Category Archives: DDoS Vendors

Outage that swept French news sites ‘was not a DDoS’

The outage looks to be linked to issues with the hosting provider rather than cyber criminals. Reports that major French news sites were taken offline this morning by a massive DDoS appear to be inaccurate. News websites including that of media group Mediapart; daily newspaper Libération; political magazine L’Express; and ZDNet.fr suffered significant outages on Friday morning. Problems began at around 8.30am CET and lasted for approximately an hour. It was initially feared the outage could be a DDoS linked to the recent Charlie Hebdo attack, where 10 journalists and two police officers were killed. According to reports citing Arnaud Coustilliere, head of cyberdefense for the French military, DDoS attacks have been carried out against thousands of French websites by “Islamic hacker groups” following the Charlie Hebdo attack. However, in the case of today’s incident, the cause is thought to be a more straightforward one. Oxalide, the hosting provider used by the news companies, tweeted this morning that it was investigating the cause of the incident which went “right to the heart of our network”. Around an hour later, the company’s Twitter account said that the cause of the problem had been identified and that some services were beginning to become functional once again. Over an hour later, the company confirmed that a DDoS was not thought to be behind the attack. The company added that it will provide an update as to the cause of the outage to customers by early afternoon. According to a report published this week by European security body ENISA (European Agency for Network and Information Security), the number of DDoS attacks businesses suffered last year has significantly since 2013. Source: http://www.zdnet.com/article/outages-that-swept-french-news-sites-was-not-a-ddos/

See the original post:
Outage that swept French news sites ‘was not a DDoS’

19,000 French websites hit by DDoS, defaced in wake of terror attack

Since the three day terror attack that started in France on January 7 with the attack on satirical newspaper Charlie Hebdo, 19,000 websites of French-based companies have been targeted by cyber attack…

Taken from:
19,000 French websites hit by DDoS, defaced in wake of terror attack

The Evolution of Web Application Firewalls

Technological advances related to computing and the Internet have affected every one of us. The Information Revolution that the Internet has made possible is affecting society just as dramatically as the Industrial and Agricultural Revolutions of the past, but there is an unpleasant side to progress. Criminal use of the Internet, or hacking, is an unavoidable part of information technology development. Hackers have gained unauthorized and undesirable access to information, sometimes with far-reaching consequences. Innovations in hacking have in turn led to the development of protection methods and devices commonly known as web application firewalls (WAF) . An application firewall is a form of firewall which controls input, output, and/or access from, to, or by an application or service. It operates by monitoring and potentially blocking the input, output, or system service calls which do not meet the configured policy of the firewall. A Web Application Firewall does much more than a consumer’s computer firewall. Consumer-level applications work by blocking software access to certain ports. Web applications such as Apache, WordPress and Microsoft’s Office all require an extra level of protection against malicious users. WAFs offer this extra protection and work by analyzing all data passing through them and checking its conformity to pre-set rules. A WAF fulfills a web-user’s need to protect both internal and public web applications, whether locally (on-premises) or remotely (cloud-hosted), against unauthorized access attempts. These attacks revolve around hacking and illegal access to web applications. According to statistics, every year, cyber attacks are increasing by 30%, while successful breaches are increasing at twice that rate, 60% a year: In plain English, more attacks are getting through. Basic consumer-level cyber security measures are essential and are an urgent call on companies’ financial resources, but these are not enough. If a company has a website then that website must be protected using a WAF against unauthorized intrusion by hackers. The need to protect customers’ data is even more important than the need to keep the website live. If there is a security breach the negative effects of the attendant publicity and loss of trust are immeasurable. So how have application firewalls been evolving? Web application firewalls have been evolving rapidly and becoming more sophisticated with the objective of protecting websites and customer data from increasingly sophisticated attacks and unauthorized access. Hackers’ methods have become more devious and WAF sophistication has increased correspondingly as part of the information security industry’s fight back against criminals stealing data and malicious hacking. The more evolved and developed WAF solutions are capable of preventing attacks and unwanted intrusion on any website. Modern web application firewalls generally have default settings that give no false negatives and errors and all modern WAFs are designed to work perfectly without the need for any user knowledge of source code. A WAF has become crucial in detecting and preventing any attack that that is masquerading as network access by a legitimate user. Understanding interactions Web Application Firewalls need to do much more than just see the code: They need to be able understand every line of code passing through them and to evaluate any risk that it represents. This risk evaluation ability enables a WAF to analyze visitors based on reputation behaviors. The old adage of prevention being the best cure still holds true and is very relevant here. Instead of blocking an attack as and when it occurs, a WAF should see it coming by understanding and tracking visitor behavior. It should be proactive. More than In-Depth Inspection From the historical perspective of web application firewalls, they have always performed an in-depth inspection of any access routes to the protected sites. However, the modern evolution of web application firewalls comes with more than in-depth inspection of access routes in the sense that modern WAFs are deployed in-line in the form of reverse proxies. These are crucial in preventing any form of access log collection that may be used later to audit the protected site or perform any form of analysis on the protected web applications. Simplicity of use is vital, so the modern web application firewall has evolved to the extent that it can be deployed out of the box with no user setting changes necessary. New-age WAFs such as those from the aforementioned Incapsula are constantly learning and are able to stop threats that have never been seen before by analysis of their code and finding similarities to previous threats. They are updated frequently and monitoring is available on some plans to ensure maximum protection for your site and your customers. Modern firewalls have enabled an increase in firewall features that revolve around transparent proxy and bright modes, which can enable WAFs to easily integrate with other network security technologies such as vulnerability scanners, protection applications, distributed denial of service prevention, database security solutions, and web fraud detection. Another major noticeable evolution has to do with the fact that modern WAFs are perfectly packaged to include content caching, as well as web access management modules, which are specially designed to provide simple sign-in features, especially for distributed web applications. Concluding thoughts There are massive advances going on in the field of web application firewalls. Modern firewalls are perfectly devised to provide maximum protection against hacking, easy detection and filtering of both known and unknown threats, while at the same time, minimizing false alerts. Are you aware of the level of protection that your web application firewall offers? Does it protect you against a DDOS attack? Does it protect your customers’ login and credit card details adequately? Source: http://tech.co/evolution-web-application-firewalls-2015-01

