Tag Archives: netherlands

International operation takes down Russian RSOCKS botnet

$200 a day buys you 90,000 victims A Russian operated botnet known as RSOCKS has been shut down by the US Department of Justice acting with law enforcement partners in Germany, the Netherlands and the UK. It is believed to have compromised millions of computers and other devices around the globe.…

Read More:
International operation takes down Russian RSOCKS botnet

Web attacks increase 71% in third quarter

Dubai: After a slight downturn in the second quarter of this year, the average number of Distributed Denial of Service (DDoS) attacks increased to an average of 30 attacks per target. Fact Box description starts here Fact Box description ends here This reflects that once an organisation has been attacked, there is a high probability of additional attacks, a cyber security expert said. Fact Box description starts here Fact Box description ends here “Cybercriminals have found new attack channels to disable resources as the total DDoS attacks increased by 71 per cent year over year in the third quarter. During the third quarter, we mitigated a total of 4,556 DDoS attacks, an eight per cent decrease from second quarter,” Dave Lewis, Global Security Advocate at Akamai Technologies, told Gulf News. Fact Box description starts here Fact Box description ends here DDoS attack means an attacker sends too much traffic to a server beyond it can handle and the server goes offline. Fact Box description starts here Fact Box description ends here “We are seeing more and more of short-based attacks with limited bandwidth and consequence. There were 19 mega attacks mitigated during the quarter that peaked at more than 100Gbps, matching the first quarter high point,” he said. It’s interesting that while the overall number of attacks fell by eight per cent quarter over quarter, he said the number of large attacks, as well as the size of the biggest attacks, grew significantly. Fact Box description starts here Fact Box description ends here In contrast to previous quarters, when reflection attacks generated the traffic in the largest attacks, a single family of botnets, Mirai, accounted for the traffic during these recent attacks. Rather than using reflectors, he said that Mirai uses compromised internet of Things systems and generates traffic directly from those nodes. Fact Box description starts here Fact Box description ends here The Mirai botnet was a source of the largest attacks Akamai mitigated to date, an attack that peaked at Fact Box description starts here Fact Box description ends here 623Gbps. Mirai did not come out of nowhere. What makes Mirai truly exceptional is its use of IoT devices and several capabilities that aren’t often seen in botnets. Fact Box description starts here Fact Box description ends here The two largest DDoS attacks this quarter, both leveraging the Mirai botnet, were the biggest observed by Akamai to-date — recorded at 623Gbps and 555Gbps. Fact Box description starts here Fact Box description ends here “Attackers are generally not looking for vulnerable systems in a specific location, they are scanning the entire internet for vulnerable systems. The Mirai botnet is especially noisy and aggressive while scanning for vulnerable systems,” he said. Fact Box description starts here Fact Box description ends here He said that some clients are almost always under attack. The top target organisations saw three to five attacks every day of the quarter. However, without defences in place, these attacks could have a “substantial cumulative effect” on an organisation’s’ reputation. Fact Box description starts here Fact Box description ends here “It is becoming easier for hackers to launch attacks on commoditised platforms for lesser price than a coffee cup. The internet of Things are very good at what they are good at but security is often left out. We see these devices like DVRs with default credentials with an insecure protocol,” he said. Fact Box description starts here Fact Box description ends here According to Akamai Technologies’ Third Quarter, 2016 State of the internet/Security Report, majority of web application attacks continued to take place over http (68 per cent) as opposed to https (32 per cent), which could afford attackers some modicum of protection by encrypting traffic in transit. Fact Box description starts here Fact Box description ends here The US remained the top target for web application attacks as many organisations are headquartered in the US, with the resultant infrastructure also hosted in-country, it is expected that the US will continue to be the top target for some time. Fact Box description starts here Fact Box description ends here Brazil, the top country of origin for all web application attacks in the second quarter, experienced a 79 per cent decrease in attacks this quarter. The United States (20 per cent) and Netherlands (18 per cent) were the countries with the most web application attacks. Source: http://gulfnews.com/business/sectors/technology/web-attacks-increase-71-in-third-quarter-1.1930487

See the original post:
Web attacks increase 71% in third quarter

Week in review: APT wars, 18-year-old bug endangers Windows users, and main sources of data breaches

Here's an overview of some of last week's most interesting news and articles: Simda botnet taken down in global operation The Simda botnet, believed to have infected more than 770,000 computers …

Read the original:
Week in review: APT wars, 18-year-old bug endangers Windows users, and main sources of data breaches

3 million strong RAMNIT botnet taken down

The National Crime Agency’s National Cyber Crime Unit (NCCU) worked with law enforcement colleagues in the Netherlands, Italy and Germany, co-ordinated through Europol’s European Cybercrime Centre (EC…

Taken from:
3 million strong RAMNIT botnet taken down

Week in review: AET costs, Windows XP deadline, routers expose ISPs to DNS-based DDoS attacks

Here's an overview of some of last week's most interesting news, reviews and articles: Cost of Advanced Evasion Techniques in recent data breaches A new report by McAfee examines the controversy…

Read More:
Week in review: AET costs, Windows XP deadline, routers expose ISPs to DNS-based DDoS attacks

Sality botnet takedown plans posted online

Valid attack could seize infected machines Updated   A self-describer “law-abiding citizen” has posted attack plans against the Sality botnet on the Full Disclosure security mailing list, along with a tongue-in-cheek warning not to enact them since that would be illegal.…

See the original article here:
Sality botnet takedown plans posted online