DDoS attacks continue to be an effective means to distract and confuse security teams while inflicting serious damage on brands. Neustar discovered that brands experienced a 27 percent increase in the number of breaches per DDoS attack, despite suffering similar attack levels in the same time period last year. Attackers are getting higher yields from determined attacks Data from the report shows attackers are achieving higher levels of success against brands they only hit once: … More ?
Frost & Sullivan found that the DDoS mitigation market generated a revenue of $816 million in 2016 and is expected to register a CAGR of 17.1 percent through 2021. Threat actors’ continuous development of new techniques to overwhelm their target’s defenses and improve effectiveness of their DDoS attacks in terms of scale, frequency, stealth, and sophistication, are factors driving rapid growth. DDoS attacks are on the rise Attacks have become more extensive and are testing … More ?
An ad-hoc alliance of tech firms has managed to seriously cripple an Android-based botnet that was being actively used to DDoS multiple content providers. The botnet, dubbed WireX by the researchers, consisted of Android devices with malicious apps installed. In fact, in the wake of the discovery, Google has pulled some 300 such apps from Google Play, began removing them remotely from affected users’ devices, and blocked them from being installed. The malicious apps The … More ?
Here’s an overview of some of last week’s most interesting news, podcasts and articles: Judge limits DOJ’s search of anti-Trump website data On Thursday, District of Columbia Superior Court Judge Robert Morin ruled that DreamHost must comply with the narrowed warrant, but has further limited the government’s access to the asked-for data, in order to limit exposure of sensitive user information. Review: Securing the Internet of Things The authors do a good job explaining the … More ?
ESET researchers have unearthed a botnet of some 500,000 infected machines engaged mostly in ad-related fraud by using malicious Chrome extensions, but also Facebook fraud and brute-forcing Joomla and WordPress websites. In addition to this, the compromised machines are also equipped with a fully featured backdoor, which allows the operators to spy on all the victims, and to download additional malware on the computers. A long-standing operation There are many unusual things about the so-called … More ?
The greatest DDoS risk for organisations is the barrage of short, low volume attacks which mask more serious network intrusions. Despite several headline-dominating, high-volume DDoS attacks over the past year, the vast majority (98%) of the DDoS attack attempts against Corero customers during Q1 2017 were less than 10 Gbps per second in volume. In addition, almost three quarters (71%) of the attacks mitigated by Corero lasted 10 minutes or less. Due to their small … More ?
As the criminals behind the WannaCry ransomware are trying to make it work again, security researchers have created tools for decrypting files encrypted by it. DDoS attacks against the killswitch domains Since researcher Marcus Hutchins (aka MalwareTech) registered a (previously non-existent) killswitch domain for the malware and stopped its onslaught, the domain has been under attack by Mirai-powered botnets. Today’s Sinkhole DDoS Attack pic.twitter.com/wxT2YUrdOF — MalwareTech (@MalwareTechBlog) May 18, 2017 That particular domain has been … More ?
The risks insecure medical devices pose to patient safety are no longer just theoretical, and compromised electronic health records may haunt patients forever. A surgical robot, pacemaker, or other life critical device being rendered non-functional would give a whole new, and wholly undesirable, meaning to denial of service. Malware like MEDJACK has been used to infect medical devices and use them as staging grounds to attack medical records systems. IoT ransomware is on the rise … More ?
The Necurs botnet has, once again, begun pushing Locky ransomware on unsuspecting victims. The botnet, which flip-flops from sending penny stock pump-and-dump emails to booby-trapped files that lead to malware (usually Locky or Dridex), has been spotted slinging thousand upon thousand of emails in the last three or four days. “Talos has seen in excess of 35K emails in the last several hours associated with this newest wave of Locky,” Cisco Talos researchers noted on … More ?
Akamai researchers Jose Arteaga and Wilber Majia have identified a new Connection-less Lightweight Directory Access Protocol (CLDAP) reflection and amplification method. CLDAP query packet Akamai’s Security Intelligence Response Team (SIRT) has observed this attack vector producing DDoS attacks consistently exceeding 1 Gbps, comparable to DNS reflection attacks. CLDAP Unlike other reflection-based vectors, where compromised hosts may number in the millions, the observed CLDAP amplification factor has been able to produce significant attack bandwidth with significantly … More ?