Visit site:
The Evolution of Web Application Firewalls

LizardSquad's DDoS service is powered by hacked home routers

When the Sony Playstation and Microsoft Xbox Live gaming networks went down over Christmas and were kept offline for several days afterwards, the hacker collective that calls themselves LizardSquad to…

View the original here:
LizardSquad's DDoS service is powered by hacked home routers

Image Extratorrent.png

Extratorrent down – Massive DDoS attack against popular torrent website

The worlds number 4 torrent website is down following a massive Distributed Denial of Service (DDoS) attack by unknown hackers. The website seems to have been down for 23 hours and seems to come online for little bit before throwing up a 503 service error. The Extratorrent admin took to Twitter to tell its fans about the DDoS attack                 ExtraTorrent was one of the more popular torrent websites in 2014.  It has grown in size due to more traffic and has moved up again in the top 10, now placed as the 4th most-visited torrent site by torrent ranking websites. This success didn’t go unnoticed by rightsholders groups such as the MPAA who recently called out ExtraTorrent as one of the top pirate sites. The site was forced to trade in its .com domain for .cc this year, after it was suspended by its domain registrar. The Isitdownrightnow says that Extratorrent has been down for past 23 hours (now it says 4 minutes because the website sprang to live for few seconds before going down again   While the admin says that its a DDoS attack by unknown hackers, the actual reason may be a takedown by authorities or a revenge DDoS by the music and movie companies.  Earlier Sony had allegedly undertaken a similar kind of DoS attacks to stop the torrents sites from sharing the files from the massive hack attack. Reader may note that only two days back around 13 mega Hollywood movie screener versions were leaked and being shared on torrent websites.  These movies are considered to be prime Oscar award contenders and it is though that one of the guild members or his/her associates may have leaked these screener versions. Source: http://www.techworm.net/2015/01/extratorrent-down-hackers-launch-ddos-attack.html

Taken from:
Extratorrent down – Massive DDoS attack against popular torrent website

Anonymous vows to take down jihadist websites to avenge ‘Charlie Hebdo’ victims #OpCharlieHebdo

