Security News

Cybercriminals behind the BazaLoader malware came up with a new lure to trick website owners into opening malicious files: fake notifications about the site being engaged in distributed denial-of-service attacks. The goal is the same though: use contact forms to deliver BazaLoader malware that often drops Cobalt Strike, which can lead to data theft or a ransomware attack.

Cybercriminals behind the BazaLoader malware came up with a new lure to trick website owners into opening malicious files: fake notifications about the site being engaged in distributed denial-of-service attacks. The goal is the same though: use contact forms to deliver BazaLoader malware that often drops Cobalt Strike, which can lead to data theft or a ransomware attack.

Swedish digital rights organisation Qurium has alleged that an Israeli company called Bright Data has helped the government of the Philippines to DDOS local human rights organisation Karapatan. In July, Qurium reported that the Philippines Department of Science and Technology and Army had conducted DDOS attacks on local media critical of the nation's government, and targeted Karapatan.

Weaknesses in the implementation of TCP protocol in middleboxes and censorship infrastructure could be weaponized as a vector to stage reflected denial of service amplification attacks, surpassing many of the existing UDP-based amplification factors to date. Detailed by a group of academics from the University of Maryland and the University of Colorado Boulder at the USENIX Security Symposium, the volumetric attacks take advantage of TCP-non-compliance in-network middleboxes - such as firewalls, intrusion prevention systems, and deep packet inspection boxes - to amplify network traffic, with hundreds of thousands of IP addresses offering amplification factors exceeding those from DNS, NTP, and Memcached.

Researchers are warning internet censorship systems are ripe for abuse by a new type of distributed denial of service attack. The potential for abuse is concerning, researchers say, because attacks would take advantage of a type of reflection and amplification, which would be "Extremely detrimental to any network" if carried out.

A distributed denial-of-service attack earlier this year takes the top spot for the largest such incident, peaking at 17.2 million requests per second. The attack was recorded by Cloudflare's DDoS protection systems and accounted for almost 70% of all average rate for legitimate HTTP traffic for the second quarter of 2021.

Web infrastructure and website security company Cloudflare on Thursday disclosed that it mitigated the largest ever volumetric distributed denial of service attack recorded to date. "Within seconds, the botnet bombarded the Cloudflare edge with over 330 million attack requests," the company noted, at one point reaching a record high of 17.2 million requests-per-second, making it three times bigger than previously reported HTTP DDoS attacks.

Web infrastructure and website security company Cloudflare on Thursday disclosed that it mitigated the largest ever volumetric distributed denial of service attack recorded to date. "Within seconds, the botnet bombarded the Cloudflare edge with over 330 million attack requests," the company noted, at one point reaching a record high of 17.2 million requests-per-second, making it three times bigger than previously reported HTTP DDoS attacks.

Weaknesses in the implementation of TCP protocol in middleboxes and censorship infrastructure could be weaponized as a vector to stage reflected denial of service amplification attacks against any target, surpassing many of the existing UDP-based amplification factors to date. The research, which received a Distinguished Paper Award at the conference, is the first of its kind to describe a technique to carry out DDoS reflected amplification attacks over the TCP protocol by abusing middlebox misconfigurations in the wild, a method previously deemed effective at preventing such spoofing attacks.

Second quarter blocked DDoS attack volumes were up more than 40% compared to the same period in 2020, a Radware report reveals. The report provides an overview of DDoS attack trends by industry, as well as across applications and attack types.