Denial Of Service
June 2, 2025
DDoS incident disrupts internet for thousands in Moscow Full Text
Abstract
A significant Distributed Denial-of-Service (DDoS) attack targeted Russian internet service provider ASVT, disrupting internet access for tens of thousands of residents in Moscow and surrounding areas.The Record
April 28, 2025
Cloudflare mitigates record number of DDoS attacks in 2025 Full Text
Abstract
Cloudflare has reported a record-breaking surge in DDoS attacks, mitigating 21.3 million attacks in 2024—a 358% year-over-year (YoY) increase—and already handling 20.5 million attacks in Q1 2025 alone.Bleeping Computer
February 8, 2025
DDoS Attacks Reportedly Behind DayZ and Arma Network Outages Full Text
Abstract
An ongoing distributed denial of service (DDoS) attack targets Bohemia Interactive's infrastructure, preventing players of DayZ and Arma Reforger from playing the games online.Bleeping Computer
December 12, 2024
Operation PowerOFF Shuts Down 27 DDoS-for-Hire Platforms Full Text
Abstract
Law enforcement agencies from 15 countries have taken 27 DDoS-for-hire services offline, also known as "booters" or "stressers," arrested three administrators, and identified 300 customers of the platforms.Bleeping Computer
September 11, 2024
DDoS Attacks Double With Governments Most Targeted Full Text
Abstract
DDoS attacks have doubled, with governments being the most targeted sector, according to StormWall's report. The number of DDoS incidents globally increased by 102% in the first half of 2024 compared to the same period in 2023.Infosecurity Magazine
August 22, 2024
MegaMedusa, RipperSec’s Public Web DDoS Attack Tool Full Text
Abstract
RipperSec, a pro-Palestinian hacktivist group based in Malaysia, has released MegaMedusa, a publicly available Web DDoS attack tool that simplifies launching large-scale DDoS attacks.Radware
July 25, 2024
Pro-Palestinian Actor Levels Six-Day DDoS Attack on UAE Bank Full Text
Abstract
BlackMeta, known for targeting organizations in Israel, UAE, and the US, used a cybercrime service called InfraShutdown to target a UAE bank for $500-$625 a week. The attach lasted 100 hours in total.Dark Reading
July 12, 2024
Macau Government Websites Hit with Cyberattack by Suspected Foreign Hackers Full Text
Abstract
The attack, identified as a distributed denial-of-service attack (DDoS), affected websites of security services, police, fire and rescue services, and the academy for public security forces.The Record
July 10, 2024 – Phishing
Regional Transport Office Themed Phishing Campaign Targets Android Users In India Full Text
Abstract
Phishing messages impersonating the Regional Transport Office have been circulating since 2024, claiming traffic violations and prompting users to download a malicious APK named "VAHAN PARIVAHAN.apk".Cyble As CISOs Grapple with the C-Suite, Job Satisfaction Takes a Hit Full Text
Abstract
Research shows that 75% of CISOs are considering a job change due to various challenges and pressures. CISOs often face accountability for cyber incidents and compliance failures, leading to discontent.Cybersecurity Dive
May 2, 2024
Hackers Target New NATO Member Sweden with Surge of DDoS Attacks Full Text
Abstract
Sweden has faced a wave of distributed denial of service (DDoS) attacks since it started the process of joining NATO, according to network performance management provider Netscout.Infosecurity Magazine
April 29, 2024
DDoS Attacks Continue, Post-Election, Against Russian Independent Media Site Meduza Full Text
Abstract
In April, Meduza faced two large-scale distributed denial-of-service (DDoS) attacks, prompting it to reach out to Qurium to investigate their origin and composition, the researchers said.The Record
April 6, 2024
New HTTP/2 DoS Attack can Crash Web Servers with a Single TCP Connection Full Text
Abstract
Newly discovered HTTP/2 protocol vulnerabilities called "CONTINUATION Flood" can lead to denial of service (DoS) attacks, crashing web servers with a single TCP connection in some implementations.Bleeping Computer
February 21, 2024
Top UK Universities Recovering Following Targeted DDoS Attack Full Text
Abstract
The attack targeted the Janet Network, used by several UK universities, and was claimed by the hacktivist group Anonymous Sudan. This incident reflects a growing trend of cyberattacks against UK institutions.Cyware
February 5, 2024
DDoS Attack Power Skyrockets to 1.6 Tbps Full Text
Abstract
The second half of 2023 saw a significant increase in the scale and sophistication of DDoS attacks, with the maximum attack power rising to 1.6 Tbps, according to data by Gcore.Cyware
January 23, 2024
From Megabits to Terabits: Gcore Radar Warns of a New Era of DDoS Attacks Full Text
Abstract
As we enter 2024, Gcore has released its latest Gcore Radar report, a twice-annual publication in which the company releases internal analytics to track DDoS attacks. Gcore's broad, internationally distributed network of scrubbing centers allows them to follow attack trends over time. Read on to learn about DDoS attack trends for Q3–Q4 of 2023, and what they mean for developing a robust protection strategy in 2024. Gcore's Key Findings DDoS attack trends for the second half of 2023 reveal alarming developments in the scale and sophistication of cyberthreats. Unprecedented Attack Power The past three years have brought about a >100% annual increase in DDoS peak (registered maximum) attack volume: In 2021, the peak capacity of DDoS attacks was 300 Gbps In 2022, it increased to 650 Gbps In Q1–Q2 of 2023, it increased again to 800 Gbps In Q3–Q4 of 2023, it surged to 1600 Gbps (1.6 Tbps) Notably, the jump in H2 of 2023 means the cybersecurity industry is measuring DDoS aThe Hacker News
January 15, 2024
DDoS Attacks on the Environmental Services Industry Surge by 61,839% in 2023 Full Text
Abstract
The environmental services industry witnessed an "unprecedented surge" in HTTP-based distributed denial-of-service (DDoS) attacks, accounting for half of all its HTTP traffic. This marks a 61,839% increase in DDoS attack traffic year-over-year, web infrastructure and security company Cloudflare said in its DDoS threat report for 2023 Q4 published last week. "This surge in cyber attacks coincided with COP 28 , which ran from November 30th to December 12th, 2023," security researchers Omer Yoachimik and Jorge Pacheco said , describing it as a "disturbing trend in the cyber threat landscape." The uptick in HTTP attacks targeting environmental services websites is part of a larger trend observed annually over the past few years, specifically during COP 26 and COP 27, as well as other United Nations environment-related resolutions or announcements. "This recurring pattern underscores the growing intersection between environmental issues and cyber security, a nexus that is increasinglThe Hacker News
January 8, 2024
NoName Group Claims DDoS Attacks on Ukrainian Government Sites Full Text
Abstract
The NoName group has reportedly targeted several Ukrainian government websites, including Accordbank, Zaporizhzhya Titanium-Magnesium Plant, and the State Tax Service. The group posted a list of their latest DDoS attack victims on the dark web.Cyware
December 01, 2023
Discover How Gcore Thwarted Powerful 1.1Tbps and 1.6Tbps DDoS Attacks Full Text
Abstract
The most recent Gcore Radar report and its aftermath have highlighted a dramatic increase in DDoS attacks across multiple industries. At the beginning of 2023, the average strength of attacks reached 800 Gbps , but now, even a peak as high as 1.5+ Tbps is unsurprising. To try and break through Gcore's defenses, perpetrators made two attempts with two different strategies. Read on to discover what happened and learn how the security provider stopped the attackers in their tracks without affecting end users' experiences. A Powerful DDoS Attacks In November 2023, one of Gcore's customers from the gaming industry was targeted by two massive DDoS attacks, peaking at 1.1 and 1.6 Tbps respectively. The attackers deployed various techniques in an unsuccessful attempt to compromise Gcore's protective mechanisms. Attack #1: 1.1 Tbps UDP-based DDoS In the first cyber assault, the attackers sent a barrage of UDP traffic to a target server, peaking at 1.1 Tbps. Two methods were employed:The Hacker News
November 23, 2023
Mirai-based Botnet Exploiting Zero-Day Bugs in Routers and NVRs for Massive DDoS Attacks Full Text
Abstract
An active malware campaign is leveraging two zero-day vulnerabilities with remote code execution (RCE) functionality to rope routers and video recorders into a Mirai-based distributed denial-of-service (DDoS) botnet. "The payload targets routers and network video recorder (NVR) devices with default admin credentials and installs Mirai variants when successful," Akamai said in an advisory published this week. Details of the flaws are currently under wraps to allow the two vendors to publish patches and prevent other threat actors from abusing them. The fixes for one of the vulnerabilities are expected to be shipped next month. The attacks were first discovered by the web infrastructure and security company against its honeypots in late October 2023. The perpetrators of the attacks have not been identified as yet. The botnet, which has been codenamed InfectedSlurs due to the use of racial and offensive language in the command-and-control (C2) servers and hard-coded strings, is aThe Hacker News
November 14, 2023
Alert: OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers Full Text
Abstract
Publicly-accessible Docker Engine API instances are being targeted by threat actors as part of a campaign designed to co-opt the machines into a distributed denial-of-service (DDoS) botnet dubbed OracleIV . "Attackers are exploiting this misconfiguration to deliver a malicious Docker container, built from an image named 'oracleiv_latest' and containing Python malware compiled as an ELF executable," Cado researchers Nate Bill and Matt Muir said . The malicious activity starts with attackers using an HTTP POST request to Docker's API to retrieve a malicious image from Docker Hub, which, in turn, runs a command to retrieve a shell script (oracle.sh) from a command-and-control (C&C) server. Oracleiv_latest purports to be a MySQL image for docker and has been pulled 3,500 times to date. In a perhaps not-so-surprising twist, the image also includes additional instructions to fetch an XMRig miner and its configuration from the same server. That said, the cloThe Hacker News
November 4, 2023
Singapore Public Health Services Hit by DDoS Attacks Full Text
Abstract
Public healthcare institutions in Singapore experienced disruptions in internet connectivity due to DDoS attacks. Synapxe, the agency overseeing these institutions, stated that there is no evidence of a compromise of healthcare or patient data.Cyware
November 1, 2023
UserSec Takes Credit for Gatwick Cyberattack Post DDoS Assault on Manchester Airport Full Text
Abstract
The attacks were likely DDoS attacks, disrupting websites but not impacting airport operations or flights. The UK's NCSC is investigating the attacks, while Gatwick Airport officials are also dealing with spoofed Twitter accounts in their name.Cyware
October 26, 2023
Record-Breaking 100 Million RPS DDoS Attack Exploits HTTP/2 Rapid Reset Flaw Full Text
Abstract
Cloudflare on Thursday said it mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks that exploited a recently disclosed flaw called HTTP/2 Rapid Reset , 89 of which exceeded 100 million requests per second (RPS). "The campaign contributed to an overall increase of 65% in HTTP DDoS attack traffic in Q3 compared to the previous quarter ," the web infrastructure and security company said in a report shared with The Hacker News. "Similarly, L3/4 DDoS attacks also increased by 14%." The total number of HTTP DDoS attack requests in the quarter surged to 8.9 trillion, up from 5.4 trillion in Q2 2023 and 4.7 trillion in Q1 2023. The number of attack requests in Q4 2022 stood at 6.5 trillion. HTTP/2 Rapid Reset (CVE-2023-44487) came to light earlier this month following an industry-wide coordinated disclosure that delved into DDoS attacks orchestrated by an unknown actor by leveraging the flaw to target various providers such asThe Hacker News
October 10, 2023
HTTP/2 Rapid Reset Zero-Day Vulnerability Exploited to Launch Record DDoS Attacks Full Text
Abstract
Amazon Web Services (AWS), Cloudflare, and Google on Tuesday said they took steps to mitigate record-breaking distributed denial-of-service (DDoS) attacks that relied on a novel technique called HTTP/2 Rapid Reset. The layer 7 attacks were detected in late August 2023, the companies said in a coordinated disclosure. The cumulative susceptibility to this attack is being tracked as CVE-2023-44487 , and carries a CVSS score of 7.5 out of a maximum of 10. While the attacks aimed at Google's cloud infrastructure peaked at 398 million requests per second (RPS), the ones aimed at AWS and Cloudflare exceeded a volume of 155 million and 201 million requests per second (RPS), respectively. HTTP/2 Rapid Reset refers to a zero-day flaw in the HTTP/2 protocol that can be exploited to carry out DDoS attacks. A significant feature of HTTP/2 is multiplexing requests over a single TCP connection, which manifests in the form of concurrent streams. What's more, a client that wants to aThe Hacker News
