DDoS platform shut down by international law enforcement agencies
International law enforcement authorities have shut down a DDoS-as-a-service platform and seized its domain.
DDoS threat report for 2024 Q1
2024 started with a bang. Cloudflare’s autonomous systems mitigated over 4.5 million DDoS attacks in the first quarter of the year — a 50% increase compared to the previous year.
Romania-linked ‘Rubycarp’ hackers look for cryptomining, phishing DDoS opportunities
Rubycarp has been in operation for at least a decade, and its campaigns appear to overlap with other cybercrime groups, according to researchers at Sysdig.
DSoS attacks statistics and observations
he year 2023 turned out to be quite rich in events and trends in the field of cybersecurity. We witnessed a new term "white noise", the development of artificial intelligence led to increased bot activity, which significantly affected commercial companies. We detected signs of a resurgence in popularity of commercial DDoS attacks. The implementation of "remote office" technologies led to the expansion of communication channels and, as a result, increased intensity of attacks. But first things first. DDoS Attacks by Vectors The fourth quarter of the past year didn't bring any surprises in terms of the distribution of mixed attacks by vectors. UDP flood once again topped the list with a rate of 60.20%. IP flood came in second at 16.86%. Multivector attacks also made it into the top three with 13.36%. Overall, the distribution was as follows: UDP flood - 60.20% SYN flood - 7.26% IP flood - 16.86% Multivector attacks - 13.36%
Understanding and Responding to Distributed Denial-Of-Service Attacks
This joint guide, Understanding and Responding to Distributed Denial-Of-Service Attacks, addresses the specific needs and challenges faced by organizations in defending against DDoS attacks. The guidance now includes detailed insight into three different types of DDoS techniques: Volumetric, attacks aiming to consume available bandwidth. Protocol, attacks which exploit vulnerabilities in network protocols. * Application, attacks targeting vulnerabilities in specific applications or running services.
Plusieurs ministères visés par des attaques informatiques depuis dimanche, annonce Matignon
Si ces attaques, qui ont commencé dimanche soir, ont été d’une « intensité inédite », les services du premier ministre ont précisé lundi que leur impact avait été « réduit ». Elles ont été revendiquées par Anonymous Sudan, qui regroupe des militants prorusses.
NoName057(16) |
NoName057(16) relies heavily on HTTPS application-layer DDoS attacks, with many attacks repeatedly sourced from the same attack harness, networks, and targeting similar countries and industries.
NoEscape gang continues to use DDoS to pressure reluctant victims to negotiate
Over on SuspectFile, Marco A. De Felice reports that the NoEscape ransomware gang is threatening to release 1.5 TB of data from PruittHealth Network. De Felice...
Several websites of Belgian institutions disrupted yesterday by DDoS attack
Several websites of Belgian institutions (such as those of the Royal Palace, the Chancellery of the Prime Minister and the Senate) experienced some disruption late Thursday afternoon.
HTTP/2 Rapid Reset: deconstructing the record-breaking attack
This post dives into the details of the HTTP/2 protocol, the feature that attackers exploited to generate the massive Rapid Reset attacks, and the mitigation strategies we took to ensure all our customers are protected
What's in a NoName? Researchers see a lone-wolf DDoS group
Every morning at roughly the same time, a Russian hacker group known as NoName057(16) carries out distributed denial-of-service (DDoS) attacks on European financial institutions, government websites or transportation services.
DDoS threat report for 2023 Q2
Q2 2023 saw an unprecedented escalation in DDoS attack sophistication. Pro-Russian hacktivists REvil, Killnet and Anonymous Sudan joined forces to attack Western sites. Mitel vulnerability exploits surged by a whopping 532%, and attacks on crypto rocketed up by 600%. Read the full story...
Condi DDoS Botnet Spreads via TP-Link's CVE-2023-1389
FortiGuard Labs encountered recent samples of a DDoS-as-a-service botnet calling itself Condi. It attempted to spread by exploiting TP-Link Archer AX21 (AX1800) routers vulnerable to CVE-2023-1389, which was disclosed in mid-March of this year. Read more.
Microsoft says early June disruptions to Outlook, cloud platform, were cyberattacks
Microsoft says the early June disruptions to its Microsoft’s flagship office suite — including the Outlook email apps — were denial-of-service attacks by a shadowy new hacktivist group. In a blog post published Friday evening after The Associated Press sought clarification on the sporadic but serious outages, Microsoft confirmed that that they were DDoS attacks by a group calling itself Anonymous Sudan, which some security researchers believe is Russia-affiliated. The software giant offered few details on the attack. It did not comment on how many customers were affected.
