year brings increasing numbers of DDoS attack schemes, so IT professionals at any company need to consider ways of protecting against them. According to the research, 23% of companies include maintaining the continuity of business processes in the top 3 most important tasks of their IT services. Interestingly the survey found no clear correlation between the level of threat faced in reality and the recognition of the need for DDoS protection. For instance, the sectors with public facing online services most affected by these incidents included IT companies (49%), e-commerce (44%), telecom (44%) and the media (42%). At the same time, countermeasures against DDoS were named as important by 53% of telecoms companies, 50% of IT businesses and only 41% of e-commerce and 38% of media companies. Source: http://timesofindia.indiatimes.com/tech/tech-news/50-of-companies-unprepared-for-DDoS-attacks-Report/articleshow/45575197.cms

View article:
50% of companies unprepared for DDoS attacks

US Officials Believe North Korea Was Involved In Sony Hacks

U.S. officials say they believe that North Korea’s government was involved in the large-scale hack of Sony servers, which led to the leak of troves of Sony data from emails to unreleased projects, according to the NYT. Federal cyber-security sources say that there is evidence indicating that the hack was routed through computers in Singapore, Thailand, Italy, Bolivia and Cyprus, ABC reports. While the hack resulted in a dump of Sony data, including email, confidential materials, and unreleased projects, it also specifically targeted The Interview , a movie featuring Seth Rogen and James Franco. The theory that North Korea was behind the attack was initially dismissed when North Korea publicly denied involvement, but official sources believe that the North Korean government was “centrally involved” in the attacks. The New York Times reports that officials aren’t going on the record, and are unsure whether or not the White House will publicly accuse Kim Jong Un and North Korea of the attack. The hackers’ methodology is highly reminiscent of tactics used by Anonymous — timed dumps of sensitive data, DDOS attacks, etc. — which have thus far clouded the investigation. The Interview , which depicts the assassination attempt of Kim Jong Un, was slotted to be released on Christmas Day until Sony was forced to pull the movie. Amid 9/11-referencing threats from the hacker organization, which called itself the Guardians of Peace, five of the major theater chains said they would not show the film, leading Sony to pull back entirely. Source: http://techcrunch.com/2014/12/17/us-officials-believe-north-korea-was-involved-in-sony-hacks/

Visit link:
US Officials Believe North Korea Was Involved In Sony Hacks

Image Finest-Squad-to-bring-DDoS-services-down-pic-1.jpg

Finest Squad to bring DDoS services down

  The Finest Squad is set out to bring cyber criminals to justice around the world; their main plan at the moment is to bring DDoS services down. When you visit the @FinestSquad Twitter account they are going all out with their tweets, you can clearly see they want the world to see they brought the Lizard Squad crew to their knees with its pinned tweet. Lizard Squad has been removed from twitter thanks to the Finest Squad, and then they say in their tweet, “Your welcome fellow gamers. We will make sure their IRC stays offline.”                         The next few steps for the Finest Squad include taking down / offline as many DDoS services, these include hosting, offshore, hosting, web booters and more. They have also announced on its Twitter account they are setting up a new YouTube channel, a news bulletin and a community forum – these are being developed right now so stay tuned. They also want to stack up its team; they basically want more of the finest. They do stress no illegal activities allowed, are you interested. This new role comes after they hired a professional full-time web designer/developer and web site security specialist. Looks like the Finest Squad is here to help all the gamers out there, PlayStation and Xbox gamers will be thrilled to bits Lizard Squad has had the Finest treatment. They do not like these kids harassing people and that is why they are there to bring justice. So far the Finest Squad website lists the LizardSquad member Obnoxious being arrested, @LizardPatrol, @LizardSquad and many more being removed from Twitter. All these wrong doings are being hunted, such as the EZTV proxy site being shutdown – read more here. Are you happy with what the Finest Squad have done so far? Source: http://www.onlinesocialmedia.net/20141217/finest-squad-to-bring-ddos-services-down/

