Akamai researchers Jose Arteaga and Wilber Majia have identified a new Connection-less Lightweight Directory Access Protocol (CLDAP) reflection and amplification method. CLDAP query packet Akamai’s Security Intelligence Response Team (SIRT) has observed this attack vector producing DDoS attacks consistently exceeding 1 Gbps, comparable to DNS reflection attacks. CLDAP Unlike other reflection-based vectors, where compromised hosts may number in the millions, the observed CLDAP amplification factor has been able to produce significant attack bandwidth with significantly … More ?
Every hour of every day, computer systems and IoT devices are under attack by bots trying to recruit them into growing botnets. Security researchers have recently highlighted two of these threats coming after Linux- and BusyBox-based systems and devices. Amnesia A year after security researcher Rotem Kerner discovered a remote code execution vulnerability that affected digital video recorders (DVRs) manufactured by Chinese company TVT Digital and sold by more than 70 different vendors around the … More ?
A 20,000-bots-strong botnet is probing WordPress sites, trying to compromise them and spread a backdoor downloader Trojan called Sathurbot as far and as wide as possible. Sathurbot: A versatile threat “Sathurbot can update itself and download and start other executables. We have seen variations of Boaxxe, Kovter and Fleercivet, but that is not necessarily an exhaustive list,” the researchers noted. Sathurbot is also a web crawler, and searches for domain names that can be probed … More ?
In the videos below, McAfee Labs show the setup requirements for installing and deploying TinyNuke. They review the available features of TinyNuke through the control panel, deploy a bot a client machine, and perform attacks against a client.
See the original article here:
Video: TinyNuke botnet explained
Kaspersky Lab experts have noted an emerging trend – a growth in the number of attacks using encryption. Such attacks are highly effective due to the difficulty in identifying them amongst the overall flow of clean requests. Recently, the company encountered yet more evidence of this trend – an attack exploiting vulnerabilities in WordPress via an encrypted channel. WordPress Pingback attacks have been in use since 2014. They fall under the amplification class of attacks, … More ?
Read the original:
DDoS attacks via WordPress now come with encryption
From 5 to 9 December 2016, Europol and law enforcement authorities from Australia, Belgium, France, Hungary, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, the United Kingdom and the United States carried out a coordinated action targeting users of DDoS tools, leading to 34 arrests and 101 suspects interviewed and cautioned. Europol’s European Cybercrime Centre (EC3) supported the countries in their efforts to identify suspects in the EU and beyond, mainly young adults under the … More ?
See the article here:
Law enforcement operation targets users of DDoS tools
Security and privacy of data and systems in the cloud remains a top worry for 70% of IT professionals worldwide, up from 63% in 2015, according to a new Cloud Security Survey by Netwrix. The top three cloud security concerns in 2016 are unauthorized access (69%), malware (37%) and denial of service (DoS) attacks (34%). Cloud security concerns (up to 5) Even though cloud service providers make security a top priority, cloud computing is still … More ?
When Mary Shelley wrote Frankenstein, she imagined the misguided doctor assembling his creature from dead body parts, who instead of elevating science, created something dark and terrible. A modern day Mary might well imagine the monster being assembled, not from arms and legs, from nanny-cams, door locks, and DVRs. It would be hard to miss the events of the past few weeks. In September, security reporter Brian Krebs was hit by a massive DDoS attack. … More ?
See the original article here:
Building the IoT monster
Spam volume is back to mid-2010 heights, and Cisco Talos researchers say that the Necurs botnet is partly to blame. “Many of the host IPs sending Necurs’ spam have been infected for more than two years. To help keep the full scope of the botnet hidden, Necurs will only send spam from a subset of its minions. An infected host might be used for two to three days, and then sometimes not again for two … More ?
Originally posted here:
Spam is once again on the rise
When it comes to quantitative indicators, the last quarter can be marked by significant quantitative decline, according to DDoS-GUARD. The number of detected DDoS attacks is 57% lower than in the previous quarter and equals to 12583. But don’t get excited too soon, as the attacks quality, volume and complexity has increased markedly. The maximum volume of malicious traffic for a single UDP flood attack totaled 217.7 Gbps, which is 71% higher than in the … More ?