Security News

An Illinois man was sentenced to two years in prison for operating a distributed denial of service platform that allowed threat actors to conduct over 200,000 attacks. The sentenced man, Matthew Gatrel, 33, had created and operated the websites "Downthem.org" and "Ampnode.com." The former sold subscriptions to a powerful DDoS arsenal, and the latter was a bulletproof hosting service that also aided customers in launching their own DDoS attacks.

Internet infrastructure firm Cloudflare said today that it mitigated a 26 million request per second distributed denial-of-service attack, the largest HTTPS DDoS attack detected to date. The threat actor behind it likely used hijacked servers and virtual machines seeing that the attack originated from Cloud Service Providers instead of weaker Internet of Things devices from compromised Residential Internet Service Providers.

Zero-day bug exploited by attackers via macro-less Office documentsA newly numbered Windows zero-day vulnerability is being exploited in the wild via specially crafted Office documents, security researchers are warning. DDoS threats growing in sophistication, size, and frequencyCorero Network Security has published the latest edition of its annual DDoS Threat Intelligence Report that compiles the trends, observations, predictions, and recommendations based on DDoS attacks against Corero customers during 2021.

Corero Network Security has published the latest edition of its annual DDoS Threat Intelligence Report that compiles the trends, observations, predictions, and recommendations based on DDoS attacks against Corero customers during 2021. The report highlights that DDoS threats continue to grow in sophistication, size, and frequency.

The U.S. Department of Justice on Wednesday announced the seizure of three domains used by cybercriminals to trade stolen personal information and facilitate distributed denial-of-service attacks for hire. The former of which allowed its users to traffic hacked personal data and offered a searchable database containing illegally amassed information obtained from over 10,000 data breaches.

The Federal Bureau of Investigation and the U.S. Department of Justice announced today the seizure of three domains used by cybercriminals to sell personal info stolen in data breaches and provide DDoS attack services. To was selling subscriptions allowing its users to search a database containing information stolen in more than 10,000 data breaches.

Corero Network Security has published the latest edition of its annual DDoS Threat Intelligence Report that compiles the trends, observations, predictions, and recommendations based on DDoS attacks against Corero customers during 2021. Stephenson adds, "Combined with the 82% share of short duration DDoS attacks, the intention is that these stealthier transient attacks will appear as legitimate traffic, bypassing simple security measures and succeeding in choking access to important downstream services or connections." Frequency of repeat attacks also grew with a 29% increase in organizations who experienced a second attack within a week.

"There continue to be signs and threats of possible imminent attacks against, in particular, national public entities, private entities providing a public utility service or private entities whose image is identified with the country of Italy," explains the public alert. The signs are posts from the Killnet group's Telegram channel that incited to 'massive and unprecedented' attacks against Italy.

Akamai researchers have been monitoring the DDoS attack since May 12, when a customer an alerted the company's Security Incident Response Team of an attempted attack by a group claiming to be associated with REvil, Akamai revealed in a blog post Wednesday. "The attacks so far target a site by sending a wave of HTTP/2 GET requests with some cache-busting techniques to overwhelm the website," Akamai SIRT vulnerability researcher Larry Cashdollar wrote in the post.

DDoS attacks decreased in 2021, still above pre-pandemic levels. As part of NexusGuard's "DDoS Statistical Report for 2021", it was found that despite the rate of DDoS attacks falling from 2020 to 2021, the number of attacks still outweigh those experienced before the COVID-19 pandemic began, as the total number of DDoS attacks were reduced by 13.3% from 2020 to 2021, according to the DDoS protection company.