Security News

Imperva releases data showing that 25% of all gambling sites were hit with DDoS attacks executed by botnets in June. This Help Net Security video uncovers how DDoS attacks on gambling sites lead to lost revenue and consumer trust.

WordPress sites are being hacked to display fraudulent Cloudflare DDoS protection pages that lead to the delivery of malware such as NetSupport RAT and Raccoon Stealer. "A recent surge in JavaScript injections targeting WordPress sites has resulted in fake DDoS prevent prompts which lead victims to download remote access trojan malware," Sucuri's Ben Martin said in a write-up published last week.

Radware released a report revealing that the number of malicious DDoS attacks climbed by 203% compared to the first six months of 2021. "As Russia invaded Ukraine, the cyber focus changed. It shifted from the consequences of the pandemic, including an increase in attack surfaces driven by work from home and the rise of underground crime syndicates, to a ground swell of DDoS activity launched by patriotic hacktivists and new legions of threat actors."

The security issue is a high-severity risk identified as CVE-2022-0028 that allows a remote threat actor to deploy reflected and amplified denial-of-service attacks without having to authenticate. While exploiting the flaw can only cause a DoS condition on the affected device, it has already been used for at least one attack.

The LockBit ransomware group last week claimed responsibility for an attack on cybersecurity vendor in June. LockBitSupp, the public face of LockBit that interacts with companies and cybersecurity researchers, told Shukuhi that the group's data leak site was getting 400 requests a second from more than 1,000 servers and that the group promised to add more resources to the site and to "Drain the ddosers money," he wrote.

The LockBit ransomware operation's data leak sites have been shut down over the weekend due to a DDoS attack telling them to remove Entrust's allegedly stolen data. Soon after they started leaking data, researchers began reporting that the ransomware gang's Tor data leak sites were unavailable due to a DDoS attack.

Malware peddlers are exploiting users' familiarity with and inherent trust in DDoS protection pages to make them download and run malware on their computer, Sucuri researchers have warned. DDoS protection pages have become so common that users rarely think twice about doing what those pages tell them to do to get website access.

In this Help Net Security video, Bryant Rump, Principal Security Architect at Neustar Security Services, talks about the challenges of mitigating immense DDoS attacks. He outlines real-world examples and discusses their implications for enterprise security preparedness and the threat landscape.

WordPress sites are being hacked to display fake Cloudflare DDoS protection pages to distribute malware that installs the NetSupport RAT and the RaccoonStealer password-stealing Trojan.DDoS protection screens are commonplace on the internet, protecting sites from bots that ping them with bogus requests, aiming to overwhelm them with garbage traffic.

Google's cloud division on Thursday disclosed it mitigated a series of HTTPS distributed denial-of-service attacks which peaked at 46 million requests per second, making it the largest such recorded to date. The attack, which occurred on June 1, targeting an unnamed Google Cloud Armor customer, is 76% larger than the 26 million RPS DDoS attack repealed by Cloudflare earlier this June.