Cyberattaques massives contre la Suisse, huit questions pour analyser une semaine folle
La guerre s’est invitée dans le cyberespace suisse avec fracas cette semaine, le groupe de hackers NoName visant des dizaines de cibles. Il faudra mieux se préparer face à des attaques qui pourraient s’intensifier, avertissent trois experts
Déferlante d’attaques DDoS en Suisse revendiquées par des hacktivistes pro-russes
Déferlante d’attaques DDoS en Suisse revendiquées par des hacktivistes pro-russes
Switzerland under cyberattack
The Swiss government is under DDoS attacks, but several ransomware gangs have also turned their sights on other Swiss organizations.
Attaque DDoS contre l’administration fédérale: plusieurs applications et sites Internet ne sont plus accessibles
Lundi 12 juin 2023, plusieurs sites Internet de la Confédération étaient ou sont encore inaccessibles, en raison d’une attaque DDoS menée contre ses systèmes. Celle-ci a été rapidement détectée par les spécialistes de l’administration fédérale, qui travaillent actuellement à rétablir dans les plus brefs délais l’accès aux applications et sites Internet touchés.
Sites officiels paralysés: L’administration fédérale suisse fait l’objet d’une attaque informatique | 24 heures
L’entité «NoName» a pris pour cible des sites officiels de l’administration, comme FedPol, lundi matin lors d’une cyberattaque.
Microsoft 365 sous le feu nourri d'attaques DDoS Dominique Filippone , publié le 09 Juin 2023
Revendiquée par un cyberpirate dénommé Anonymous Sudan, une série d'attaques a paralysé pendant plusieurs jours de multiples services cloud de Microsoft dont Outlook, SharePoint et OneDrive. Les difficultés de l'éditeur à assurer une remise en service complète dans ce laps de temps interroge.
Le site web du parlement suisse attaqué par des hackers
Une cyberattaque paralyse en partie le site www.parlament.ch, une agression peut-être en lien avec la prochaine prise de parole du président ukrainien.
The Team of Sleuths Quietly Hunting Cyberattack-for-Hire Services
For a decade, a group called Big Pipes has worked behind the scenes with the FBI to target the worst cybercriminal “booter” services plaguing the internet. WHEN THE FBI announced the takedown of 13 cyberattack-for-hire services yesterday, it may have seemed like just another day in law enforcement’s cat-and-mouse game with a criminal industry that has long plagued the internet’s infrastructure, bombarding victims with relentless waves of junk internet traffic to knock them offline. In fact, it was the latest win for a discreet group of detectives that has quietly worked behind the scenes for nearly a decade with the goal of ending that plague for good.
German Police Raid DDoS-Friendly Host ‘FlyHosting
Authorities in Germany this week seized Internet servers that powered FlyHosting, a dark web service that catered to cybercriminals operating DDoS-for-hire services. Fly Hosting first advertised on cybercrime forums in November 2022, saying it was a Germany-based hosting firm that…
German Police Raid DDoS-Friendly Host ‘FlyHosting
Authorities in Germany this week seized Internet servers that powered FlyHosting, a dark web service that catered to cybercriminals operating DDoS-for-hire services. Fly Hosting first advertised on cybercrime forums in November 2022, saying it was a Germany-based hosting firm that…
NCA infiltrates cyber crime market with disguised DDoS sites
The National Crime Agency has today revealed that it has infiltrated the online criminal marketplace by setting up a number of sites purporting to offer DDoS-for-hire services. Today’s announcement comes after the Agency chose to identify one of the sites currently being run by officers as part of a sustained programme of activity to disrupt and undermine DDoS as a criminal service.
NCA infiltrates cyber crime market with disguised DDoS sites
The National Crime Agency has today revealed that it has infiltrated the online criminal marketplace by setting up a number of sites purporting to offer DDoS-for-hire services. Today’s announcement comes after the Agency chose to identify one of the sites currently being run by officers as part of a sustained programme of activity to disrupt and undermine DDoS as a criminal service.
German airport websites downed by DDoS attacks
A series of distributed denial-of-service (DDoS) attacks shut down seven German airports' websites on Thursday, a day after a major IT glitch at Lufthansa grounded flights.
German airport websites downed by DDoS attacks
A series of distributed denial-of-service (DDoS) attacks shut down seven German airports' websites on Thursday, a day after a major IT glitch at Lufthansa grounded flights.
Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack
This was a weekend of record-breaking DDoS DDoS. Over the weekend, Cloudflare detected and mitigated dozens of hyper-volumetric DDoS attacks. The majority of attacks peaked in the ballpark of 50-70 million requests per second (rps) with the largest exceeding 71 million rps. This is the largest reported HTTP DDoS attack on record, more than 35% higher than the previous reported record of 46M rps in June 2022.
Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack
This was a weekend of record-breaking DDoS DDoS. Over the weekend, Cloudflare detected and mitigated dozens of hyper-volumetric DDoS attacks. The majority of attacks peaked in the ballpark of 50-70 million requests per second (rps) with the largest exceeding 71 million rps. This is the largest reported HTTP DDoS attack on record, more than 35% higher than the previous reported record of 46M rps in June 2022.