Articles about DDoS

The Necurs botnet is one of the largest around at the moment and is principally known for sending spam including the Locky ransomware.

However, new research from BitSight's Anubis Labs has uncovered a new component being loaded in infected systems that allows it to use bots to enable proxy communications and perform DDoS attacks.

Continue reading →

The world of cyber security is a constant arms race with attackers and defenders constantly on the lookout for an edge.

Cyber security company NexusGuard has released its latest threat report for the final quarter of 2016, and notes a shift towards blended DDoS attacks combining multiple vulnerabilities with the intent of overloading targeted monitoring, detection and logging systems.

Continue reading →

2016 should have reinforced what security experts have been telling us over the years. Cyberattacks are not a matter of "if" anymore but "when."

Last year, there was no such thing as "too big to fail" as top tech firms like Yahoo!, Dropbox, and LinkedIn all reported data breaches. Internet services provider Dyn, which is used by Twitter and Spotify, was also hit with traffic-based attacks, affecting uptime of these popular sites. Banks and government institutions also fell victim to attacks that compromised information of millions of users -- a bank in Sri Lanka even lost billions of dollars to spoofed international transactions.

Continue reading →

The Lloyds Banking Group fell victim to a massive cyberattack this week, that was responsible for temporarily disrupting its services.

The attack is being attributed to an international hacking group. It launched a distributed denial of service (DDoS) attack against the company's online services that lasted for two days. During this time, customers were reportedly unable to make payments online or check their account balances.

Continue reading →

D-Link is facing a lawsuit brought against it by the US Federal Trade Commission for the poor security of its routers and connected cameras. The FTC says the company failed to take reasonable steps to protect users from hackers.

The FTC is seeking to improve the security of all IoT (internet of things) devices in the wake of compromised devices being used to launch high-profile DDoS attacks such as Marai and Leet Botnet. D-Link argues that the charges brought against it are "unwarranted and baseless" and plans to "vigorously defend itself".

Continue reading →

With large scale cyber attacks constantly hitting the headlines, businesses ought to be aware of the need to protect themselves.

But a new study by Kaspersky Lab shows that 40 percent of businesses are unclear on how to protect themselves against targeted attacks and DDoS.

Continue reading →

In September 1996 New York City’s original Internet Service Provider, Panix, was hit by a SYN flood denial of service attack that took the company offline for several days. At a time when only 20 million Americans were online this was one of the first high profile examples of how fragile internet infrastructure could be.

Fast forward 20 years and businesses and individuals are now hugely dependent on the Internet services they both offer and use, and the primary threat to the availability of those Internet is the distributed denial of service (DDoS) attack. DDoS attacks have evolved consistently over the last 20 years and have moved from being a curiosity, to a nuisance, and, now, to a serious business continuity risk.

Continue reading →

Earlier in the year, a huge DDoS attack was launched on Krebs on Security. Analysis showed that the attack pelted servers with 620 Gbps, and there were fears that the release of the Mirai source code used to launch the assault would lead to a rise in large-scale DDoS attacks. Welcome Leet Botnet.

In the run-up to Christmas, security firm Imperva managed to fend off a 650 Gbps DDoS attack. But this was nothing to do with Mirai; it is a completely new form of malware, but is described as "just as powerful as the most dangerous one to date". The concern for 2017 is that "it's about to get a lot worse".

Continue reading →

Gamification is increasingly used by business as a means of enhancing the usability of software. But now it seems hackers are exploiting the technique too.

Researchers at threat protection company Forcepoint have uncovered a DDoS package being shared on Turkish hacking forums employing a gamified approach.

Continue reading →

Following the massive attack that took down the servers of the DNS service provider Dyn and a number of high profile websites including Netflix, Twitter, Spotify and Reddit last month, Amazon Web Services (AWS) has announced a new technology to protect sites against distributed denial of service (DDoS) attacks.

The new tool, which is called AWS Shield, was announced at the company's re:Invent developer event in Las Vegas. Amazon's own site was affected by the attack on Dyn and the company has now decided to launch its own DDoS protection service to ensure that its site and those that use AWS are able to withstand future attacks.

Continue reading →

Distributed denial of service (DDoS) attacks make a lot of noise, and according to a new Kaspersky Lab report, that’s exactly what hackers are using them for.

As businesses are preoccupied with handling DDoS attacks, hackers use the opportunity for another, more targeted, and more deadly type of attack. Basically, DDoS is nothing more than a smokescreen. The conclusion comes in Kaspersky Lab’s report, which polled businesses about their cybersecurity experiences. More than half (56 percent) say DDoS is being used to cover something else.

Continue reading →

Security researchers have discovered a new distributed denial of service (DDoS) method that requires less effort to launch large-scale attacks that can bring down servers or firewalls from a single laptop.

The new method of launching DDoS attacks called BlackNurse was discovered by researchers at the Security Operations Center of the Danish telecom operator TDC (TDC SOC). It operates by using attacks based on low volume Internet Control Message Protocol (ICMP) to overload firewalls to the point where they shut down.

Continue reading →

DDoS attacks have been at the forefront of the media for weeks. The unprecedented scale of the attacks on Brian Krebs website lit the powder keg, and it hasn’t stopped, with the most recent example being the attack on Dyn’s servers that led to a major outage on the east coast of the US.

As The Register reported, the Krebs attack was the largest known single DDoS attack ever, with more than 152K devices involved, generating more than 620Gbps in the attack. The Dyn attack received even more coverage, as it affected many popular consumer sites, including media-friendly Twitter.

Continue reading →

The number of DDoS attacks fell more than 40 percent to 97,700 attacks in the second quarter of 2016 according to the latest threat report from DDoS security service Nexusguard.

The report reveals there was a sharp dip in distributed reflection denial of service (DrDoS) attacks, with DNS-based attacks falling 97 percent compared to the previous quarter. However, recent DDoS attacks on cybercrime journalist Brian Krebs and OVH, a French internet hosting provider, broke records for speed and size.

Continue reading →

Imagine standing in line at a coffee shop, the place is brimming with people all shouting their order at the one overwhelmed barista. You place your order but he can’t hear you. You shout it, you scream it over the din of the thousands of people also ordering their coffee, but the barista just shrugs because he can’t get your order much less process it. No coffee for you. As you leave you realize those thousands of other customers aren’t even customers, they were just noise generated to keep you from getting your coffee.

Welcome to DDoS.

Continue reading →