Security News
A high-severity Palo Alto Networks denial-of-service vulnerability has been exploited by miscreants looking to launch DDoS attacks, and several of the affected products won't have a patch until next week.The vulnerability, tracked as CVE-2022-0028, received an 8.6 out of 10 CVSS score, and it affects PAN OS, the operating system in Palo Alto Networks' network security products.
Palo Alto Networks has issued a security advisory warning of an actively exploited high-severity vulnerability impacting PAN-OS, the operating system used by the company's networking hardware products. The issue, tracked as CVE-2022-0028, is an URL filtering policy misconfiguration that could allow an unauthenticated, remote attacker to carry out amplified TCP denial-of-service attacks.
Taiwan's Ministry of National Defense confirmed it was hit by a DDoS attack on Wednesday in what has been an eventful week for the island nation, US-Sino relations, and semiconductors. The DDoS attack on the Ministry of Defense followed a separate one on Taiwan's presidential website on Tuesday.
Akamai Technologies squelched the largest-ever distributed denial-of-service attack in Europe earlier this month against a company that was being consistently hammered over a 30-day period. The user datagram protocol was the most popular vector used in the attack and was seen in the record spikes.
The largest distributed denial-of-service attack that Europe has ever seen occurred earlier this month and hit an organization in Eastern Europe. DDoS incidents have become more frequent since the start of the year as attackers try to deny access to the victim's digital services by flooding them with requests and traffic to overwhelm resources and render them unavailable.
Ransom DDoS attacks are carried out for extortion - the attackers promise to cease their attack upon receiving the ransom. According to Gcore, the number of such complex multivector attacks tripled in 2022 compared to the previous year.
The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifies DDoS attacks today. Cybercriminals use botnets for various malicious purposes, most significantly for DDoS attacks against targets.
Google's Threat Analysis Group, whose primary goal is to defend Google users from state-sponsored attacks, said today that Russian-backed threat groups are still focusing their attacks on Ukrainian organizations. In a report regarding recent cyber activity in Eastern Europe, Google TAG security engineer Billy Leonard revealed that hackers part of the Turla Russian APT group have also been spotted deploying their first Android malware.
The botnet behind the largest HTTPS distributed denial-of-service attack in June 2022 has been linked to a spate of attacks aimed at nearly 1,000 Cloudflare customers. Calling the powerful botnet Mantis, the web performance and security company attributed it to more than 3,000 HTTP DDoS attacks against its users.
The botnet behind the largest-ever HTTPS-based distributed-denial-of-service attack is now named after a tiny shrimp. While Mantis initially launched its network-flooding-traffic attack over HTTPS, in the month since its discovery, Mantis has launched more than 3,000 HTTP DDoS attacks against the firm's customers, Yoachimik added.