Hacker group Anonymous has vowed to avenge those killed in the deadly attack on the offices of French satirical magazine Charlie Hebdo by taking down jihadist internet sites and social media accounts. In a video uploaded to the Anonymous Belgique YouTube channel, a figure wearing the group’s signature Guy Fawkes mask condemned the attack that killed 12 individuals, which includes eight journalists. The video description addresses the message to “al-Qaeda, the Islamic State and other terrorists.” “We are fighting in memory of these innocent people today who fought for freedom of expression,” stated the disguised person in the video. The group integrated a link to anonymous data sharing internet site Pastebin with a list of Twitter accounts it claims are linked to jihadists. The group is using the hashtag #OpCharlieHebdo to urge other customers to assistance them take down the accounts by reporting them to Twitter, or participating in a Distributed Denial of Service (DDoS) attack – a practice normally used by the hacker group. “Anonymous should remind each citizens (sic) that the press’s freedom is a fundement of the democracy. Opinions, speech, newspaper articles with no threats nor pressure, all these issues are rights you can’t modify,” read a statement posted to Pastebin by the group Thursday. “Expect a massive reaction from us, simply because this freedom is what we’ve been often fighting for.” Read A lot more: Each ‘Charlie Hebdo’ suspects killed as police storm constructing Wednesday’s attack in Paris has not been linked to ISIS – numerous reports have suggested it is much more most likely to be connected to the Yemen-based al-Qaeda in the Arabian Peninsula. On Friday, Charlie Hebdo suspects Cherif Kouachi, 32, and Stated Kouachi, 34, had been killed just after police stormed the constructing exactly where they were holed up for extra than five hours. The third suspect Hamyd Mourad, 18, surrendered to police early Thursday. Source: http://www.finditwestvalley.com/world/anonymous-vows-to-take-down-jihadist-websites-to-avenge-8216charlie-hebdo8217-victims-h46362.html

Read More:
Anonymous vows to take down jihadist websites to avenge ‘Charlie Hebdo’ victims #OpCharlieHebdo

Nordea bank’s online services hit by DDoS Attack

Nordea Bank Finland was quoted as saying on Friday that its online banking services were hit by a denial of services attack on the heels of Wednesday’s hacking on OP-Pohjola, another Finnish financial services group. Nordea said that its online banking system has suffered a denial of services attack, which started on Friday morning. As a result, the services have worked much slowly than usual. In addition, Fixing the problem and additional security measures might cause service interruption. According to the bank, the attack has not affected the use of its credit or debit cards or other services. Marko Mettenranta, spokesperson of Nordea, told Finnish national broadcaster YLE that the bank has contacted the police about the attack and measures are underway to fix the problem. Denial of service attacks essentially makes an online resource or service unavailable for its intended users. The National Bureau of Investigation of Finland is investigating OP-Pohjola’s case, saying that the attacks came from both Finland and abroad. Source: http://www.dailytimes.com.pk/business/04-Jan-2015/nordea-bank-s-online-services-hit-by-hackers

Read More:
Nordea bank’s online services hit by DDoS Attack

DDoS attack on 4Chan by Lizard Squad’s DDoS Rent-A-Tool Lizard Stresser

Lizard Squad’s rent-a-tool Lizard Stresser in action against 4Chan. The infamous band of hackers, Lizard Squad, which brought down the PlayStation Network and Xbox Live servers through Christmas with DDoS attack, are in the news again.  This time the target is 4Chan.org, the popular image boarding website and tool used is the DDoS on rent, Lizard Stresser. 4Chan has been brought down by Lizard Stresser through a DDoS attack and still offline. Tweets from Lizard Squad indicate that the someone has rented the Lizard Squad’s rent-a-tool for DDoS to attack 4Chan website. Lizard Squad allegedly used a 1200 GB/s DDoS attack against PSN and XBL networks and is offering double the size of attacks on rent.  At present details are sketchy and it is not known who has rented the Lizard Stresser to bring down the 4Chan website. Apparently Lizard Stresser was taken offline two days ago after somebody doxed the userids on the server. The website hosting Lizard Stresser now serves a different login page The Lizard Stresser offers individuals a way to take down IP addresses without having to know anything about hacking or DDoS attacks and is available in multiple subscription packages which range from $5.99 / €4.93 for a 100-second attack to $129.99 / €107 for an eight and a half hour long denial of service incident. The Lizard Squad also offers lifetime packs, prices for which can go upto $500 / €411. The lifetime packs are valid for five years as per Lizard Stresser website. 4Chan renters seem to have opted for the 8 hours pack from the looks of it but there is no official confirmation from either the Lizard Squad or 4Chan regarding the attack except for the tweet above(now deleted*). For the time being, the 4Chan website is inaccessible and will stay this way probably until the attack ends or 4Chan admin devise some method to manage to protect themselves against it. Considering that Lizard Squad brought down the networks of bigger and better Sony and Microsoft, 4Chan admin have a hard task cut out for them. There is also a outside chance that the 4Chan may be  really down for maintenance , but that is difficult to imagine as Lizard Squad are known to be vocal about their exploits. There were reports of 4Chan admins announcing a while ago that there will be some downtime due to server maintenance, so it might come back online very soon. We will be updating the story as soon as we get any feedback/confirmation from either Lizard Squad or 4Chan. Lizard Squad has also deleted the above tweet about renting the Lizard Stresser just moments ago and the 4Chan website home is still showing some broken images. Source: http://www.techworm.net/2015/01/4chan-ddosed-lizard-squads-ddos-rent-tool-lizard-stresser.html

