DDoS-for-hire services have found a way to abuse Plex Media servers to bounce junk traffic and amplify distributed denial of service (DDoS) attacks, security firm Netscout said in an alert this week. From a report: The company’s alert warns owners of devices that ship with Plex Media Server, a web application for Windows, Mac, and Linux that’s usually used for video…
Tag: DDoS
DDoS-Guard To Forfeit Internet Space Occupied By Parler
An anonymous reader quotes a report from Krebs On Security: Parler, the beleaguered social network advertised as a “free speech” alternative to Facebook and Twitter, has had a tough month. Apple and Google removed the Parler app from their stores, and Amazon blocked the platform from using its hosting services. Parler has since found a home in DDoS-Guard, a Russian digital…
Journalists Scrutinize QAnon’s Role in Capitol Hill Mob — And Its Hosting Infrastructure
On Thursday Axios tried to assess QAnon’s role in the mob that stormed America’s Capitol building:
Adherents of the QAnon conspiracy theory, who imagine a vast deep-state cabal of pedophiles arrayed against Trump, have for years insisted that a moment of reckoning for their enemies is imminent. QAnon believers have largely accepted that Trump is waiting for the right time to bring…
Backdoor Account Discovered in More Than 100,000 Zyxel Firewalls, VPN Gateways
More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel. From a report: The backdoor account, discovered by a team of Dutch security researchers from Eye Control, is considered as bad as it gets in terms…
Citrix Devices Are Being Abused as DDoS Attack Vectors
Threat actors have discovered a way to bounce and amplify junk web traffic against Citrix ADC networking equipment to launch DDoS attacks. From a report: While details about the attackers are still unknown, victims of these Citrix-based DDoS attacks have mostly included online gaming services, such as Steam and Xbox, sources have told ZDNet earlier today. The first of these attacks…
Google Says it Mitigated a 2.54 Tbps DDoS Attack in 2017, Largest Known To Date
The Google Cloud team revealed today a previously undisclosed DDoS attack that targeted Google service back in September 2017 and which clocked at 2.54 Tbps, making it the largest DDoS attack recorded to date. From a report: In a separate report published at the same time, the Google Threat Threat Analysis Group (TAG), the Google security team that analyzes high-end threat…
Imprisoned ‘Anonymous’ Hacktivist Martin Gottesfeld Files His First Appeal
In early 2019, Martin Gottesfeld of Anonymous was sentenced under America’s “Computer Fraud and Abuse Act” to 10 years in federal prison for his alleged role in the 2014 DDoS attacks on healthcare and treatment facilities around Boston. (Gottesfeld was sentenced by the same judge who oversaw the Aaron Swartz case.) Gottesfeld has just filed his first appeal, and Slashdot reader…
Belarus Has Shut Down the Internet Amid a Controversial Election
An anonymous reader quotes a report from Wired: Internet connectivity and cellular service in Belarus have been down since Sunday evening, after sporadic outages early that morning and throughout the day. The connectivity blackout, which also includes landline phones, appears to be a government-imposed outage that comes amid widespread protests and increasing social unrest over Belarus’ presidential election Sunday. The ongoing…
Academics Studied DDoS Takedowns and Said They’re Ineffective, Recommend Patching Vulnerable Servers
A team of Dutch and German academics has studied the aftermath of a major crackdown against DDoS providers and concluded that law enforcement takedowns are largely ineffective, recommending that authorities rather focus on patching the vulnerable systems that are abused for the DDoS attacks in the first place. From a report: The study, published last year on paper-hosting service arXiv, analyzed…
AWS Said It Mitigated a 2.3 Tbps DDoS Attack, the Largest Ever
An anonymous reader quotes a report from ZDNet: Amazon said its AWS Shield service mitigated the largest DDoS attack ever recorded, stopping a 2.3 Tbps attack in mid-February this year. The incident was disclosed in the company’s AWS Shield Threat Landscape [PDF], a report detailing web attacks mitigated by Amazon’s AWS Shield protection service. The report didn’t identify the targeted AWS…