Ruskies sling malicious packet to trigger denial of service. Positive Technologies researchers Timur Yunusov and Kirill Nesterov have found since-patched remote execution and denial of service vulnerabilities in a popular Huawei 4G USB modem that can allow attackers to hijack connected computers.…
View original post here:
Remote code exec hijack hole found in Huawei 4G USB modems
Analyzing customer data, Corero found that attackers are continuing to leverage sub-saturating DDoS attacks with increasing frequency, using shorter attack durations to evade legacy cloud DDoS scrubbi…
Excerpt from:
Attackers prefer lower-bandwidth DDoS attacks
Five Russian banks that experienced a distributed denial of service (DDoS) attack Sept. 26 believed to have been aimed at starting a bitcoin-related panic had been warned in advance by the General Directorate of Security and Information Protection of the country’s Central Bank. The regulatory body’s deputy director, Artyom Sychev, was quoted by The CoinTelegraph as saying the attackers were likely trying to cause panic and destabilization rather than collect a bitcoin ransom. The early warning helped the banks fend off the attack, although they did receive threatening letters in the aftermath. The CoinTelegraph also quoted a Central Bank official saying that the letters said, “To prevent such acts in the future, the attackers are asking to send only 50 BTC to their Bitcoin wallet.” Source: http://www.scmagazine.com/ddos-attacks-on-russian-banks-reportedly-aimed-at-causing-bitcoin-panic/article/442842/
View article:
Early warning helped five Russian banks ward off DDoS attacks
Several Thai government websites are hit by a suspected distributed-denial-of-service attack, making them impossible to access.
View original post here:
Thai government websites in DDOS attack
Internet users Wednesday night protested the plans for a single gateway by attacking and bringing down the main websites of the prime minister, the Defence Ministry and the Ministry of Information and Communication Technology. Communications experts said “denial of service” attacks flooded the three sites, effectively making them impossible to access. The sites began to recover early Wednesday. The three sites went offline at about 10pm Wednesday, after netizens warned they intended to attack, and the government said such attacks would be treated as violations of the Computer Crime Act. The ICT deputy permanent secretary, Somsak Khaosuwan, claimed his ministry’s site did not crash because of an attack, but because it was overloaded by visitors monitoring the planned attack. Sites affected as of early Wednesday were the main government information website thaigov.go.th, the ICT ministry’s site at mict.go.th and the defence ministry’s website, mod.go.th. By early Wednesday, however, only the MICT site remained inaccessible, possibly because authorities had actually taken it offline. Warnings on Wednesday afternoon from credible sources in the Thai hacking community said they planned to attack government websites to protest the recent disclosure of government plans to reduce internet access to a single gateway, controlled by CAT Telecom Co. It appeared that the government site takedowns were by internet users, who answered calls on social media to go on online and continuously click refresh, causing overloads on the three targeted sites. The simultaneous denial-of-service attack works like normal attacks by over-exceeding a website’s capacity to handle internet traffic. But whereas normal attacks are carried out by a program or bot, Wednesday night’s protest was carried out by thousands of online users. After the secret plan was accidentally disclosed by a government press release, authorities sent out Deputy Prime Minister Prajin Junthong to try to spin the plan. He said that the single gateway initiative was only a proposition and that no “firm decisions have been made.” Critics of the plan idea contend it will take away freedom of information, with some even comparing it to the tightened grip of a communist country. A change.org petition opposing the single gateway initiative passed 100,000 signatures as of Wednesday. Source: http://www.bangkokpost.com/news/security/714432/single-gateway-protest-halts-government-websites
Read the original post:
Single gateway protest halts government websites into DDoS attacks
Should have stayed under the skirt of Mother Russia. Just a thought Dimitry Belorossov – a Russian cyber-criminal who used the Citadel banking trojan – has been sentenced to four years and six months in a US prison after pleading guilty to conspiring to commit computer fraud.…
See the article here:
Russian hacker, nabbed in Spain, cops 4+ years for Citadel botnet
Someone is tormenting Rutgers University. The New Jersey school announced Monday it was fending off a distributed denial-of-service attack that crippled its Internet and Wi-Fi access. The latest cyberattack on a major U.S. research institution comes after a number of similar hacks against Rutgers, a school of approximately 65,000 undergraduate students. “We are currently experiencing a denial-of-service event affecting Internet connectivity and Wi-Fi access,” Rutgers said on its Facebook page. “OIT is working to resolve the issue, and we will inform the Rutgers community as soon as we have more information.” The outage also affected Sakai and eCollege, two online learning tools used to administer homework, tests and other communication, according to student complaints on social media. A previous outage limited the school’s ability to accept credit cards. It appears to be the first attack on Rutgers since the university invested $3 million to better protect its computer networks after at least four attacks during the past school year. That upgrade was the primary reason Rutgers raised tuition and fees by 2.3 percent for the 2015-16 school year, NJ.com reported in August, with a hacker known as Exfocus claiming responsibility for the problems. “Honestly, I am sitting here dumbfounded at the amount of incompetence displayed once again by the Rutgers IT department,” Exfocus wrote in a post on Pastebin in April. “I could run circles around all of you with my eyes closed, and one leg amputated.” A DDoS attack occurs when a hacker takes control of thousands (or millions) of computers and aims them at a single server, overwhelming that network with traffic and ultimately knocking it offline. Similar methods have been used by the Chinese government and the Anonymous hacking collective. Exfocus tweeted: “Did you miss me?” before deleting the message Monday. Student chatter on the anonymous Yik Yak social network also said Exfocus had been bragging there, though the most anyone seems to know about Exfocus came in an interview where he said he was being paid in bitcoin by someone with a grudge against the school. “When I stop getting paid — I’ll stop DDoSing lol. I’m hoping that RU will sign on some DDoS mitigation provider. I get paid extra if that happens,” Exfocus told APollonsky.me before being asked if he wished to share anything else with the Rutgers community. “I’m a fan of Taylor Swift.” Source: http://www.ibtimes.com/hacker-exfocus-blamed-knocking-rutgers-university-offline-ddos-attack-even-after-2117247
A type of DDoS attack that has until now been mostly theoretical has become reality: CloudFlare engineers have spotted a browser-based Layer 7 flood hitting one of its customers with as many as 275,00…
More here:
Mobile ad network exploited to launch JavaScript-based DDoS attack
Once-theoretical attack vector appears fully-formed on CloudFlare’s doorstep CloudFlare has turned up an unusual form of denial-of-service attack: mobile advertisements that are pumping out around 275,000 HTTP requests per second.…
Continue reading here:
Mobile advertising DDoS JavaScript drip serves site with 4.5bn hits
CloudFlare has turned up an unusual form of denial-of-service attack: mobile advertisements that are pumping out around 275,000 HTTP requests per second.…
More:
Mobile advertising DDoS JavaScript drip serves site with 4.5 billion hits