October 3, 2023
Global Events Fuel DDoS Attack Campaigns Full Text
Abstract
Cybercriminals launched around 7.9 million DDoS attacks in the first half of 2023, a 31% increase compared to the previous year, according to NETSCOUT. These attacks have been driven by global events such as the Russia-Ukraine war and NATO bids.Cyware
September 12, 2023
After Microsoft and X, Hackers Launch DDoS Attack on Telegram Full Text
Abstract
The hacker group Anonymous Sudan has launched a distributed denial-of-service (DDoS) attack against Telegram in retaliation to the messaging platform’s decision to suspend their primary account, threat intelligence firm SOCRadar reports.Cyware
September 1, 2023 – Breach
Data Breach Could Affect More Than 100,000 in Pima County Full Text
Abstract
More than 100,000 Pima County residents could be affected by a nationwide data breach that affected the company that handled COVID-19 case investigations and contact tracing here, officials say.Cyware
August 28, 2023
Tor Tweaks Onion Routing Software to Fend Off DDoS Attacks Full Text
Abstract
The updated software now supports a proof-of-work challenge called EquiX. Designed by Tevador, who developed Monero's proof-of-work algorithm, it is "a CPU-friendly client puzzle with fast verification and small solution size (16 bytes).Cyware
August 15, 2023
Most DDoS Attacks Tied to Gaming, Business Disputes, FBI and Prosecutors Say Full Text
Abstract
The majority of distributed denial-of-service (DDoS) attacks are launched in response to disputes over business or gaming, according to federal officials investigating the incidents.Cyware
August 03, 2023
“Mysterious Team Bangladesh” Targeting India with DDoS Attacks and Data Breaches Full Text
Abstract
A hacktivist group known as Mysterious Team Bangladesh has been linked to over 750 distributed denial-of-service (DDoS) attacks and 78 website defacements since June 2022. "The group most frequently attacks logistics, government, and financial sector organizations in India and Israel," Singapore-headquartered cybersecurity firm Group-IB said in a report shared with The Hacker News. "The group is primarily driven by religious and political motives." Some of the other targeted countries include Australia, Senegal, the Netherlands, Sweden, and Ethiopia. In addition, the threat actor is said to have gained access to web servers and administrative panels, likely by exploiting known security flaws or poorly-secured passwords. Mysterious Team Bangladesh, as the name indicates, is suspected to be of Bangladeshi origin. "We are working to protect Our Bangladesh Cyberspace," the group's Intro on Facebook reads . The group has an active social media preThe Hacker News
July 21, 2023
DDoS Botnets Hijacking Zyxel Devices to Launch Devastating Attacks Full Text
Abstract
Several distributed denial-of-service (DDoS) botnets have been observed exploiting a critical flaw in Zyxel devices that came to light in April 2023 to gain remote control of vulnerable systems. "Through the capture of exploit traffic, the attacker's IP address was identified, and it was determined that the attacks were occurring in multiple regions, including Central America, North America, East Asia, and South Asia," Fortinet FortiGuard Labs researcher Cara Lin said . The flaw, tracked as CVE-2023-28771 (CVSS score: 9.8), is a command injection bug affecting multiple firewall models that could potentially allow an unauthorized actor to execute arbitrary code by sending a specifically crafted packet to the targeted appliance. Last month, the Shadowserver Foundation warned that the flaw was being "actively exploited to build a Mirai-like botnet" at least since May 26, 2023, an indication of how abuse of servers running unpatched software is on the rise.The Hacker News
July 12, 2023
DDoS Attacks Soar by 168% on Government Services, Report Warns Full Text
Abstract
According to StormWall’s Q2 2023 Report, the United States, India, and China remain the most heavily targeted countries, bearing the brunt of the escalating DDoS attacks.Cyware
July 06, 2023
Surviving the 800 Gbps Storm: Gain Insights from Gcore’s 2023 DDoS Attack Statistics Full Text
Abstract
Gcore Radar is a quarterly report prepared by Gcore that provides insights into the current state of the DDoS protection market and cybersecurity trends. This report offers you an understanding of the evolving threat landscape and highlights the measures required to protect against attacks effectively. It serves as an insight for businesses and individuals seeking to stay informed about the latest developments in cybersecurity. As we entered 2023, the cybersecurity landscape witnessed an increase in sophisticated, high-volume attacks. Here, we present the current state of the DDoS protection market based on Gcore's statistics. Key Highlights from Q1–Q2 The maximum attack power rose from 600 to 800 Gbps. UDP flood attacks were most common and amounted to 52% of total attacks, while SYN flood accounted for 24%. In third place was TCP flood. The most-attacked business sectors are gaming, telecom, and financial. The longest attack duration in the year's first half was seveThe Hacker News
June 20, 2023
Compromised Linux SSH servers engage in DDoS attacks, cryptomining Full Text
Abstract
A threat actor is mounting dictionary attacks to log into Linux servers with SSH installed and saddle the server with the Tsunami and ShellBot DDoS bots, the XMRig CoinMiner program, and Log Cleaner – a tool for deleting and modifying logs.Cyware
June 19, 2023
Microsoft Blames Massive DDoS Attack for Azure, Outlook, and OneDrive Disruptions Full Text
Abstract
Microsoft on Friday attributed a string of service outages aimed at Azure, Outlook, and OneDrive earlier this month to an uncategorized cluster it tracks under the name Storm-1359 . "These attacks likely rely on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools," the tech giant said in a post on Friday. Storm-#### (previously DEV-####) is a temporary designation the Windows maker assigns to unknown, emerging, or developing groups whose identity or affiliation hasn't been definitively established yet. While there is no evidence that any customer data was accessed or compromised, the company noted the attacks "temporarily impacted availability" of some services. Redmond said it further observed the threat actor launching layer 7 DDoS attacks from multiple cloud services and open proxy infrastructures. This includes HTTP(S) flood attacks, which bombard the target services with aThe Hacker News
May 9, 2023
FBI seized 13 domains linked to DDoS-for-hire platforms Full Text
Abstract
The U.S. DoJ announced the seizure of 13 new domains associated with DDoS-for-hire platforms as part of Operation PowerOFF. The U.S. Justice Department announced the seizure of 13 domains linked to DDoS-for-hire services as part of a coordinated international...Security Affairs
April 28, 2023
DDoS Attacks on Israel’s Independence Day Take Down Websites of News Outlet, Government Authority Full Text
Abstract
The websites of major Israeli news outlet Maariv, sister publication of The Jerusalem Post, were taken offline on Wednesday. The Anonymous Sudan group also managed to take down the website of the Israel Ports Authority and the Meretz political party.Cyware
April 10, 2023
Hackers Flood NPM with Bogus Packages Causing a DoS Attack Full Text
Abstract
Threat actors are flooding the npm open source package repository with bogus packages that briefly even resulted in a denial-of-service (DoS) attack. "The threat actors create malicious websites and publish empty packages with links to those malicious websites, taking advantage of open-source ecosystems' good reputation on search engines," Checkmarx's Jossef Harush Kadouri said in a report published last week. "The attacks caused a denial-of-service (DoS) that made NPM unstable with sporadic 'Service Unavailable' errors." While similar campaigns were recently observed propagating phishing links, the latest wave pushed the number of package versions to 1.42 million, a dramatic uptick from the approximate 800,000 packages released on npm. The attack technique leverages the fact that open source repositories are ranked higher on search engine results to create rogue websites and upload empty npm modules with links to those sites in the README.The Hacker News
April 7, 2023
Pro-Russia Hacker Group Launches DDoS Attacks Against Finnish Parliament, Technical Research Center Full Text
Abstract
NoName057(16) reportedly claimed it was behind DoS attacks against the Finnish parliament’s website on Tuesday, the day the country joined NATO. The country’s Technical Research Centre of Finland was also hacked, according to Finnish news site, YLE.Cyware
April 3, 2023
German Police Raid DDoS-Friendly Host ‘FlyHosting’ – Krebs on Security Full Text
Abstract
News of a raid on FlyHosting first surfaced Thursday in a Telegram chat channel that is frequented by people interested or involved in the DDoS-for-hire industry, where a user by the name Dstatcc broke the news to Fly Hosting customers.Cyware
March 29, 2023
Killnet and AnonymousSudan DDoS attack Australian University websites; Threaten More Attacks Full Text
Abstract
As seen with past attacks from this group, these most recent attacks do not seem to be originating from a single botnet, and the attack methods and sources seem to vary, suggesting the involvement of multiple individual threat actors.Cyware
March 21, 2023
New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers Full Text
Abstract
Poorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of a malware called ShellBot. "ShellBot, also known as PerlBot , is a DDoS Bot malware developed in Perl and characteristically uses IRC protocol to communicate with the C&C server," AhnLab Security Emergency response Center (ASEC) said in a report. ShellBot is installed on servers that have weak credentials, but only after threat actors make use of scanner malware to identify systems that have SSH port 22 open. A list of known SSH credentials is used to initiate a dictionary attack to breach the server and deploy the payload, after which it leverages the Internet Relay Chat ( IRC ) protocol to communicate with a remote server. This encompasses the ability to receive commands that allows ShellBot to carry out DDoS attacks and exfiltrate harvested information. ASEC said it identified three different ShellBot versions – LiGhT's Modded perlbot v2, DDoSThe Hacker News
March 9, 2023
Akamai mitigated a record-breaking DDoS attack that peaked 900Gbps Full Text
Abstract
Akamai has mitigated the largest DDoS (distributed denial of service) attack ever, which peaked at 900.1 gigabits per second. Akamai reported that on February 23, 2023, at 10:22 UTC, it mitigated the largest DDoS attack ever. The attack...Security Affairs
February 22, 2023
Gcore Thwarts Massive 650 Gbps DDoS Attack on Free Plan Client Full Text
Abstract
At the beginning of January, Gcore faced an incident involving several L3/L4 DDoS attacks with a peak volume of 650 Gbps. Attackers exploited over 2000 servers belonging to one of the top three cloud providers worldwide and targeted a client who was using a free CDN plan. However, due to Gcore's distribution of infrastructure and a large number of peering partners, the attacks were mitigated, and the client's web application remained available. Why was mitigating these attacks so significant? 1. These attacks were significant because they exceeded the average bandwidth of similar attacks by 60×. The performed attacks relate to volume-based attacks targeted to saturate the attacked application's bandwidth in order to overflow it. Measuring total volume (bps)—rather than the number of requests—is the way these attacks are usually tabulated. The average bandwidth of this attack type is generally in the tens of Gbps (about 10 Gbps). Therefore, the specified attacks (at 650 Gbps) exceeThe Hacker News
February 17, 2023
German airport websites hit by DDos attacks once again Full Text
Abstract
Experts are investigating the failures of several German airports after some media attributed them to a possible hacking campaign. On Thursday, the websites of several German airports were unreachable, experts launched an investigation speculating...Security Affairs
February 14, 2023
The Tor network hit by wave of DDoS attacks for at least 7 months Full Text
Abstract
Tor Project maintainers revealed that for at least 7 months, the Tor network was hit by several different waves of ongoing DDoS attacks. During the last months Tor users have experienced Tor network performance issues lately, Tor Project maintainers...Security Affairs
February 14, 2023
