DDoSInfo - Information about DDoS and Denial of Service Attacks » Uncategorized

Major Denial of Service Vulnerability Affects Most Web Servers

Enurrendy — Wed, 04 Jan 2012 05:07:00 +0000

Security researcher Alexander Klink and Julian Wälde revealed a serious vulnerability that until recently affected the vast majority of web server. The attack only requires a single HTTP request that is specially designed to create hash code collisions in POST form data. When first discovered this attack affected Python, Ruby, PHP, Java, and ASP.NET, but vendors have been working with the researchers to produce patches. Tomcat updates 7.0.23 and 6.0.35 address this issue by limiting the number of POST form fields to 10,000. The change log says that this is configurable, but no details were provided. The patch for ASP.NET was released on December 29. The patch will be automatically applied for Windows Azure customers with the default servicing policy. The patch works by limiting the number of POST form fields in a single request to 1,000, which is well below the number needed for a denial of service attack. This value is configurable using the appSettings key “aspnet:MaxHttpCollectionKeys”. Currently this can only be applied site-wide, but there have been requests for page-specific overrides. A fix was also added for related flaws in the JSON input and deserialization logic. PHP 5.4.0, which is only a release candidate also offers a max_input_vars directive. The release notes do not state what the default value is. So far every vendor we’ve discussed has addressed the issue at the web server level by limiting the number of fields in a single request. Another option is the use of a randomized hash code formula for strings. Ruby is one such language. .NET does this as well, but only for internal builds. Production releases currently have a set formula, but given the severity of this issue that may change the next time the CLR is updated. For Java it is not quite so easy; the JVM specifies the hash code formula for strings, which means developers may be relying on it to be consistent across all versions. An update for Oracle Glassfish is supposedly complete, but not yet available. There is no information of the method used to address the issue. More information about this issue is available on Ars Technica and the Chaos Communication Congress website.

Excerpt from:
Major Denial of Service Vulnerability Affects Most Web Servers

http://www.spamfighter.com/News-17155-Data-finds-over-1-m-UK-Home-PCs-Belonging-to-Botnets.htm

Enurrendy — Sun, 11 Dec 2011 06:10:41 +0000

Data finds over 1 m UK Home PCs Belonging to Botnets The British Broadcasting Corporation (BBC) has reported that a Dutch security researchers’ group trying to determine methods by which compromising of home PCs can be lessened from getting criminally used, recently, discovered that crime botnets seized over 1m home computers in UK.

McAfee Suspects Sophisticated Indulge at Cybercriminals’ Demeanor

Enurrendy — Sun, 27 Nov 2011 06:10:30 +0000

According to McAfee’s third quarter security threats report (Q3-2011), revealed by Intel-owned security technology firm, cybercriminals seems to change their tactics of circulating malware for avoiding law enforcement, reports v3.co.uk on November 21, 2011. Commenting on the findings, Toralv Dirro, Security Strategist at McAfee Labs EMEA (Europe Middle East and Africa) said that as a result of a sudden augment of virus indulgence, large botnets are being shut down and operators are being driven to concentrate more on smaller and localized networks, highlights v3.co.uk on November 21, 2011. While explaining the matter, Dirro claimed that law enforcement becomes more interesting when the botnet is bigger

Read the article:
McAfee Suspects Sophisticated Indulge at Cybercriminals’ Demeanor

Researchers Show How Easy It Is To Infiltrate Facebook

Enurrendy — Wed, 16 Nov 2011 09:50:04 +0000

A new paper being presented next month at the Annual Computer Security Applications Conference (ACSAC) shows easy it is to infiltrate Facebook and harvest valuable user data. Botnets, networks of hijacked computers controlled remotely for criminal gain or spreading propaganda, have been aggravating cybersecurity professionals for years. The near-billion people connected to social networks has made Facebook and Twitter the new juicy targets for similar schemes

Continue reading here:
Researchers Show How Easy It Is To Infiltrate Facebook

DoS attack rocks Palestine, cuts phones, internet

Enurrendy — Fri, 04 Nov 2011 07:51:53 +0000

Large denial of service attacks have rocked Palestinian severing internet service to the West Bank and Gaza. The Palestinian Communications Minister Mashur Abu Daqqa told reporters the attacks originated from locations “all over the world … using mirror servers.” Up to a million packets a second had hit Palestine’s incumbent telephone company PalTel, local media said

Satanbot Employs VBScript to Create Botnet

Enurrendy — Sun, 23 Oct 2011 05:07:07 +0000

Malware is on the rise.

More here:
Satanbot Employs VBScript to Create Botnet

DHS, Commerce looking to battle botnets

Enurrendy — Sun, 16 Oct 2011 10:39:13 +0000

The Commerce and Homeland Security departments are considering whether a set of voluntary industry standards are needed to combat botnets, the malicious networks of compromised computers controlled by online criminals, hackers and possibly nation-states. Steps being considered include a centralized customer support center for Internet service providers, a voluntary code of conduct for vendors and service providers along with incentives for participation, and an effort to identify best practices for preventing, identifying and mitigating infections. “Over the past several years, botnets have increasingly put computer owners at risk,” said a request for information published last month by DHS, the National Institute of Standards and Technology, and the National Telecommunications and Information Administration.

View the original here:
DHS, Commerce looking to battle botnets

Cyber Crime rate escalating, says Deparment of Homeland Security

Enurrendy — Sun, 02 Oct 2011 04:34:08 +0000

Homeland Security Department (DHS) of the U.S. has said that the number of cybercrimes has sharply risen as compared to previous records.

Continue reading here:
Cyber Crime rate escalating, says Deparment of Homeland Security

Google servers as a DDoS tool

Enurrendy — Thu, 01 Sep 2011 21:05:31 +0000

Google’s servers can be used by cyber attackers to launch DDoS attacks, claims Simone “R00T_ATI” Quatrini, a penetration tester for Italian security consulting firm AIR Sicurezza.

Is There a Zombie On Your Network?

Enurrendy — Thu, 21 Jul 2011 20:01:21 +0000

When some people hear about DDoS attacks and botnets containing thousands of zombie hosts, they think it could never happen on their network. While it is true that most of the recent attacks on websites were directed at high profile names, other networks can host the systems responsible for the attacks. In other cases your neighbors could gain access to your network via wireless connections and use it for sending email.

Read more here:
Is There a Zombie On Your Network?