Read this article:
Finest Squad to bring DDoS services down

DDoS Attacks Hit Equity Poker Network Full Flush Poker

  A rash of Distributed Denial of Service (DDoS) attacks that have been plaguing the online poker industry as of late have also included the Equity Poker Network (EPN). Following the cancellation of the “Winning Millions” tournament at the Winning Poker Network (WPN) on Sunday due to DDoS attacks, as well as similar actions by hackers that caused both WPN and the Merge Gaming Network to be shutdown on Tuesday, EPN and flagship skin Full Flush Poker issued press releases confirming that the network has also been under fire from computer miscreants. The DDOS attacks at EPN have occurred intermittently across the past six weeks, causing some short-term disruptions to Network connectivity, and frustrating poker room outages,” stated the EPN press release. Players at EPN have been subjected to disconnections that typically last no longer than 60 seconds. While that amount of time is relatively short, it certainly is long enough to seriously affect tournament play, as well as action on the cash tables. Network in Motion to Fight Hackers Full Flush informed that the DDoS incidents were small in number and that customer support was able to satisfy player concerns over the issues “quickly and efficiently.” EPN pointed out that account information of players “remains uncompromised,” and that efforts have been made to combat the actions by the hackers. We are working behind the scenes to strengthen the Network mechanisms and structures necessary to deal with such assaults on our operations, and we hope to reach a solution shortly that will fix the outages our Network’s Operators and their players have had to endure during recent times,” an EPN spokesperson said. The DDoS attacks have been quite troubling and come at a time when many sites throughout the online poker industry have undertaken steps to attract more recreational players to the tables. The negative press that comes from such attacks may cause some of those players to turn their backs on Internet poker, as trust and security are of utmost importance. We apologize to you, our players, for these recent disconnections caused by nefarious outside sources,” said an FFP representative. “We understand how frustrating this has been for our players, but we ask that if you experience a disconnect to be patient, wait 30-60 seconds for our mitigation devices to kick in, and the service will be restored as normal.” Source: http://www.pokerupdate.com/news/networks-and-rooms/12171-ddos-attacks-hit-equity-poker-network/  

More:
DDoS Attacks Hit Equity Poker Network Full Flush Poker

London teen pleads guilty to Spamhaus DDoS

Sentence will be passed in January next year A 17 year-old Londoner has pleaded guilty to a series of denial-of-service attacks against internet exchanges and the Spamhaus anti-spam service last year.…

See more here:
London teen pleads guilty to Spamhaus DDoS

Winning Poker Network $1M Guaranteed Tournament Cancelled After Apparent DDoS Attack

The Winning Poker Network (WPN) was forced to cancel its $1 million guaranteed prize pool tournament on Sunday, after an apparent distributed denial-of-service (DDoS) attack caused disruptions and connectivity issues for players participating in the event. While the tournament had been running for several hours, late registration was still open, so all players were refunded their buy-ins and entry fees in accordance with network policy. The tournament was an ambitious effort by WPN, a network that includes America’s Cardroom, to bring a major online poker tournament to US players. It was billed as the first $1 million event in American online poker in nearly four years, as the events of Black Friday had more or less put an end to such prize pools in the country. Cancelled Despite Strong Turnout With a $500 + $40 buy-in and entry fee, the tournament needed 2,000 players to meet the prize guarantee (without dipping into the entry fees), and it appeared likely to do so. When the tournament was finally cancelled, 1,937 players had registered, and there were still about 45 minutes left in the late registration period. According to reports, the event was cancelled after less than five hours of play, though some players have said closer to 5.5 hours had elapsed by the time it was officially cancelled. Given how long the tournament had been running, a substantial number of players had already been eliminated; on the TwoPlusTwo.com forums, some players said they had hoped for some sort of chip split or ICM chop among the remaining players, given the large stacks they had accumulated in the first few hours of play. CEO Addresses Issues, Defends Decisions After the tournament, WPN CEO Phil Payton streamed a broadcast live on Twitch.tv to address the cancellation. “Call it a conspiracy, call it what you want, a lot of online poker sites have had Internet connectivity issues,” a clearly disappointed and frustrated Payton said. Payton referenced the fact that tournament issues were caused by DDoS attacks last weekend, but had seemed to clear up in the days before the big event. Whoever was causing the Internet disconnections was waiting for the million,” Payton said. “The second that it started, it started.” According to Payton, he and his staff initially tried to fight through it, but eventually came to the conclusion that it simply wasn’t fair to players who might be disconnected during key hands. “There’s a lot of sites that [would say] let them push through it, and we make $80,000, and gg,” Payton said. “Well, you know what, I’ve got to sleep with myself at night, and I’m not going to do that. “If it happened again tomorrow, I’d do the same thing,” he added. As Payton referenced, there have been an increasing number of DDoS attacks across online poker and the Internet at large. Just days earlier, players were suspicious about the possibility of DDoS attacks being used to disconnect opponents for the benefit of a specific player. Swedish operator Svenska Spel also had to cancel some poker tournaments last month following similar attacks and a massive Internet collapse in Sweden just last week is also blamed on DDoS hackers. In the end, given that the issues gave some players an advantage, Payton said that he was happy to stand by his decision, even if it was unpopular. “It doesn’t matter if you like it or not,” Payton said in response to questions about the decision at the end of his broadcast on Twitch. “It was fair.” Source: http://www.cardschat.com/news/wpn-1m-tournament-cxld-ddos-attack-8827

Read the original:
Winning Poker Network $1M Guaranteed Tournament Cancelled After Apparent DDoS Attack

