Tag Archives: start-news

DDoS attacks: Brands have plenty to lose, even if attacked only once

DDoS attacks continue to be an effective means to distract and confuse security teams while inflicting serious damage on brands. Neustar discovered that brands experienced a 27 percent increase in the number of breaches per DDoS attack, despite suffering similar attack levels in the same time period last year. Attackers are getting higher yields from determined attacks Data from the report shows attackers are achieving higher levels of success against brands they only hit once: … More ?

View original post here:
DDoS attacks: Brands have plenty to lose, even if attacked only once

Global DDoS mitigation market trends and developments

Frost & Sullivan found that the DDoS mitigation market generated a revenue of $816 million in 2016 and is expected to register a CAGR of 17.1 percent through 2021. Threat actors’ continuous development of new techniques to overwhelm their target’s defenses and improve effectiveness of their DDoS attacks in terms of scale, frequency, stealth, and sophistication, are factors driving rapid growth. DDoS attacks are on the rise Attacks have become more extensive and are testing … More ?

Visit site:
Global DDoS mitigation market trends and developments

Tech firms band together to take down Android DDoS botnet

An ad-hoc alliance of tech firms has managed to seriously cripple an Android-based botnet that was being actively used to DDoS multiple content providers. The botnet, dubbed WireX by the researchers, consisted of Android devices with malicious apps installed. In fact, in the wake of the discovery, Google has pulled some 300 such apps from Google Play, began removing them remotely from affected users’ devices, and blocked them from being installed. The malicious apps The … More ?

Read the article:
Tech firms band together to take down Android DDoS botnet

Week in review: Android Oreo security, hacking robots, DDoS attacks on the rise

Here’s an overview of some of last week’s most interesting news, podcasts and articles: Judge limits DOJ’s search of anti-Trump website data On Thursday, District of Columbia Superior Court Judge Robert Morin ruled that DreamHost must comply with the narrowed warrant, but has further limited the government’s access to the asked-for data, in order to limit exposure of sensitive user information. Review: Securing the Internet of Things The authors do a good job explaining the … More ?

Read more here:
Week in review: Android Oreo security, hacking robots, DDoS attacks on the rise

Surprisingly stealthy botnet has been targeting users for years

ESET researchers have unearthed a botnet of some 500,000 infected machines engaged mostly in ad-related fraud by using malicious Chrome extensions, but also Facebook fraud and brute-forcing Joomla and WordPress websites. In addition to this, the compromised machines are also equipped with a fully featured backdoor, which allows the operators to spy on all the victims, and to download additional malware on the computers. A long-standing operation There are many unusual things about the so-called … More ?

View article:
Surprisingly stealthy botnet has been targeting users for years

Stealthy DDoS attacks distract from more destructive security threats

The greatest DDoS risk for organisations is the barrage of short, low volume attacks which mask more serious network intrusions. Despite several headline-dominating, high-volume DDoS attacks over the past year, the vast majority (98%) of the DDoS attack attempts against Corero customers during Q1 2017 were less than 10 Gbps per second in volume. In addition, almost three quarters (71%) of the attacks mitigated by Corero lasted 10 minutes or less. Due to their small … More ?

Link:
Stealthy DDoS attacks distract from more destructive security threats

There’s now a WannaCry decryptor tool for most Windows versions

As the criminals behind the WannaCry ransomware are trying to make it work again, security researchers have created tools for decrypting files encrypted by it. DDoS attacks against the killswitch domains Since researcher Marcus Hutchins (aka MalwareTech) registered a (previously non-existent) killswitch domain for the malware and stopped its onslaught, the domain has been under attack by Mirai-powered botnets. Today’s Sinkhole DDoS Attack pic.twitter.com/wxT2YUrdOF — MalwareTech (@MalwareTechBlog) May 18, 2017 That particular domain has been … More ?

See more here:
There’s now a WannaCry decryptor tool for most Windows versions

How to securely deploy medical devices within a healthcare facility

The risks insecure medical devices pose to patient safety are no longer just theoretical, and compromised electronic health records may haunt patients forever. A surgical robot, pacemaker, or other life critical device being rendered non-functional would give a whole new, and wholly undesirable, meaning to denial of service. Malware like MEDJACK has been used to infect medical devices and use them as staging grounds to attack medical records systems. IoT ransomware is on the rise … More ?

Continue reading here:
How to securely deploy medical devices within a healthcare facility

Locky ransomware makes a comeback, courtesy of Necurs botnet

The Necurs botnet has, once again, begun pushing Locky ransomware on unsuspecting victims. The botnet, which flip-flops from sending penny stock pump-and-dump emails to booby-trapped files that lead to malware (usually Locky or Dridex), has been spotted slinging thousand upon thousand of emails in the last three or four days. “Talos has seen in excess of 35K emails in the last several hours associated with this newest wave of Locky,” Cisco Talos researchers noted on … More ?

Continued here:
Locky ransomware makes a comeback, courtesy of Necurs botnet

CLDAP reflection attacks generate up to 24 Gbps of traffic

Akamai researchers Jose Arteaga and Wilber Majia have identified a new Connection-less Lightweight Directory Access Protocol (CLDAP) reflection and amplification method. CLDAP query packet Akamai’s Security Intelligence Response Team (SIRT) has observed this attack vector producing DDoS attacks consistently exceeding 1 Gbps, comparable to DNS reflection attacks. CLDAP Unlike other reflection-based vectors, where compromised hosts may number in the millions, the observed CLDAP amplification factor has been able to produce significant attack bandwidth with significantly … More ?

More:
CLDAP reflection attacks generate up to 24 Gbps of traffic