Cloudflare blocked record-breaking 71 million request-per-second DDoS attack Full Text
Abstract
Cloudflare mitigated a record distributed denial-of-service (DDoS) that reached 71 Million requests per second. Cloudflare announced it has mitigated a record hyper-volumetric distributed denial-of-service (DDoS) attack that peaked at over 71 million...Security Affairs
February 13, 2023
Pro-Russia hacker group Killnet targets NATO websites with DDoS attacks Full Text
Abstract
Pro-Russia hacker group Killnet launched a Distributed Denial of Service (DDoS) attack on NATO servers, including the NATO Special Operations Headquarters (NSHQ) website. Pro-Russia hacker group Killnet launched a Distributed Denial of Service (DDoS)...Security Affairs
February 1, 2023
Pro-Russian DDoS attacks raise alarm in Denmark, U.S. Full Text
Abstract
Since Russia began its invasion of Ukraine 11 months ago, hacking groups like Killnet and NoName057 have targeted an array of government institutions, businesses, and organizations across Europe and the United States.Cyware
January 31, 2023
Pro-Russia group Killnet targets US healthcare with DDoS attacks Full Text
Abstract
The Pro-Russia group Killnet is launching a series of DDoS attacks against the websites of US healthcare organizations and hospitals. The Pro-Russia group Killnet launched a series of DDoS attacks against US healthcare organizations and hospitals....Security Affairs
January 14, 2023
Pro-Russian Group DDoS-ing Governments, Critical Infrastructure in Ukraine, NATO Countries Full Text
Abstract
A Pro-Russian cybercrime group named NoName057(16) is actively launching distributed denial-of-service (DDoS) attacks against organizations in Ukraine and NATO countries.Cyware
January 9, 2023
Serbian Government Reports ‘Massive DDoS Attack’ Amid Heightened Tensions in Balkans Full Text
Abstract
The Serbian government announced on Saturday that the website and IT infrastructure of its Ministry of Internal Affairs had been hit by several “massive” distributed denial-of-service (DDoS) attacks.Cyware
December 28, 2022
81% Increase in Large-Volume DDoS Attacks Full Text
Abstract
DDoS attacks, although frequent, are generally low volume, with the average DDoS attack reaching only 240,000 RPS. Large-volume attacks make up less than 1% of total DDoS.Cyware
December 16, 2022
Microsoft warns of new Minecraft DDoS malware infecting Windows, Linux Full Text
Abstract
A new cross-platform malware botnet named 'MCCrash' is infecting Windows, Linux, and IoT devices to conduct distributed denial of service attacks on Minecraft servers.BleepingComputer
December 15, 2022
How Gcore uses regular expressions to block DDoS attacks Full Text
Abstract
In DDoS Protection, Gcore uses the bundle of XDP and regular expressions (regex). This article will explain why Gcore started using this solution (regex in XDP) and how they bound them via a third-party engine and API development.BleepingComputer
December 6, 2022
Russia’s second-largest bank VTB Bank under DDoS attack Full Text
Abstract
Russia's second-largest bank VTB Bank reveals it is facing the largest DDoS (distributed denial of service) attack in its history. State-owned VTB Bank, the second-largest financial institution in Russia, says it is facing the largest DDoS (distributed...Security Affairs
December 06, 2022
Massive DDoS attack takes Russia’s second-largest bank VTB offline Full Text
Abstract
Russia's second-largest financial institution VTB Bank says it is facing the worse cyberattack in its history after its website and mobile apps were taken offline due to an ongoing DDoS (distributed denial of service) attack.BleepingComputer
November 23, 2022
Pro-Russian group Killnet claims responsibility for DDoS attack that has taken down the European Parliament site Full Text
Abstract
Pro-Russian hacker collective Killnet took down the European Parliament website with a DDoS cyberattack. The Pro-Russia group of hacktivists Killnet claimed responsibility for the DDoS attack that today took down the website of the European Parliament...Security Affairs
November 23, 2022
Pro-Russian hacktivists take down EU Parliament site in DDoS attack Full Text
Abstract
The website of the European Parliament has been taken down following a DDoS (Distributed Denial of Service) attack claimed by Anonymous Russia, part of the pro-Russian hacktivist group Killnet.BleepingComputer
November 16, 2022
Pro-Russian Hacker Group KillNet Claims DDoS Attack on FBI Website Full Text
Abstract
A pro-Russian hacking group claimed responsibility Monday for a denial-of-service attack against FBI websites, marking the latest in a series of nuisance attacks launched against a seemingly capricious and global set of targets.Bank Info Security
November 16, 2022
Warning: New RapperBot Campaign Aims to Launch DDoS Attacks at Game Servers Full Text
Abstract
Cybersecurity researchers have unearthed new samples of malware called RapperBot that are being used to build a botnet capable of launching Distributed Denial of Service (DDoS) attacks against game servers. "In fact, it turns out that this campaign is less like RapperBot than an older campaign that appeared in February and then mysteriously disappeared in the middle of April," Fortinet FortiGuard Labs researchers Joie Salvio and Roy Tay said in a Tuesday report. RapperBot, which was first documented by the network security firm in August 2022, is known to exclusively brute-force SSH servers configured to accept password authentication . The nascent malware is heavily inspired by the Mirai botnet , whose source code leaked in October 2016, leading to the rise of several variants. What's notable about the updated version of RapperBot is its ability to perform Telnet brute-force, in addition to supporting DoS attacks using the Generic Routing Encapsulation ( GREThe Hacker News
November 10, 2022
Mississippi election websites knocked out by DDoS attack Full Text
Abstract
Several Mississippi state websites were knocked offline during Tuesday’s midterm election in what was the most significant digital disruption of the day, though a federal official warned that more could be on the way as ballots are counted.The Record
November 1, 2022
The New Fodcha DDoS Botnet Adds Extortion Feature to its Arsenal Full Text
Abstract
A new version of the Fodcha DDoS botnet delivers ransom demands directly within DDoS packets used against victims’ networks, revealed Netlab 360. The latest Fodcha version 4 now uses encryption to establish communication with the C2 server and relies on 42 C2 domains to operate 60,000 active bot no ... Read MoreCyware Alerts - Hacker News
October 31, 2022
Fodcha DDoS Botnet Resurfaces with New Capabilities Full Text
Abstract
The threat actor behind the Fodcha distributed denial-of-service (DDoS) botnet has resurfaced with new capabilities, researchers reveal. This includes changes to its communication protocol and the ability to extort cryptocurrency payments in exchange for stopping the DDoS attack against a target, Qihoo 360's Network Security Research Lab said in a report published last week. Fodcha first came to light earlier this April, with the malware propagating through known vulnerabilities in Android and IoT devices as well as weak Telnet or SSH passwords. The cybersecurity company said that Fodcha has evolved into a large-scale botnet with over 60,000 active nodes and 40 command-and-control (C2) domains that can "easily generate more than 1 Tbps traffic." Peak activity is said to have occurred on October 11, 2022, when the malware targeted 1,396 devices in a single day. The top countries singled out by the botnet since late June 2022 comprises China, the U.S., Singapore,The Hacker News
October 27, 2022
Fodcha DDoS botnet reaches 1Tbps in power, injects ransoms in packets Full Text
Abstract
A new version of the Fodcha DDoS botnet has emerged, featuring ransom demands embedded in packets and new features to evade detection of its infrastructure.BleepingComputer
October 13, 2022
Cloudflare blocked a 2.5 Tbps DDoS attack aimed at the Minecraft server Full Text
Abstract
Cloudflare mitigated a record distributed denial-of-service (DDoS) attack against Wynncraft, one of the largest Minecraft servers. Cloudflare announced it has mitigated a record distributed denial-of-service (DDoS) attack against Wynncraft, one of the largest...Security Affairs
October 13, 2022
Russian DDoS attack project pays contributors for more firepower Full Text
Abstract
A pro-Russian group created a crowdsourced project called 'DDOSIA' that pays volunteers launching distributed denial-of-service (DDOS) attacks against western entities.BleepingComputer
October 13, 2022
Cloudflare mitigated record DDoS attack against Minecraft server Full Text
Abstract
Wynncraft, one of the largest Minecraft servers, was recently hit by a 2.5 Tbps distributed denial-of-service (DDoS) attack.BleepingComputer
October 12, 2022
What Shaped the DDoS Landscape so Far this Year? Full Text
Abstract
Today, we take a look at the new DDoS trends formed this year as the geopolitical situation in Eastern Europe continue to shape the nature and intensity of DDoS attacks. The first half of the year has witnessed multiple attacks on financial and government institutions. Last month, the LockBit ranso ... Read MoreCyware Alerts - Hacker News
September 21, 2022
Imperva blocked a record DDoS attack with 25.3 billion requests Full Text
Abstract
Cybersecurity company Imperva announced to have mitigated a distributed denial-of-service (DDoS) attack with a total of over 25.3 billion requests. Cybersecurity firm Imperva mitigated a DDoS attack with over 25.3 billion requests on June 27, 2022....Security Affairs
September 21, 2022
Record DDoS Attack with 25.3 Billion Requests Abused HTTP/2 Multiplexing Full Text
Abstract
Cybersecurity company Imperva has disclosed that it mitigated a distributed denial-of-service (DDoS) attack with a total of over 25.3 billion requests on June 27, 2022. The "strong attack," which targeted an unnamed Chinese telecommunications company, is said to have lasted for four hours and peaked at 3.9 million requests per second (RPS). "Attackers used HTTP/2 multiplexing, or combining multiple packets into one, to send multiple requests at once over individual connections," Imperva said in a report published on September 19. The attack was launched from a botnet that comprised nearly 170,000 different IP addresses spanning routers, security cameras, and compromised servers located in more than 180 countries, primarily the U.S., Indonesia, and Brazil. The disclosure also comes as web infrastructure provider Akamai said it fielded a new DDoS assault aimed at a customer based in Eastern Europe on September 12, with attack traffic spiking at 704.8 million pThe Hacker News
September 20, 2022
Imperva mitigated long-lasting, 25.3 billion request DDoS attack Full Text
Abstract
Internet security company Imperva has announced its DDoS (distributed denial of service) mitigation solution has broken a new record, defending against a single attack that sent over 25.3 billion requests to one of its customers.BleepingComputer
September 15, 2022
Akamai mitigated a new record-breaking DDoS attack against a Europen customer Full Text
Abstract
Akamai announced to have recently blocked a new record-breaking distributed denial-of-service (DDoS) attack. On Monday, September 12, 2022, Akamai mitigated the largest DDoS attack ever that hit one of its European customers. The malicious traffic...Security Affairs
September 15, 2022
Akamai stopped new record-breaking DDoS attack in Europe Full Text
Abstract
A new distributed denial-of-service (DDoS) attack that took place on Monday, September 12, has broken the previous record that Akamai recorded recently in July.BleepingComputer
September 8, 2022
Multiple ransomware data leak sites experience DDoS attacks, facing intermittent outages and connectivity issues Full Text
Abstract
Since August 20, Cisco Talos has been monitoring suspected DDoS attacks resulting in intermittent downtime and outages affecting several ransomware-as-a-service (RaaS) data leak sites.Cisco Talos
September 07, 2022
Ransomware gang’s Cobalt Strike servers DDoSed with anti-Russia messages Full Text
Abstract
Someone is flooding Cobalt Strike servers operated by former members of the Conti ransomware gang with anti-Russian messages to disrupt their activity.BleepingComputer
August 29, 2022
Kiwi Farms Goes Offline amid DDoS Attack and Hosting Issues Full Text
Abstract
Kiwi Farms is a website that hosts user-generated content and discussion forums. The site has been accused of doxing, harassment, and cyberbullying. Kiwi Farms has been banned from several social media platforms and domain providers.Hackread
August 23, 2022
Lockbit leak sites hit by mysterious DDoS attack after Entrust hack Full Text
Abstract
LockBit ransomware gang claims to have hacked the IT giant Entrust and started leaking the stolen files. Entrust Corp., provides software and hardware used to issue financial cards, e-passport production, user authentication for those looking to access...Security Affairs