Read this article:
DDoS attack on 4Chan by Lizard Squad’s DDoS Rent-A-Tool Lizard Stresser

‘Bitcoin Baron’ claims credit for City of Columbia, KOMU DDoS attacks

He cited a 2010 SWAT raid in Columbia as his motivation behind the DDoS attacks. An individual is taking credit for the distributed denial of service attacks on the websites of the City of Columbia and KOMU-8 on Friday. KOMU posted about the attack on its Facebook page at 3:48 p.m. Friday, about three hours after the station had reported on a similar attack on the City of Columbia’s website earlier Friday. KOMU’s article included a statement from Assistant City Manager Tony St. Romaine indicating the activist group Anonymous was behind the attacks. Shortly after their site was attacked, KOMU received an email from a third party who indicated that he, not Anonymous, was behind both attacks. KOMU General Manager Marty Siddall said the individual referred to himself as “Bitcoin Baron.” Through his Twitter, Bitcoin Baron has connected himself to multiple other DDoS attacks. Bitcoin Baron said in a video that his motivation behind the attacks was a 2010 Columbia SWAT raid on the house of Jonathan Whitworth, who was presumed to be a marijuana dealer. During the raid, one of Whitworth’s dogs was fatally shot in front of his wife and child. “I decided that this should go viral once more to show everyone the true nature of how you and every police department does things,” Bitcoin Baron said in his video. Bitcoin Baron said in a tweet that no data was affected by any of the DDoS attacks. Prasad Calyam, assistant professor of computer science with a technical focus in cyber security, said DDoS attacks occur when a user creates a large amount of fake traffic that accesses a site’s servers all at once to crash the site. “(A DDoS attack) is a sort of brute force attack, where many machines are compromised to act like regular users in order to block real users from reaching the site,” he said. Calyam said DDoS attacks cannot be stopped as they occur, and he advised that locally blocking a website is the best way to deal with an attack. “(That is) because it’s hard for an Internet provider to block people from accessing your site,” he said. “The only way to prevent attacks is through an intrusion detection system, which can be really expensive … There are open source intrusion detection systems available, but they must be maintained and managed by experts.” Siddall said KOMU is working with their third-party Internet provider to prevent future attacks. Source: http://www.themaneater.com/stories/2014/12/29/bitcoin-baron-claims-credit-city-columbia-komu-ddo/

More here:
‘Bitcoin Baron’ claims credit for City of Columbia, KOMU DDoS attacks

DDoS attack takes down City of Columbia website

Columbia Deputy City Manager says a hacker group took responsibility for the attack on GoColumbiaMo.com A City of Columbia official said the city’s website, gocolumbiamo.com, suffered a cyber attack Wednesday night, and the website will be down until further notice. Deputy City Manager Tony St. Romaine said Anonymous, a group associated with cyber attacks and hacking activism, took down the city’s website with a Distributed Denial of Service (DDoS) attack. St. Romaine said the group cited a drug-related SWAT raid in Columbia in 2010, where police shot two dogs in the house. A YouTube video shows a user taking credit for the attack, along with the SWAT raid from 2010. (Warning: the video contains strong language and graphic content.) A news release sent Friday morning said the city’s IT department was notified of an attack around 11 p.m. Wednesday. Deputy City Manager Tony St. Romaine told ABC 17 News IT staff worked through the night until 7 a.m. Thursday. The staff left the office, but continued to work from home. “This form of attack is an attempt to make an online service unavailable by flooding the website server with requests from multiple sources,” the release said. “In most cases, they involve forging of sender addresses so that the location of the attacking machines cannot easily be identified.” The release said this sort of attack renders city services provided online unavailable, and doesn’t compromise personal information. Source: http://www.abc17news.com/news/city-of-columbia-website-suffers-cyber-attack/30405572

View article:
DDoS attack takes down City of Columbia website