Security News
A 33-year-old Illinois man has been sentenced to two years in prison for running websites that paying customers used to launch more than 200,000 distributed denial-of-services attacks. Gatrel, was convicted of owning and operating two websites - DownThem.org and AmpNode.com - that sold DDoS attacks.
An Illinois man was sentenced to two years in prison for operating a distributed denial of service platform that allowed threat actors to conduct over 200,000 attacks. The sentenced man, Matthew Gatrel, 33, had created and operated the websites "Downthem.org" and "Ampnode.com." The former sold subscriptions to a powerful DDoS arsenal, and the latter was a bulletproof hosting service that also aided customers in launching their own DDoS attacks.
Internet infrastructure firm Cloudflare said today that it mitigated a 26 million request per second distributed denial-of-service attack, the largest HTTPS DDoS attack detected to date. The threat actor behind it likely used hijacked servers and virtual machines seeing that the attack originated from Cloud Service Providers instead of weaker Internet of Things devices from compromised Residential Internet Service Providers.
Zero-day bug exploited by attackers via macro-less Office documentsA newly numbered Windows zero-day vulnerability is being exploited in the wild via specially crafted Office documents, security researchers are warning. DDoS threats growing in sophistication, size, and frequencyCorero Network Security has published the latest edition of its annual DDoS Threat Intelligence Report that compiles the trends, observations, predictions, and recommendations based on DDoS attacks against Corero customers during 2021.
Corero Network Security has published the latest edition of its annual DDoS Threat Intelligence Report that compiles the trends, observations, predictions, and recommendations based on DDoS attacks against Corero customers during 2021. The report highlights that DDoS threats continue to grow in sophistication, size, and frequency.
The U.S. Department of Justice on Wednesday announced the seizure of three domains used by cybercriminals to trade stolen personal information and facilitate distributed denial-of-service attacks for hire. The former of which allowed its users to traffic hacked personal data and offered a searchable database containing illegally amassed information obtained from over 10,000 data breaches.
The Federal Bureau of Investigation and the U.S. Department of Justice announced today the seizure of three domains used by cybercriminals to sell personal info stolen in data breaches and provide DDoS attack services. To was selling subscriptions allowing its users to search a database containing information stolen in more than 10,000 data breaches.
Corero Network Security has published the latest edition of its annual DDoS Threat Intelligence Report that compiles the trends, observations, predictions, and recommendations based on DDoS attacks against Corero customers during 2021. Stephenson adds, "Combined with the 82% share of short duration DDoS attacks, the intention is that these stealthier transient attacks will appear as legitimate traffic, bypassing simple security measures and succeeding in choking access to important downstream services or connections." Frequency of repeat attacks also grew with a 29% increase in organizations who experienced a second attack within a week.
"There continue to be signs and threats of possible imminent attacks against, in particular, national public entities, private entities providing a public utility service or private entities whose image is identified with the country of Italy," explains the public alert. The signs are posts from the Killnet group's Telegram channel that incited to 'massive and unprecedented' attacks against Italy.
Akamai researchers have been monitoring the DDoS attack since May 12, when a customer an alerted the company's Security Incident Response Team of an attempted attack by a group claiming to be associated with REvil, Akamai revealed in a blog post Wednesday. "The attacks so far target a site by sending a wave of HTTP/2 GET requests with some cache-busting techniques to overwhelm the website," Akamai SIRT vulnerability researcher Larry Cashdollar wrote in the post.