August 22, 2022
LockBit ransomware blames Entrust for DDoS attacks on leak sites Full Text
Abstract
The LockBit ransomware operation's data leak sites have been shut down over the weekend due to a DDoS attack telling them to remove Entrust's allegedly stolen data.BleepingComputer
August 19, 2022
Google Cloud Blocks Record DDoS attack of 46 Million Requests Per Second Full Text
Abstract
Google's cloud division on Thursday disclosed it mitigated a series of HTTPS distributed denial-of-service (DDoS) attacks which peaked at 46 million requests per second (RPS), making it the largest such recorded to date. The attack, which occurred on June 1, targeting an unnamed Google Cloud Armor customer, is 76% larger than the 26 million RPS DDoS attack repealed by Cloudflare earlier this June. "To give a sense of the scale of the attack, that is like receiving all the daily requests to Wikipedia (one of the top 10 trafficked websites in the world) in just 10 seconds," Google Cloud's Emil Kiner and Satya Konduru said . It's said to have started around 9:45 a.m. PT with 10,000 RPS, before growing to 100,000 RPS eight minutes later and further ramping up within two minutes to hit a high of 46 million RPS at 10:18 a.m. PT. In all, the DDoS assault lasted for a total of 69 minutes. Google said that the unexpectedly high volume of traffic originated from 5The Hacker News
August 18, 2022
Google blocked the largest Layer 7 DDoS reported to date Full Text
Abstract
Google announced to have blocked the largest ever HTTPs DDoS attack, which reached 46 million requests per second (RPS). Google announced to have blocked the largest ever HTTPs DDoS attack that hit one of its Cloud Armor customers. The IT giant revealed...Security Affairs
August 18, 2022
Google blocks largest HTTPS DDoS attack ‘reported to date’ Full Text
Abstract
A Google Cloud Armor customer was hit with a distributed denial-of-service (DDoS) attack over the HTTPS protocol that reached 46 million requests per second (RPS), making it the largest ever recorded of its kind.BleepingComputer
August 15, 2022
Malicious PyPi packages aim DDoS attacks at Counter-Strike servers Full Text
Abstract
A dozen malicious Python packages were uploaded to the PyPi repository this weekend in a typosquatting attack that performs DDoS attacks on a Counter-Strike 1.6 server.BleepingComputer
August 12, 2022
Palo Alto Networks: New PAN-OS DDoS flaw exploited in attacks Full Text
Abstract
Palo Alto Networks has issued a security advisory warning of an actively exploited high-severity vulnerability impacting PAN-OS, the operating system used by the company's networking hardware products.BleepingComputer
August 11, 2022
Palo Alto Networks warns of Reflected Amplification DoS issue in PAN-OS Full Text
Abstract
Palo Alto Networks devices running the PAN-OS are abused to launch reflected amplification denial-of-service (DoS) attacks. Threat actors are exploiting a vulnerability, tracked as CVE-2022-0028 (CVSS score of 8.6), in Palo Alto Networks devices...Security Affairs
August 11, 2022
Palo Alto Networks Firewalls Targeted for Reflected, Amplified DDoS Attacks Full Text
Abstract
Palo Alto Networks is working on fixes for a reflected amplification denial-of-service (DoS) vulnerability that impacts PAN-OS, the platform powering its next-gen firewalls.Security Week
August 4, 2022
Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visit Full Text
Abstract
Taiwan government websites were temporarily forced offline by cyber attacks during the visit to Taipei of US House Speaker Nancy Pelosi. Major Taiwan government websites were temporarily forced offline by distributed denial of service (DDoS) attacks...Security Affairs
August 2, 2022
Taiwanese Websites Hit with DDoS Attacks Just Prior to Nancy Pelosi Visit Full Text
Abstract
The attacks hit at least four websites — those of President Tsai Ing-wen, the National Defense Ministry, the Foreign Affairs Ministry and the country’s largest airport, Taiwan Taoyuan International.NBC News
July 28, 2022
Akamai blocked the largest DDoS attack ever on its European customers Full Text
Abstract
This month Akamai blocked the largest distributed denial-of-service (DDoS) attack that hit an organization in Europe. On July 21, 2022, Akamai mitigated the largest DDoS attack that ever hit one of its European customers. The attack hit an Akamai...Security Affairs
July 28, 2022
Akamai blocked largest DDoS in Europe against one of its customers Full Text
Abstract
The largest distributed denial-of-service (DDoS) attack that Europe has ever seen occurred earlier this month and hit an organization in Eastern Europe.BleepingComputer
July 27, 2022
DDoS Attack Trends in 2022: Ultrashort, Powerful, Multivector Attacks Full Text
Abstract
The political situation in Europe and the rest of the world has degraded dramatically in 2022. This has affected the nature, intensity, and geography of DDoS attacks, which have become actively used for political purposes. Find out more in this summary of G-Core Lab's latest DDoS Trends report.BleepingComputer
July 14, 2022
Mantis Botnet Behind the Largest HTTPS DDoS Attack Targeting Cloudflare Customers Full Text
Abstract
The botnet behind the largest HTTPS distributed denial-of-service (DDoS) attack in June 2022 has been linked to a spate of attacks aimed at nearly 1,000 Cloudflare customers. Calling the powerful botnet Mantis , the web performance and security company attributed it to more than 3,000 HTTP DDoS attacks against its users. The most attacked industry verticals include internet and telecom, media, gaming, finance, business, and shopping, of which over 20% of the attacks targeted U.S.-based companies, followed by Russia, Turkey, France, Poland, Ukraine, the U.K., Germany, the Netherlands, and Canada. Last month, the company said it mitigated a record-breaking DDoS attack aimed at an unnamed customer website using its Free plan that peaked at 26 million requests per second (RPS), with each node generating approximately 5,200 RPS. The tsunami of junk traffic lasted less than 30 seconds and generated more than 212 million HTTPS requests from more than 1,500 networks in 121 countries,The Hacker News
July 14, 2022
Mantis botnet powered the largest HTTPS DDoS attack in June Full Text
Abstract
The largest HTTPS DDoS attack recently mitigated by Cloudflare was launched by the Mantis botnet. In June 2022, DDoS mitigation firm Cloudflare announced it has mitigated the largest HTTPS DDoS attack that was launched by a botnet they have called...Security Affairs
July 1, 2022
Pro-Russian hackers launched a massive DDoS attack against Norway Full Text
Abstract
Norway's National Security Authority (NSM) confirmed that a DDoS attack took down some of the country's most important websites. Norway's National Security Authority (NSM) confirmed that some of the country's most important websites and online services...Security Affairs
June 30, 2022
Russian hacktivists take down Norway govt sites in DDoS attacks Full Text
Abstract
Norway's National Security Authority (NSM) published a statement yesterday warning that some of the country's most important websites and online services are being rendered inaccessible due to distributed denial of service (DDoS) attacks.BleepingComputer
June 23, 2022
Lithuania warns of rise in DDoS attacks against government sites Full Text
Abstract
The National Cyber Security Center (NKSC) of Lithuania has issued a public warning about a steep increase in distributed denial of service (DDoS) attacks directed against public authorities in the country.BleepingComputer
June 14, 2022
Cloudflare Saw Record-Breaking DDoS Attack Peaking at 26 Million Request Per Second Full Text
Abstract
Cloudflare on Tuesday disclosed that it had acted to prevent a record-setting 26 million request per second (RPS) distributed denial-of-service (DDoS) attack last week, making it the largest HTTPS DDoS attack detected to date. The web performance and security company said the attack was directed against an unnamed customer website using its Free plan and emanated from a "powerful" botnet of 5,067 devices, with each node generating approximately 5,200 RPS at peak. The botnet is said to have created a flood of more than 212 million HTTPS requests within less than 30 seconds from over 1,500 networks in 121 countries, including Indonesia, the U.S., Brazil, Russia, and India. Roughly 3% of the attack came through Tor nodes. The attack "originated mostly from Cloud Service Providers as opposed to Residential Internet Service Providers, indicating the use of hijacked virtual machines and powerful servers to generate the attack — as opposed to much weaker Internet of ThingsThe Hacker News
June 14, 2022
Owner of ‘DownThem’ DDoS service gets 2 years in prison Full Text
Abstract
Matthew Gatrel, 33, a citizen of Illinois, has been sentenced to two years in prison for operating platforms offering DDoS (distributed denial of service) services to subscribers.BleepingComputer
June 14, 2022
Cloudflare mitigates record-breaking HTTPS DDoS attack Full Text
Abstract
Internet infrastructure firm Cloudflare said today that it mitigated a 26 million request per second distributed denial-of-service (DDoS) attack, the largest HTTPS DDoS attack detected to date.BleepingComputer
June 1, 2022
Gamaredon Prepares for Next Wave of DDoS Attacks Full Text
Abstract
Researchers reported a wave of DDoS attacks by the Russian Gamaredon APT group. Also, criminals have open-sourced code of a DDoS trojan called LOIC. Besides, experts observed attackers launch multiple attacks, such as phishing campaigns and malware attacks. Organizations are suggested to stay ... Read MoreCyware Alerts - Hacker News
May 30, 2022
Italy warns organizations to brace for incoming DDoS attacks Full Text
Abstract
The Computer Security Incident Response Team in Italy issued an urgent alert yesterday to raise awareness about the high risk of cyberattacks against national bodies and organizations on Monday.BleepingComputer
May 25, 2022
Pro-Iran Group ALtahrea Hits Port of London Website by DDoS Attack Full Text
Abstract
The Port of London Authority/PLA has become the latest victim of a cyberattack that caused the forced shut down of its website, the company confirmed on Tuesday, May 24th.Hackread
May 21, 2022
The activity of the Linux XorDdos bot increased by 254% over the last six months Full Text
Abstract
XorDdos leverages persistence mechanisms, efficient evasion, and anti-forensic techniques, including obfuscating the malware’s activities, evading rule-based detection mechanisms, and hash-based malicious file lookup.Security Affairs
May 20, 2022
Russian Sberbank says it’s facing massive waves of DDoS attacks Full Text
Abstract
Sberbank's vice president and director of cybersecurity, Sergei Lebed, has told participants of the Positive Hack Days forum that the company is going through a period of unprecedented targeting by hackers.BleepingComputer
May 14, 2022
The LEGION collective calls to action to attack the final of the Eurovision song contest Full Text
Abstract
The Pro-Russian volunteer movement known as LEGION is calling to launch DDoS attacks against the final of the Eurovision song contest. The LEGION is a Pro-Russian volunteer movement that focuses on DDOS attacks. The group made the headlines for attacks...Security Affairs
May 13, 2022
Italian CERT: Hacktivists hit govt sites in ‘Slow HTTP’ DDoS attacks Full Text
Abstract
Italy's Computer Security Incident Response Team (CSIRT) has published an announcement about the recent DDoS attacks that key sites in the country suffered in the last couple of days.BleepingComputer
May 4, 2022
Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites Full Text
Abstract
Pro-Ukraine hackers are using Docker images to launch distributed denial-of-service (DDoS) attacks against a dozen Russian and Belarusian websites. Pro-Ukraine hackers, likely linked to Ukraine IT Army, are using Docker images to launch...Security Affairs
May 01, 2022
A YouTuber is promoting DDoS attacks on Russia — how legal is this? Full Text
Abstract
A YouTube influencer with hundreds of thousands of subscribers is encouraging everyone to conduct cyber warfare against Russia. How risky is it and can you get in trouble?BleepingComputer
April 30, 2022
Pro-Russian group Killnet launched DDoS attacks on Romanian govt sites Full Text
Abstract
A series of DDoS attacks launched by Russian hacktivists are targeting several Romanian government websites. The Romanian national cyber security and incident response team, DNSC, warns of a series of distributed denial-of-service (DDoS) attacks targeting...Security Affairs
April 29, 2022
Ongoing DDoS attacks from compromised sites hit Ukraine Full Text
Abstract
Ukraine CERT-UA warns of ongoing DDoS attacks targeting pro-Ukraine sites and the government web portal. Ukraine 's computer emergency response team (CERT-UA) announced that it is investigating, along with the National Bank of Ukraine (CSIRT-NBU),...Security Affairs