London teen pleads guilty to SpamHaus DDoS attack

The London teen behind the massive denial-of-service attack (DDoS) on SpamHaus and Cloudflare has pleaded guilty. Technology blogger Brian Krebs reported over the weekend that 17-year-old Sean Nolan McDonough, also known by his hacker alias “Narko,” pleaded guilty on Dec. 10 to computer misuse and money laundering in connection with the attack. McDonough was arrested in September 2013 after he played a role in the March 19, 2013 DDoS attacks aimed at Spamhaus, a Dutch anti-spam group and international nonprofit. SpamHaus later moved its servers behind CloudFlare, which then pushed the attackers to devote their efforts toward the company’s network. The attack sent 85Gbps of traffic. The U.K. National Crime Agency told Krebs that, “court reporting restrictions are in place in respect to a juvenile offender, [and] as a consequence the NCA will not be releasing further detail.” Source: http://www.scmagazine.com/sean-nolan-mcdonough-narko-pleads-guilty/article/388387/

Read the article:
London teen pleads guilty to SpamHaus DDoS attack

Could Tor fall victim to a DDoS attack in 2015?

Tor users could be targeted by police next year as governments seek to combat crime and reduce political dissent, according to a researcher at the security firm Cloudmark. Andrew Conway claimed the anonymity network is “reasonably fragile”, with police able to unmask service providers by comparing traffic spikes, generated by distributed-denial-of-service (DDoS) attacks, from just a small number of endpoints. He added that the network was at risk of a complete shutdown if a government decided to launch a massive DDoS attack against it, which would overload the system with traffic. Conway said: “There are only a few thousand endpoints where Tor connects to the rest of the internet. Attacking those with a DDoS is well within the capability of many organisations and states.” “I think some oppressive regimes may decide that they have had enough of their dissidents using it and just want to shut the thing down, or some group in law enforcement may decide the same.” The security of Tor was called into question when the FBI arrested Blake ‘Defcon’ Benthall in November for his alleged work on the second iteration of Silk Road, an ecommerce site specialising in contraband that could only be accessed through Tor. Conway added that the police mole planted in the second Silk Road admin team was “probably” involved in the arrests that caused the first version’s collapse, and that he suspected they had used the DDoS and endpoint approach to monitor network traffic. Despite this, he said police are still unable to track down Tor user’s IP addresses, which would be necessary to identify those purchasing contraband online. “[Tor] still does give a level of anonymity for people looking for child pornography, but not if they are providing it,” he said. Source: http://www.cbronline.com/news/security/could-tor-fall-victim-to-a-ddos-attack-in-2015-4468576

Read the article:
Could Tor fall victim to a DDoS attack in 2015?

Image icon1.png

Channel mis-selling firewalls leads to DDoS attacks

The channel mis-selling firewalls to their customers as protection against DDoS (Distributed Denial of Service) attacks is partly to blame for the escalating number of attacks on enterprises. Dave Larson, CTO of Corero claims that tTraditional security solutions such as firewalls and IPS technology can’t handle the complexity of the modern DDoS attack – and even the more recent next generation firewalls can only provide a marginal benefit in fighting the attacks. Nevertheless, a survey conducted by Corero in 2013 had 40 percent of organisations stating they were relying on firewalls to protect them against DDoS attacks. “We see confusion in the market every day. DDoS protection vendors are fighting for mindshare with the end user community because there is still a vast misunderstanding about what DDoS is all about, and what it takes to eliminate the problem,” says Larson. “The problem is that firewall solutions are not well positioned to show the extent of the problem. Most organisations are shocked at the level and frequency of DDoS activity in their environment once they deploy a targeted in-line DDoS solution that is capable of exposing the threat.” He continues: “Proper DDoS protection is more than a ‘checkbox’ on a traditional security tool . Clicking the’DDoS on’ button on a firewall is not going to protect the business from the sophisticated and adaptive DDoS attacks that are taking down organisations, and distracting security teams from breach activity,” he explains. Larson concedes the channel is not deliberately advising customers to purchase the wrong protection, but “it is a matter of better education around why purpose built in-line appliance-based protection will allow their customers to properly defend against the modern DDoS attack landscape.” “There is no question that firewall technology is a tried and true security solution—a requirement for the majority of businesses. They key here is that that the channel can and should introduce dedicated DDoS protection as an additional layer to their overall security architecture. Implementing first line of defence technology to defeat DDoS at the very edge of the network allows all downstream technology infrastructure , like firewalls and intrusion prevention systems (IPS), to perform as intended. “There is a real opportunity for the channel to gain mind share , and ultimately revenue growth by understanding, and tapping into the DDoS market, this opportunity would complement the selling of traditional security solutions rather than replace them.” Source: http://www.channelpro.co.uk/news/8865/channel-mis-selling-firewalls-leads-to-ddos-attacks

View article:
Channel mis-selling firewalls leads to DDoS attacks

Sony Pictures hit by ‘fightback on filesharers’ DDoS claims – report

War on Guardians of Peace? Sony Pictures is alleged to have conducted a retaliatory DDoS attack against websites currently holding its leaked information for public download, according to a media report.…

View the original here:
Sony Pictures hit by ‘fightback on filesharers’ DDoS claims – report