Security News

LockBit gang hit by DDoS attack after threatening to leak Entrust ransomware data
2022-08-22 16:08

The LockBit ransomware group last week claimed responsibility for an attack on cybersecurity vendor in June. LockBitSupp, the public face of LockBit that interacts with companies and cybersecurity researchers, told Shukuhi that the group's data leak site was getting 400 requests a second from more than 1,000 servers and that the group promised to add more resources to the site and to "Drain the ddosers money," he wrote.

LockBit ransomware blames Entrust for DDoS attacks on leak sites
2022-08-22 14:39

The LockBit ransomware operation's data leak sites have been shut down over the weekend due to a DDoS attack telling them to remove Entrust's allegedly stolen data. Soon after they started leaking data, researchers began reporting that the ransomware gang's Tor data leak sites were unavailable due to a DDoS attack.

Fake DDoS protection pages are delivering malware!
2022-08-22 11:36

Malware peddlers are exploiting users' familiarity with and inherent trust in DDoS protection pages to make them download and run malware on their computer, Sucuri researchers have warned. DDoS protection pages have become so common that users rarely think twice about doing what those pages tell them to do to get website access.

DDoS tales from the SOC
2022-08-22 04:30

In this Help Net Security video, Bryant Rump, Principal Security Architect at Neustar Security Services, talks about the challenges of mitigating immense DDoS attacks. He outlines real-world examples and discusses their implications for enterprise security preparedness and the threat landscape.

WordPress sites hacked with fake Cloudflare DDoS alerts pushing malware
2022-08-20 15:15

WordPress sites are being hacked to display fake Cloudflare DDoS protection pages to distribute malware that installs the NetSupport RAT and the RaccoonStealer password-stealing Trojan.DDoS protection screens are commonplace on the internet, protecting sites from bots that ping them with bogus requests, aiming to overwhelm them with garbage traffic.

Google Cloud Blocks Record DDoS attack of 46 Million Requests Per Second
2022-08-19 10:15

Google's cloud division on Thursday disclosed it mitigated a series of HTTPS distributed denial-of-service attacks which peaked at 46 million requests per second, making it the largest such recorded to date. The attack, which occurred on June 1, targeting an unnamed Google Cloud Armor customer, is 76% larger than the 26 million RPS DDoS attack repealed by Cloudflare earlier this June.

Cybercriminals are using bots to deploy DDoS attacks on gambling sites
2022-08-19 03:00

Imperva releases data showing that 25% of all gambling sites were hit with DDoS attacks executed by botnets in June. As the Wimbledon tennis tournament began at the end of June, DDoS attacks increased and impacted 10% of gambling sites.

Google blocks third record-breaking DDoS attack in as many months
2022-08-18 16:00

To put things in perspective, this is about 76 percent larger than the previous record DDoS attack that Cloudflare thwarted earlier that same month. Not only is this the third such record-breaking DDoS flood in the past few months - this includes two earlier HTTPS-based attacks blocked by Cloudflare in April and June - but it comes as Google and other security researchers warn that network-flooding events are getting worse, growing in size and frequency.

Google blocks largest HTTPS DDoS attack 'reported to date'
2022-08-18 16:00

A Google Cloud Armor customer was hit with a distributed denial-of-service attack over the HTTPS protocol that reached 46 million requests per second, making it the largest ever recorded of its kind. In just two minutes, the attack escalated from 100,000 RPS to a record-breaking 46 million RPS, almost 80% more than the previous record, an HTTPS DDoS of 26 million RPS that Cloudflare mitigated in June.

Malicious PyPi packages aim DDoS attacks at Counter-Strike servers
2022-08-15 22:03

A dozen malicious Python packages were uploaded to the PyPi repository this weekend in a typosquatting attack that performs DDoS attacks on a Counter-Strike 1.6 server. Python Package Index is a repository of open-source software packages that developers can easily incorporate into their Python projects to build complex apps with minimal effort.