April 29, 2022
Russian hacktivists launch DDoS attacks on Romanian govt sites Full Text
Abstract
The Romanian national cyber security and incident response team, DNSC, has issued a statement about a series of distributed denial-of-service (DDoS) attacks targeting several public websites managed by the state entities.BleepingComputer
April 28, 2022
CloudFlare blocked a record HTTPs DDoS attack peaking at 15 rps Full Text
Abstract
Cloudflare has mitigated a distributed denial-of-service (DDoS) attack that peaked at 15.3 million request-per-second (RPS). Cloudflare announced to have mitigated a distributed denial-of-service (DDoS) attack that peaked at 15.3 million request-per-second...Security Affairs
April 28, 2022
Multi-Vector DDoS Attacks Surge Full Text
Abstract
According to Kaspersky, there has been a 46% rise in the number of attacks. The U.S. accounted for the most number of targets at 45.01%, followed by China (9.34%) and Germany (4.95%).Cyware Alerts - Hacker News
April 28, 2022
Ukraine targeted by DDoS attacks from compromised WordPress sites Full Text
Abstract
Ukraine's computer emergency response team (CERT-UA) has published an announcement warning of ongoing DDoS (distributed denial of service) attacks targeting pro-Ukraine sites and the government web portal.BleepingComputer
April 28, 2022
Cloudflare detects one of the largest DDoS attacks on record targeting crypto platform Full Text
Abstract
According to Cloudflare, the attack, which lasted less than 15 seconds, was launched from a botnet of approximately 6,000 unique bots and originated from 112 countries around the world.The Record
April 12, 2022
Ransom DDoS attacks have dropped to record lows this year Full Text
Abstract
Extortion denial-of-service activity, the so-called RDDoS (ransom distributed denial-of-service) attacks have taken a tumble in the first quarter of the year, according to recent statistics from Cloudflare.BleepingComputer
April 9, 2022
A DDoS attack took down Finnish govt sites as Ukraine’s President addresses MPs Full Text
Abstract
A massive DDoS attack took down Finnish government websites while Ukrainian President Zelenskyy addressed Finland's members of parliament (MPs). On April 8, a denial-of-service attack took down the websites of the Finnish ministries of Defense and Foreign...Security Affairs
April 04, 2022
Beastmode DDoS Botnet Exploiting New TOTOLINK Bugs to Enslave More Routers Full Text
Abstract
A variant of the Mirai botnet called Beastmode has been observed adopting newly disclosed vulnerabilities in TOTOLINK routers between February and March 2022 to infect unpatched devices and expand its reach potentially. "The Beastmode (aka B3astmode) Mirai-based DDoS campaign has aggressively updated its arsenal of exploits," Fortinet's FortiGuard Labs Research team said . "Five new exploits were added within a month, with three targeting various models of TOTOLINK routers." The list of exploited vulnerabilities in TOTOLINK routers is as follows - CVE-2022-26210 (CVSS score: 9.8) - A command injection vulnerability that could be exploited to gain arbitrary code execution CVE-2022-26186 (CVSS score: 9.8) - A command injection vulnerability affecting TOTOLINK N600R and A7100RU routers, and CVE-2022-25075 to CVE-2022-25084 (CVSS scores: 9.8) - A command injection vulnerability impacting multiple TOTOLINK routers, leading to code execution The other eThe Hacker News
March 29, 2022
Compromised WordPress sites launch DDoS on Ukrainian websites Full Text
Abstract
Threat actors compromised WordPress sites to deploy a script that was used to launch DDoS attacks, when they are visited, on Ukrainian websites. MalwareHunterTeam researchers discovered the malicious script on a compromised WordPress site, when the users...Security Affairs
March 28, 2022
Hacked WordPress sites force visitors to DDoS Ukrainian targets Full Text
Abstract
Hackers are compromising WordPress sites to insert a malicious script that uses visitors' browsers to perform distributed denial-of-service attacks on Ukrainian websites.BleepingComputer
March 16, 2022
OpenSSL cert parsing bug causes infinite denial of service loop Full Text
Abstract
OpenSSL has released a security update to address a vulnerability in the library that, if exploited, activates an infinite loop function and leads to denial of service conditions.BleepingComputer
March 14, 2022
Hacker Planned Terabytes of DDoS Traffic Using a Single Packet Full Text
Abstract
Researchers from a number of organizations confirmed that attackers have been exploiting Mitel enterprise collaboration products to amplify DDoS attacks by 4 billion times from a single packet. The exploitation of the flaw began on February 18 and mainly reflected onto ports 80 and 443. Those ... Read MoreCyware Alerts - Hacker News
March 12, 2022
Attackers Created Terabytes of DDoS Attack Traffic Using a Single Packet Full Text
Abstract
Researchers from a number of organizations confirmed that attackers have been exploiting Mitel enterprise collaboration products to amplify DDoS attacks by 4 billion times from a single packet. The researchers recommend updating the systems with the latest patches. Additionally, Mitel users can det ... Read MoreCyware Alerts - Hacker News
March 10, 2022
Crooks target Ukraine’s IT Army with a tainted DDoS tool Full Text
Abstract
Threat actors are spreading password-stealing malware disguised as a security tool to target Ukraine's IT Army. Cisco Talos researchers have uncovered a malware campaign targeting Ukraine's IT Army, threat actors are using infostealer malware mimicking...Security Affairs
March 09, 2022
Hackers Abuse Mitel Devices to Amplify DDoS Attacks by 4 Billion Times Full Text
Abstract
Threat actors have been observed abusing a high-impact reflection/amplification method to stage sustained distributed denial-of-service (DDoS) attacks for up to 14 hours with a record-breaking amplification ratio of 4,294,967,296 to 1. The attack vector – dubbed TP240PhoneHome ( CVE-2022-26143 ) – has been weaponized to launch significant DDoS attacks targeting broadband access ISPs, financial institutions, logistics companies, gaming firms, and other organizations. "Approximately 2,600 Mitel MiCollab and MiVoice Business Express collaboration systems acting as PBX-to-Internet gateways were incorrectly deployed with an abusable system test facility exposed to the public Internet," Akamai researcher Chad Seaman said in a joint advisory . "Attackers were actively leveraging these systems to launch reflection/amplification DDoS attacks of more than 53 million packets per second (PPS)." DDoS reflection attacks typically involve spoofing the IP address of a vicThe Hacker News
March 9, 2022
Attackers Exploit Flaw in Mitel Systems to Launch Terabyte Scale DDoS Attack in the Wild Full Text
Abstract
The flaw resides in around 2,600 incorrectly provisioned Mitel MiCollab and MiVoice Business Express systems that act as PBX-to-internet gateways and have a test mode that should not be exposed to the internet.ZDNet
March 8, 2022
DDoS Attacks Fuel Pandemonium Full Text
Abstract
A threat actor launched an attack using DanaBot against the webmail server belonging to the Ukrainian Ministry of Defense. The malware was utilized to deploy another second-stage malware.Cyware Alerts - Hacker News
March 08, 2022
DDoS attacks now use new record-breaking amplification vector Full Text
Abstract
A new reflection/amplification DDoS vector has been spotted in the wild, offering threat actors a record-breaking amplification ratio of almost 4.3 billion to 1.BleepingComputer
March 7, 2022
Log4Shell Exploit Channelized to Launch DDoS and Cryptomining Attacks Full Text
Abstract
According to a report by Barracuda, the volume of attacks attempting to exploit the Log4Shell vulnerability remained relatively constant over the past two months. Mirai and its other versions appeared in most of the attacks that made use of the Log4Shell exploit.Cyware Alerts - Hacker News
March 05, 2022
Russia shares list of 17,000 IPs allegedly DDoSing Russian orgs Full Text
Abstract
The Russian government shared a list of 17,576 IP addresses allegedly used to launch distributed denial-of-service (DDoS) attacks targeting Russian organizations and their networks.BleepingComputer
March 4, 2022
These are the sources of DDoS attacks against Russia, local NCCC warns Full Text
Abstract
Russian government released a list containing IP addresses and domains behind DDoS attacks that hit Russian infrastructure after the invasion. While the conflict on the battlefield continues, hacktivists continue to target Russian infrastructure...Security Affairs
March 03, 2022
Russia Releases List of IPs, Domains Attacking Its Infrastructure with DDoS Attacks Full Text
Abstract
As the ongoing Russia-Ukraine conflict continues to escalate, the Russian government on Thursday released a massive list containing 17,576 IP addresses and 166 domains that it said are behind a series of distributed denial-of-service (DDoS) attacks aimed at its domestic infrastructure. Some of the noticeable domains in the listing released by Russia's National Coordination Center for Computer Incidents (NCCCI) included the U.S. Federal Bureau of Investigation (FBI), Central Intelligence Agency (CIA), and websites of several media publications such as the USA Today, 24News.ge, megatv.ge, and Ukraine's Korrespondent magazine. As part of its recommendations to counter the DDoS attacks, the agency is urging organizations to ringfence network devices, enable logging, change passwords associated with key infrastructure elements, turn off automatic software updates, disable third-party plugins on websites, enforce data backups, and watch out for phishing attacks. "Use RussThe Hacker News
March 3, 2022
Avast researchers warns against joining in DDoS attacks in aid of Ukraine Full Text
Abstract
These DDoS tools collect personal data that can make users identifiable, such as IP address, country code, city, location based on IP address, username, hardware configuration, and system language.Avast
March 02, 2022
Hackers Begin Weaponizing TCP Middlebox Reflection for Amplified DDoS Attacks Full Text
Abstract
Distributed denial-of-service (DDoS) attacks leveraging a new amplification technique called TCP Middlebox Reflection have been detected for the first time in the wild, six months after the novel attack mechanism was presented in theory. "The attack […] abuses vulnerable firewalls and content filtering systems to reflect and amplify TCP traffic to a victim machine, creating a powerful DDoS attack," Akamai researchers said in a report published Tuesday. "This type of attack dangerously lowers the bar for DDoS attacks, as the attacker needs as little as 1/75th (in some cases) the amount of bandwidth from a volumetric standpoint," the researchers added. A distributed reflective denial-of-service ( DRDoS ) is a form of distributed denial-of-service (DDoS) attack that relies on publicly accessible UDP servers and bandwidth amplification factors (BAFs) to overwhelm a victim's system with a high volume of UDP responses. In these attacks, the adversary sends aThe Hacker News
March 01, 2022
Content filtering devices abused for 65x DDoS amplification Full Text
Abstract
Researchers have identified an alarming new trend in DDoS attacks that target middlebox devices to attain enormous 6,533% amplification levels. With such an amplification level, threat actors can launch catastrophic attacks with limited bandwidth/equipment.BleepingComputer
February 23, 2022
Ukrainian government and banks once again hit by DDoS attacks Full Text
Abstract
The sites of several Ukrainian government agencies (including the Ministries of Foreign Affairs, Defense, and Internal Affairs, the Security Service, and the Cabinet of Ministers), and of the two largest state-owned banks are again targeted by Distributed Denial-of-Service (DDoS) attacks.BleepingComputer
February 18, 2022
White House pins Ukraine DDoS attacks on Russian GRU hackers Full Text
Abstract
Today, the White House has linked the recent DDoS attacks that knocked down the sites of Ukrainian banks and defense agencies to Russia's Main Directorate of the General Staff of the Armed Forces (also known as GRU).BleepingComputer
February 17, 2022
Ukrainian DDoS Attacks Should Put US on Notice–Researchers Full Text
Abstract
On Tuesday, institutions central to Ukraine’s military and economy were hit with denial-of-service (DoS) attacks. Impact was limited, but the ramifications are not.Threatpost
February 15, 2022
Ukrainian military agencies, state-owned banks hit by DDoS attacks Full Text
Abstract
The Ministry of Defense and the Armed Forces of Ukraine and two of the country's state-owned banks, Privatbank (Ukraine's largest bank) and Oschadbank (the State Savings Bank), are being hammered by Distributed Denial-of-Service (DDoS) attacks.BleepingComputer
February 15, 2022
Ukrainian military agencies, banks hit by DDoS attacks, defacements Full Text
Abstract
The Ministry of Defense and the Armed Forces of Ukraine and two of the country's state-owned banks, Privatbank (Ukraine's largest bank) and Oschadbank (the State Savings Bank), are being hammered by Distributed Denial-of-Service (DDoS) attacks.BleepingComputer
January 29, 2022
Microsoft Azure customer hit by 3.47 Tbps DDoS attack Full Text
Abstract
A Microsoft Azure cloud computing customer in Asia was a victim of a massive 3.47 Tbps DDoS attack (distributed denial of service attack) in November 2021, the software and technology giant Microsoft revealed.Hackread
January 27, 2022
Microsoft Mitigated Record-Breaking 3.47 Tbps DDoS Attack on Azure Customers Full Text
Abstract
Microsoft this week revealed that it had fended off a record number of distributed denial-of-service (DDoS) attacks aimed at its customers in 2021, three of which surpassed 2.4 terabit per second (Tbps). One of the DDoS attacks took place in November, targeting an unnamed Azure customer in Asia and lasted a total of 15 minutes. It hit a peak throughput of 3.47 Tbps and a packet rate of 340 million packets per second (pps), making it the largest attack ever reported in history. "This was a distributed attack originating from approximately 10,000 sources and from multiple countries across the globe, including the United States, China, South Korea, Russia, Thailand, India, Vietnam, Iran, Indonesia, and Taiwan," Alethea Toh, product manager of Azure Networking, said . DDoS attacks occur when several compromised devices are employed as a conduit to overwhelm a targeted server, service, or network with a flood of internet traffic with the goal of overloading the systems and dThe Hacker News
January 27, 2022
Microsoft mitigated a 3.47 Tbps DDoS attack, the largest one to date Full Text
Abstract
Microsoft announced to have mitigated a record 3.47 Tbps distributed denial of service (DDoS) attack targeting an Azure customer. Microsoft announced that its Azure DDoS protection platform has mitigated a record 3.47 Tbps attack...Security Affairs
January 27, 2022
Microsoft mitigated a record 3.47 Tbps DDoS attack on Azure users Full Text
Abstract
Microsoft says its Azure DDoS protection platform mitigated a massive 3.47 terabits per second (Tbps) distributed denial of service (DDoS) attack targeting an Azure customer from Asia in November.BleepingComputer
January 26, 2022
Nobel Foundation site hit by DDoS attack on award day Full Text
Abstract
The Nobel Foundation and the Norwegian Nobel Institute have disclosed a cyber-attack that unfolded during the award ceremony on December 10, 2021.BleepingComputer
January 24, 2022
New DDoS IRC Bot Spreads Through Korean WebHard Full Text
Abstract
Researchers have uncovered details about a new malicious IRC bot, programmed in Golang, that is being used to launch DDoS attacks against Korean users. Attackers are distributing the malware via file-sharing websites such as Korean WebHards. It is recommended to stay alert when downloading files fr ... Read MoreCyware Alerts - Hacker News
January 19, 2022
New DDoS IRC Bot distributed through Korean webHard platforms Full Text
Abstract
Researchers spotted an IRC bot written in GoLang that is being used to carry out DDoS attacks targeting users in Korea. Researchers from AhnLab's Security Emergency-response Center (ASEC) spotted an IRC bot written in GoLang that is being used...Security Affairs
January 18, 2022
DDoS IRC Bot Malware Spreading Through Korean WebHard Platforms Full Text
Abstract
An IRC (Internet Relay Chat) bot strain programmed in GoLang is being used to launch distributed denial-of-service (DDoS) attacks targeting users in Korea. "The malware is being distributed under the guise of adult games," researchers from AhnLab's Security Emergency-response Center (ASEC) said in a new report published on Wednesday. "Additionally, the DDoS malware was installed via downloader and UDP RAT was used." The attack works by uploading the malware-laced games to webhards, which refers to a web hard drive or a remote file hosting service, in the form of compressed ZIP archives that, when opened, includes an executable ("Game_Open.exe") that's orchestrated to run a malware payload aside from launching the actual game. This payload, a GoLang-based downloader, establishes connections with a remote command-and-control (C&C) server to retrieve additional malware, including an IRC bot that can perform DDoS attacks. "It is aThe Hacker News
January 10, 2022
Extortion DDoS attacks grow stronger and more common Full Text
Abstract
The end of 2021 saw a rise in the number of distributed denial-of-service incidents that came with a ransom demand from the attackers to stop the assault.BleepingComputer
January 08, 2022
Rapid window title changes cause ‘white screen of death’ Full Text
Abstract
Experimentation with ANSI escape characters on terminal emulators has led to the discovery of multiple high-severity DoS (denial of service) vulnerabilities on Windows terminals and Chrome-based web browsers.BleepingComputer
January 3, 2022
‘doorLock’ – A persistent denial of service flaw affecting iOS 15.2 – iOS 14.7 Full Text
Abstract
Expert found a new persistent DoS vulnerability, dubbed 'doorLock,' affecting the Apple HomeKit in iOS 14.7 through 15.2. Security researchers Trevor Spiniolas discovered a new persistent DoS vulnerability, dubbed 'doorLock,' affecting the Apple...Security Affairs
December 18, 2021
Upgraded to log4j 2.16? Surprise, there’s a 2.17 fixing DoS Full Text
Abstract
Yesterday, BleepingComputer summed up all the log4j and logback CVEs known thus far. Ever since the critical log4j zero-day saga began last week, security experts have time and time again recommended version 2.16 as the safest release to be on. That changes today with version 2.17.0 out that fixes CVE-2021-45105, a DoS vulnerability.BleepingComputer
December 15, 2021
Apache’s Fix for Log4Shell Can Lead to DoS Attacks Full Text
Abstract
Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes.Threatpost
November 29, 2021
Dark web market Cannazon shuts down after massive DDoS attack Full Text
Abstract
Cannazon, one of the largest dark web marketplaces for buying marijuana products, shut down last week after suffering a debilitating distributed denial of service attack.BleepingComputer
November 18, 2021
How to Choose the Right DDoS Protection Solution Full Text
Abstract
Pankaj Gupta, Senior Director at Citrix, outlines how distributed denial of service attacks have become increasingly sophisticated, bigger and economically motivated.Threatpost
November 15, 2021
Cloudflare mitigated 2 Tbps DDoS attack, the largest attack it has seen to date Full Text
Abstract
Cloudflare announced to have mitigated a distributed denial-of-service (DDoS) attack that peaked at almost 2 terabytes per second (Tbps). Cloudflare, Inc. is an American web infrastructure and website security company that provides content delivery...Security Affairs
November 12, 2021
Latest DDoS Trends and Attacks - What You Need to Know Full Text
Abstract
DDoS attacks started being used as an intimidation tactic in Q3. The criminals sent company-wide emails stating that their resources were being used in DDoS attacks and they could face legal consequences.Cyware Alerts - Hacker News
November 10, 2021
Critical Citrix DDoS Bug Shuts Down Network, Cloud App Access Full Text
Abstract
The distributed computing vendor patched the flaw, affecting Citrix ADC and Gateway, along with another flaw impacting availability for SD-WAN appliances.Threatpost
November 10, 2021
Telnyx is the latest VoIP provider hit with DDoS attacks Full Text
Abstract
Telnyx is the latest VoIP telephony provider targeted with distributed denial-of-service (DDoS) attacks, causing worldwide outages since yesterday.BleepingComputer
November 8, 2021
DDoS Attacks Shatter Records in Q3, Report Finds Full Text
Abstract
Q3 DDoS attacks topped thousands daily, with more growth expected.Threatpost
November 1, 2021
HelloKitty ransomware gang also targets victims with DDoS attacks Full Text
Abstract
The US FBI has published a flash alert warning private organizations of the evolution of the HelloKitty ransomware (aka FiveHands). The U.S. Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry of a new feature...Security Affairs
November 01, 2021
FBI: HelloKitty ransomware adds DDoS attacks to extortion tactics Full Text
Abstract
The U.S. Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry partners that the HelloKitty ransomware gang (aka FiveHands) has added distributed denial-of-service (DDoS) attacks to their arsenal of extortion tactics.BleepingComputer
October 20, 2021
DDoS attacks against Russian firms have almost tripled in 2021 Full Text
Abstract
A report analyzing data from the start of the year concludes that distributed denial-of-service (DDoS) attacks on Russian companies have increased 2.5 times compared to the same period last year.BleepingComputer
October 13, 2021
Dutch police warn customers of a popular DDoS booter service Full Text
Abstract
Dutch police warn customers of a distributed denial-of-service (DDoS) website of stopping using the service to avoid prosecution. Dutch police warn customers of a booter service, abused to carry out distributed denial-of-service (DDoS) attacks, of to stop...Security Affairs
October 12, 2021
Dutch police send warning letters to DDoS booter customers Full Text
Abstract
Dutch authorities gave a final warning to more than a dozen customers of a distributed denial-of-service (DDoS) website, letting them know that continued cyber offenses lead to prosecution.BleepingComputer
October 12, 2021
Microsoft Fended Off a Record 2.4 Tbps DDoS Attack Targeting Azure Customers Full Text
Abstract
Microsoft on Monday revealed that its Azure cloud platform mitigated a 2.4 Tbps distributed denial-of-service (DDoS) attack in the last week of August targeting an unnamed customer in Europe, surpassing a 2.3 Tbps attack stopped by Amazon Web Services in February 2020. "This is 140 percent higher than 2020's 1 Tbps attack and higher than any network volumetric event previously detected on Azure," Amir Dahan, senior program manager for Azure Networking, said in a post, calling it a " UDP reflection " lasting for about 10 minutes. Reflected amplification attacks are a type of denial of service attacks wherein a threat actor takes advantage of the connectionless nature of UDP protocol with spoofed requests so as to overwhelm a target server or network with a flood of packets, causing disruption or rendering the server and its surrounding infrastructure unavailable. The attack is said to have originated from a botnet of approximately 70,000 compromised dThe Hacker News
October 12, 2021
Microsoft mitigated a record 2.4 Tbps DDoS attack in August Full Text
Abstract
Microsoft Azure cloud service mitigated a massive DDoS attack of 2.4 terabytes per second (Tbps) at the end of August, it is the largest DDoS attack to date. Microsoft announced that its Azure cloud service mitigated a 2.4 terabytes per second (Tbps)...Security Affairs
October 12, 2021
Microsoft: Azure customer hit by record DDoS attack in August Full Text
Abstract
Microsoft has mitigated a record 2.4 Tbps (terabits per second) Distributed Denial-of-Service (DDoS) attack targeting an European Azure customer during the last week of August.BleepingComputer
October 11, 2021
Ukrainian police arrest DDoS operator controlling 100,000 bots Full Text
Abstract
Ukrainian police have arrested a hacker who controlled a 100,000 device botnet used to perform DDoS attacks on behalf of paid customers.BleepingComputer
September 27, 2021
Bandwidth.com is latest victim of DDoS attacks against VoIP providers Full Text
Abstract
Bandwidth.com has become the latest victim of distributed denial of service attacks targeting VoIP providers this month, leading to nationwide voice outages over the past few days.BleepingComputer
September 20, 2021
VoIP.ms phone services disrupted by DDoS extortion attack Full Text
Abstract
Threat actors are targeting voice-over-Internet provider VoIP.ms with a DDoS attack and extorting the company to stop the assault that's severely disrupting the company's operation.BleepingComputer
September 20, 2021
DDoS Attack Service Admin Behind 200,000 Attacks Face 35 Years in Prison Full Text
Abstract
It was found that 32-year old Matthew Gatrel of St. Charles, Illinois allowed users to launch more than 200,000 DDoS attacks through paid services for which he may face 35-years in prison.GB Hackers
September 17, 2021
Admin of DDoS service behind 200,000 attacks faces 35yrs in prison Full Text
Abstract
At the end of a nine-day trial, a jury in California this week found guilty the administrator of two distributed denial-of-service (DDoS) operations.BleepingComputer
September 16, 2021
DDoS Attacks: A Flourishing Business for Cybercrooks – Podcast Full Text
Abstract
Imperva’s Peter Klimek on how DDoS attacks started out as inconveniences but evolved to the point where attackers can disrupt businesses for as little as the price of a cup of coffee,Threatpost
September 09, 2021
Yandex is battling the largest DDoS in Russian Internet history Full Text
Abstract
Russian internet giant Yandex has been targeted in a massive distributed denial-of-service (DDoS) attack that started last week and reportedly continues this week.BleepingComputer
September 9, 2021
Yandex is under the largest DDoS attack in the history of Runet Full Text
Abstract
The Russian internet service provider Yandex is under a massive distributed denial-of-service (DDoS) attack that began last week. The Russian Internet giant Yandex has been targeting by the largest DDoS attack in the history of Runet, the Russian...Security Affairs
September 5, 2021
Major IPS in New Zealand hit by massive DDoS, Internet outages reported Full Text
Abstract
A massive DDoS hit New Zealand 's third-largest internet operator isolating parts of the country from the Internet. A massive DDoS hit Vocus ISP, New Zealand 's third-largest internet operator, isolating parts of the country from the Internet. Vocus...Security Affairs
September 2, 2021
UK-based Voip Unlimited and Voipfone Disrupted by Ongoing DDoS Attacks Full Text
Abstract
Two UK VoIP operators have had their services disrupted over the last couple of days by ongoing, aggressive DDoS attacks. The two firms are South Coast-based Voip Unlimited and London-based Voipfone.The Register
August 29, 2021
DDoS attacks target the Philippine human rights alliance Karapatan Full Text
Abstract
The Philippine human rights alliance Karapatan has suffered a massive and prolonged Distributed Denial of Service (DDoS) attack, Qurium organizations linked it to the local government. For the past three weeks, the Philippine human rights alliance Karapatan has...Security Affairs
August 27, 2021
Fake DMCA complaints, DDoS threats lead to BazaLoader malware Full Text
Abstract
Cybercriminals behind the BazaLoader malware came up with a new lure to trick website owners into opening malicious files: fake notifications about the site being engaged in distributed denial-of-service (DDoS) attacks.BleepingComputer
August 20, 2021
Cloudflare mitigated one of the largest DDoS attack involving 17.2 million rps Full Text
Abstract
Web infrastructure and website security company Cloudflare on Thursday disclosed that it mitigated the largest ever volumetric distributed denial of service (DDoS) attack recorded to date. The attack, launched via a Mirai botnet, is said to have targeted an unnamed customer in the financial industry last month. "Within seconds, the botnet bombarded the Cloudflare edge with over 330 million attack requests," the company noted , at one point reaching a record high of 17.2 million requests-per-second (rps), making it three times bigger than previously reported HTTP DDoS attacks. Volumetric DDoS attacks are designed to target a specific network with an intention to overwhelm its bandwidth capacity and often utilize reflective amplification techniques to scale their attack and cause as much operational disruption as possible. They also typically originate from a network of malware-infected systems — consisting of computers, servers, and IoT devices — enabling threat actorsThe Hacker News
August 20, 2021
Web Censorship Systems Can Facilitate Massive DDoS Attacks Full Text
Abstract
Systems are ripe for abuse by attackers who can abuse systems to launch DDoS attacks.Threatpost
August 20, 2021
Cloudflare says it mitigated a record-breaking 17.2M rps DDoS attack Full Text
Abstract
Cloudflare said this attack peaked at 17.2 million HTTP requests/second (rps), a figure that the company described as almost three times larger than any previously reported volumetric DDoS attack.The Record
August 20, 2021
High-Severity DoS Vulnerability Patched in BIND DNS Software Full Text
Abstract
The Internet Systems Consortium (ISC) this week publicly announced the availability of patches for a high-severity denial-of-service (DoS) vulnerability affecting its BIND DNS software.Security Week
August 20, 2021
Internet Systems Consortium (ISC) fixes High-Severity DoS flaw in BIND DNS Software Full Text
Abstract
The Internet Systems Consortium (ISC) addressed a high-severity denial-of-service (DoS) flaw (CVE-2021-25218) affecting the BIND DNS software. The Internet Systems Consortium (ISC) has released security updates to address a high-severity denial-of-service...Security Affairs
August 20, 2021
HTTP DDoS attacks reach unprecedented 17 million requests per second Full Text
Abstract
A distributed denial-of-service (DDoS) attack earlier this year takes the top spot for the largest such incident, peaking at 17.2 million requests per second (rps).BleepingComputer
August 20, 2021
Human Rights Alliance Karapatan Faces Weeks-long DDOS Attacks Full Text
Abstract
Qurium reported that the attackers launched billions of “malicious web requests” comprising application-layer web floods, which is a form of DDoS (Distributed Denial of Service) attack.Hackread
August 19, 2021
The Looming Threat of TCP-based DDoS Reflection Amplification Attack Full Text
Abstract
A group of academics stated that network middleboxes such as firewalls, Network Address Translators (NATs), load balancers, and Deep Packet Inspection (DPI) boxes can be weaponized to launch more sophisticated DDoS reflection amplification attacks.Cyware Alerts - Hacker News
August 16, 2021
Attackers Can Weaponize Firewalls and Middleboxes for Amplified DDoS Attacks Full Text
Abstract
Weaknesses in the implementation of TCP protocol in middleboxes and censorship infrastructure could be weaponized as a vector to stage reflected denial of service (DoS) amplification attacks, surpassing many of the existing UDP-based amplification factors to date. Detailed by a group of academics from the University of Maryland and the University of Colorado Boulder at the USENIX Security Symposium, the volumetric attacks take advantage of TCP-non-compliance in-network middleboxes — such as firewalls, intrusion prevention systems, and deep packet inspection (DPI) boxes — to amplify network traffic, with hundreds of thousands of IP addresses offering amplification factors exceeding those from DNS, NTP, and Memcached. Reflected amplification attacks are a type of DoS attacks in which an adversary leverages the connectionless nature of UDP protocol with spoofed requests to misconfigured open servers in order to overwhelm a target server or network with a flood of packets, causingThe Hacker News
August 16, 2021
Firewalls and Middleboxes Can be Weaponized for Massive DDoS Attacks Using New Technique Full Text
Abstract
Academics discovered a novel DDoS attack vector abusing the TCP protocol. The new DDoS technique can be used to launch attacks with amplification factors in the realm of 1000x and more.The Record
July 29, 2021
Analytical report on DDoS attacks in the second quarter of 2021 Full Text
Abstract
The month of April 2021 saw the active distribution of a new DDoS botnet called Simps — the name under which it introduced itself to its victims — that was distributed via YouTube and Discord.Kaspersky Labs
July 5, 2021
Investigation links DDoS attack on Filipino media outlets to government agencies Full Text
Abstract
A Swedish digital rights nonprofit said on Thursday that it has observed a targeted campaign of DDoS attacks that appear to be linked to the Department of Science and Technology (DOST) and Army.The Record
June 16, 2021
100% increase in daily DDoS traffic in 2020 as potential grows for 10 Tbps attack: Nokia Full Text
Abstract
An analysis by Nokia Deepfield found that there has been a massive increase in high-bandwidth, volumetric DDoS attacks, the majority of which originate from just a few dozen hosting companies.ZDNet
June 14, 2021
Major blackouts across Puerto Rico. Are the DDoS and the fire linked? Full Text
Abstract
A fire and cyberattack hit an electrical substation for the electricity provider Luma Energy, causing major blackouts across Puerto Rico. A large fire at the Luma's Monacillo electrical substation in San Juan for Puerto Rico's new electricity provider,...Security Affairs
June 11, 2021
Fancy Lazarus is Active with Ransom DDoS Attacks Full Text
Abstract
Proofpoint reported about a new DDoS extortion activity by a threat actor group called Fancy Lazarus. It was observed extorting funds from various organizations operating in the energy, financial, and manufacturing sectors, among others.Cyware Alerts - Hacker News
June 11, 2021
‘Fancy Lazarus’ Criminal Group Launches DDoS Extortion Campaign Full Text
Abstract
A cybercriminal group with a rotating list of names has resurfaced with a new email attack campaign threatening to launch a DDoS attack against target organizations that refuse to pay a ransom.Dark Reading
June 10, 2021
Organizations Warned About DoS Flaws in Popular Open Source Message Brokers Full Text
Abstract
A type of malformed message that causes a DoS condition has been identified for RabbitMQ, EMQ X, and VerneMQ, but there does not appear to be a single message that impacts all three brokers.Security Week
June 7, 2021
STUN Servers Increasingly Exploited for DDoS-for-Hire Services Full Text
Abstract
NETSCOUT warned organizations that STUN servers have been increasingly abused for DDoS attacks, and there are tens of thousands of servers that could be abused for such attacks by malicious actors.Security Week
June 2, 2021
How ransomware actors are adding DDoS attacks to their arsenals Full Text
Abstract
Many cybercriminals who sell ransomware-as-a-service campaigns offer a DDoS attack as an extra service. "It's a little bit ransom, a little bit DDoS extortion, and a lot of trouble," NETSCOUT said.Tech Republic
June 2, 2021
Blizzard Experiences High Latency and Disconnections Due to Massive DDoS Attack Full Text
Abstract
According to Blizzard, they are under massive DDoS attack, which may cause significant latency and disconnections for some gamers. The company also says that it's working hard to address this issue.Softpedia
June 1, 2021
DoD needs carrots rather than sticks to garner support for contractor threat hunting program Full Text
Abstract
Companies that participate in a potential Pentagon program to conduct threat hunting across the defense industrial base should be protected from legal liability and be given additional financial or technical support to ensure small businesses aren’t crowded out.SCMagazine
May 28, 2021
Mexico walls off national lottery sites after ransomware DDoS threat Full Text
Abstract
Access to Mexico's Lotería Nacional and Pronósticos lottery websites are now blocked to IP addresses outside of Mexico after a ransomware gang threatened to perform denial of service attacks.BleepingComputer
May 25, 2021
DDoS hacking attempts drop in Q1 2021: Report Full Text
Abstract
In the first quarter of 2021, the number of DDoS attacks dropped by 29% compared to the same period in 2020, but increased by 47% compared to the fourth quarter in 2020, says a Kaspersky report.The Times Of India
May 25, 2021
DeepSloth: Researchers find denial-of-service equivalent against machine learning systems Full Text
Abstract
Presented at the International Conference on Learning Representations (ICLR), the technique neutralizes optimization techniques that speed up the operation of deep neural networks.The Daily Swig
May 18, 2021
Q1 2021 Sees 2.9 Million DDoS Attacks Launched Full Text
Abstract
DDoS attacks in Q1 2021 up 31% YoY, according to new researchInfosecurity Magazine
May 9, 2021
TsuNAME flaw exposes DNS servers to DDoS attacks Full Text
Abstract
A flaw in some DNS resolvers, tracked as TsuNAME, can allow attackers to launch DDoS attacks against authoritative DNS servers. Researchers at SIDN Labs (the R&D team of the registry for .nl domains), InternetNZ (the registry for .nz domains),...Security Affairs
May 4, 2021
A massive DDoS knocked offline Belgian government websites Full Text
Abstract
A massive distributed denial of service (DDoS) attack shut down Belgiums' government websites, internal networks were also impacted. A massive distributed denial of service (DDoS) attack hit most of the Belgium government’s IT network, according...Security Affairs
April 15, 2021
Hundreds of Thousands of Spam Emails Flood LinkedIn Users’ Inboxes Full Text
Abstract
Users of the employment-oriented online service are being targeted with an assortment of phishing emails and scams in an attempt to hijack their LinkedIn accounts or promote fake LinkedIn email leads.Bitdefender
April 7, 2021
DDoS Extortion Attacks Get Stronger and More Persistent Full Text
Abstract
Akamai has recently reported three large-scale DDoS attacks. These attacks count among the six biggest volumetric DDoS attacks the company has ever recorded.Cyware Alerts - Hacker News
April 2, 2021
DDoS Attacks Peaked at 800Gbps Targets Gambling and Video Games Industry Full Text
Abstract
According to security services provider Akamai, Distributed Denial of Service (DDoS) attacks are growing bigger in volume, and they have also become...Cyber Security News
March 31, 2021
800Gbps DDoS extortion attack hits gambling company Full Text
Abstract
Distributed denial-of-service (DDoS) attacks started strong this year, setting new records and taking the extortion trend that started last August to the next level.BleepingComputer
March 30, 2021
Akamai Sees Largest DDoS Extortion Attack Known to Date Full Text
Abstract
Distributed denial of service (DDoS) attacks are growing bigger in volume, and they have also become more targeted and increasingly persistent, according to web security services provider Akamai.Security Week
March 27, 2021
New DCCP Request-based DDoS Attack Vector Emerges Full Text
Abstract
The protocol abused is known as Datagram Congestion Control Protocol (DCCP) that offers data congestion procedures for UDP-based communications.Cyware Alerts - Hacker News
March 25, 2021
OpenSSL fixes severe DoS, certificate validation vulnerabilities Full Text
Abstract
OpenSSL has patched two high severity vulnerabilities. These include a Denial of Service (DoS) vulnerability (CVE-2021-3449) and an improper CA certificate validation issue (CVE-2021-3450).BleepingComputer
March 25, 2021
New DDoS Attack Vector Discovered in DCCP Protocol Full Text
Abstract
Akamai Technologies, Inc. is a global content delivery network, cybersecurity, and cloud service company, providing web and Internet security services.Cyber Security News
March 21, 2021
An Uprising of DDoS Attacks, a Cause of Concern for Organizations Full Text
Abstract
The number of attacks almost doubled between February to September 2020. More than 50 million attacks were observed in the span of a year, according to a recent report.Cyware Alerts - Hacker News
March 21, 2021
DDoS booters now abuse DTLS servers to amplify attacks Full Text
Abstract
DDoS-for-hire services are now actively abusing misconfigured or out-of-date Datagram Transport Layer Security (D/TLS) servers to amplify Distributed Denial of Service (DDoS) attacks.BleepingComputer
March 6, 2021
Multiple Cisco products exposed to DoS attack due to a Snort issue Full Text
Abstract
Cisco announced that a vulnerability in the Snort detection engine exposes several of its products to denial-of-service (DoS) attacks. Cisco announced this week that several of its products are exposed to denial-of-service (DoS) attacks due to a vulnerability...Security Affairs
March 2, 2021
DoS vulnerability found in Eclipse Jetty Full Text
Abstract
Jetty has such wide use that the vulnerability is what one researcher described as “close to a digital nightmare,” especially on embedded devices in industrial control systems – which are often not patchable.SCMagazine
February 24, 2021
TDoS: A Phenomenon in DDoS Attacks Emerges From the Shadows Full Text
Abstract
An automated TDoS attack makes use of VoIP software and Session Initiation Protocol (SIP) to make tens or hundreds of calls, simultaneously or in rapid succession to jam targeted services.Cyware Alerts - Hacker News
February 23, 2021
Ukraine: DDoS attacks on govt sites originated from Russia Full Text
Abstract
The National Security and Defense Council (NSDC) of Ukraine is accusing threat actors located on Russia networks of performing DDoS attacks on Ukrainian government websites since February 18th.BleepingComputer
February 22, 2021
TDoS Attacks Take Aim at Emergency First-Responder Services Full Text
Abstract
The FBI has warned that telephony denial-of-service attacks are taking aim at emergency dispatch centers, which could make it impossible to call for police, fire or ambulance services.Threatpost
February 21, 2021
FBI warns of the consequences of telephony denial-of-service (TDoS) attacks Full Text
Abstract
The Federal Bureau of Investigation (FBI) has issued a warning about the risks of telephony denial-of-service (TDoS) attacks on call centers. The United States’ Federal Bureau of Investigation (FBI) is warning of the consequences of telephony denial-of-service...Security Affairs
February 19, 2021
DDoS Attacks in Fourth Quarter of 2020 - A Report Full Text
Abstract
Researchers explain how the DDoS attack trend in the final quarter of the year 2020 is a unique one and highlights what to expect from DDoS threats for Q1 2021.Cyware Alerts - Hacker News
February 19, 2021
Kaspersky: Decline in DDoS Attacks Linked to Surge in Cryptocurrency Value Full Text
Abstract
A 31% fall in DDoS attacks was observed in Q4 of 2020Infosecurity Magazine
February 16, 2021
DDoS Attacks Wane in Q4 Amid Cryptomining Resurgence Full Text
Abstract
The volume of attacks fell 31 percent in the last part of 2020, as Bitcoin values skyrocketed. But there were still several notable trends, such as a rise in Linux botnets.Threatpost
February 15, 2021
DDoS attack takes down EXMO cryptocurrency exchange servers Full Text
Abstract
The servers of British cryptocurrency exchange EXMO were taken offline temporarily after being targeted in a distributed denial-of-service (DDoS) attack.BleepingComputer
February 9, 2021
DDoS Attacks Back with Bigger and Bolder Versions Full Text
Abstract
While there has been a significant rise in ransom-related DDoS (RDDoS) attacks in 2020, the trend continues to take a new shape as we settle into 2021.Cyware Alerts - Hacker News
February 9, 2021
New Botnet Reuse the Mirai Framework to Perform DDoS Attack on Android Devices Full Text
Abstract
Recently, the Chinese security firm Qihoo 360's networking security division Netlab has discovered a nascent malware campaign. This campaign...Cyber Security News
February 05, 2021
Cybercriminals Now Using Plex Media Servers to Amplify DDoS Attacks Full Text
Abstract
A new distributed denial-of-service attack (DDoS) vector has ensnared Plex Media Server systems to amplify malicious traffic against targets to take them offline. "Plex's startup processes unintentionally expose a Plex UPnP-enabled service registration responder to the general Internet, where it can be abused to generate reflection/amplification DDoS attacks," Netscout researchers said in a Thursday alert. Plex Media Server is a personal media library and streaming system that runs on modern Windows, macOS, and Linux operating systems, as well as variants customized for special-purpose platforms such as network-attached storage (NAS) devices and digital media players. The desktop application organizes video, audio, and photos from a user's library and from online services, allowing access to and stream the contents to other compatible devices. DDoS attacks typically involve flooding a legitimate target with junk network traffic that comes from a large number oThe Hacker News
February 5, 2021
Hackers abuse Plex Media servers for DDoS amplification attacks Full Text
Abstract
Netscout experts warn of DDoS-for-hire services abusing Plex Media servers to bounce junk traffic and amplify DDoS attacks. Security researchers from Netscout discovered DDoS-for-hire services have found a way to abuse Plex Media servers...Security Affairs
February 4, 2021
Android Devices Prone to Botnet’s DDoS Onslaught Full Text
Abstract
A new DDoS botnet propagates via the Android Debug Bridge and uses Tor to hide its activity.Threatpost
February 4, 2021
Matryosh DDoS botnet targets Android-Based devices via ADB Full Text
Abstract
Netlab researchers spotted a new Android malware, dubbed Matryosh, that is infecting devices to recruit them in a distributed denial-of-service (DDoS) botnet. On January 25, 2021, researchers at 360 netlab detected a suspicious ELF file, initially...Security Affairs
February 04, 2021
Plex Media servers actively abused to amplify DDoS attacks Full Text
Abstract
Plex Media Server systems are actively being abused by DDoS-for-hire services as a UDP reflection/amplification vector in Distributed Denial of Service (DDoS) attacks.BleepingComputer
February 4, 2021
DDoS attacks leverage Plex media server Full Text
Abstract
The situation offers one more example of the threats posed by remote employees, if companies don’t ensure proper security protocols are in place.SCMagazine
February 04, 2021
Beware: New Matryosh DDoS Botnet Targeting Android-Based Devices Full Text
Abstract
A nascent malware campaign has been spotted co-opting Android devices into a botnet with the primary purpose of carrying out distributed denial-of-service (DDoS) attacks. Called " Matryosh " by Qihoo 360's Netlab researchers, the latest threat has been found reusing the Mirai botnet framework and propagates through exposed Android Debug Bridge (ADB) interfaces to infect Android devices and ensnare them into its network. ADB is a command-line tool part of the Android SDK that handles communications and allows developers to install and debug apps on Android devices. While this option is turned off by default on most Android smartphones and tablets, some vendors ship with this feature enabled, thus allowing unauthenticated attackers to connect remotely via the 5555 TCP port and open the devices directly to exploitation. This is not the first time a botnet has taken advantage of ADB to infect vulnerable devices. In July 2018, open ADB ports were used to spread multipThe Hacker News
January 25, 2021
Users of IoT products from three major vendors at risk of DDoS attacks, data leaks Full Text
Abstract
Softing Industrial Automation GmbH, Kepware PTC, and Matrikon Honeywell all provided fixes for their respective products after security firm Claroty privately disclosed them during 2020.SCMagazine
January 25, 2021
DDoS Attackers Revive Old Campaigns to Extort Ransom Full Text
Abstract
Threat actors behind a distributed denial-of-service campaign targeted the same set of victims again after the organizations failed to pay the initial ransom, as per a new report by Radware.Bank Info Security
January 22, 2021
In second attack DDoS group demands 5 bitcoin payment Full Text
Abstract
Five Radware customers received extortion letters in December and January threatening a DDoS attack if they did not pay five bitcoin (worth about $200,000) from a group that wanted the victims to believe they were from Fancy Bear, Lazarus Group and the Armada Collective. The threat group first attacked late last summer and in the…SCMagazine
January 22, 2021
Threat Actors Can Exploit Windows RDP Servers to Amplify DDoS Attacks Full Text
Abstract
Netscout researchers identify more than 14,000 existing servers that can be abused by ‘the general attack population’ to flood organizations’ networks with traffic.Threatpost
January 22, 2021
Abusing Windows RDP servers to amplify DDoS attacks Full Text
Abstract
Threat actors are abusing Windows Remote Desktop Protocol (RDP) servers to amplify Distributed Denial of Service (DDoS) attacks. Attackers are abusing Windows Remote Desktop Protocol (RDP) servers to amplify Distributed Denial of Service (DDoS) attacks. The...Security Affairs
January 21, 2021
Windows Remote Desktop servers now used to amplify DDoS attacks Full Text
Abstract
Windows Remote Desktop Protocol (RDP) servers are now being abused by DDoS-for-hire services to amplify Distributed Denial of Service (DDoS) attacks.BleepingComputer
January 21, 2021
DDoS booters use Windows Remote Desktop servers to amplify attacks Full Text
Abstract
Windows Remote Desktop Protocol (RDP) servers are being abused as an amplification vector by DDoS-for-hire services (aka booters or stressers) to launch Distributed Denial of Service (DDoS) attacks.BleepingComputer
January 04, 2021
Citrix adds NetScaler ADC setting to block recent DDoS attacks Full Text
Abstract
Citrix has released a feature enhancement designed to block attackers from using the Datagram Transport Layer Security (DTLS) feature of NetScaler ADC devices as an amplification vector in DDoS attacks.BleepingComputer
December 27, 2020
TeamTNT Group Now has its Own IRC Bot Full Text
Abstract
In a recent attack, the group has been observed actively using a newly developed Internet Relay Chat (IRC) bot dubbed TNTbotinger, which can be used to perform DDoS attacks.Cyware Alerts - Hacker News
December 25, 2020
DDoS amplify attack targets Citrix Application Delivery Controllers (ADC) Full Text
Abstract
Citrix confirmed that a DDoS attack is targeting Citrix Application Delivery Controller (ADC) networking equipment. The threat actors are using the Datagram Transport Layer Security (DTLS) protocol as an amplification vector in attacks against Citrix...Security Affairs
December 24, 2020
DDoS attacks hit Citrix Application Delivery Controllers, hindering customer performance Full Text
Abstract
Citrix reported Thursday a DDoS attack that was hitting its Citrix Application Delivery Controllers (ADCs), the networking products that let security and network teams manage the delivery speed and quality of applications to end users. According to the Citrix threat advisory, the attacker or bots can overwhelm the Citrix ADC Datagram Transport Layer Security (DTLS)…SCMagazine
December 24, 2020
Citrix confirms ongoing DDoS attack impacting NetScaler ADCs Full Text
Abstract
Citrix has confirmed today that an ongoing 'DDoS attack pattern' using DTLS as an amplification vector is affecting Citrix Application Delivery Controller (ADC) networking appliances with EDT enabled.BleepingComputer