Security News

Citrix has confirmed today that an ongoing 'DDoS attack pattern' using DTLS as an amplification vector is affecting Citrix Application Delivery Controller networking appliances with EDT enabled. Reports of the attack have started trickling in on December 21st, with customers reporting an ongoing DDOS amplify attack over UDP/443 against Citrix Gateway devices.

That machine-to-machine communication, right? As you speed that up, and you speed up that attacker machine-to-machine communication, you really can start to up-level the ability to conduct these denial of service attacks. While they may be not have been necessarily as in fashion, we're seeing that the ransomware trends, and some of those more, you will probably see a resurgence or DDoS attacks is there, but you crank into, and leverage the increased speed, and the increased dependency on IoT devices in a way that we maybe haven't seen them as monetized in the past, connectivity, ransom against connectivity, rather than ransomware files.

One of the operators behind a Mirai botnet pleaded guilty to their involvement in a huge DDoS attack that caused a massive Internet disruption during October 2016. The botnet, a variant of the Mirai botnet, was developed by the defendant with the help of others between roughly 2015 until November 2016, specifically for being used to target gaming platforms in DDoS attacks.

With the COVID-19 pandemic leading us all to depend on online services like we never have before, a DDoS attack that takes operations offline can have very serious and long-term consequences for a business. Add to this the huge surge in DDoS attacks this year, with assaults getting bigger, more powerful and disruptive, and it's clear security leaders need to urgently get to grips with how to deal with them.

Carnegie Mellon University PhD student Aqsa Kashaf and her advisors Dr. Vyas Sekar and Dr. Yuvraj Agarwal have analyzed third party service dependencies in modern web services, with a special focus on DNS, CDN, and SSL certificate revocation checking by CA. Their research was meant to determine if incidents like the 2016 Dyn DDoS attack, the 2016 GlobalSign certificate revocation error and the 2019 Amazon Route 53 DDoS attack would lead to similar results in 2020. "6% of the top-100K websites that were critically dependent in 2016, have moved to a private DNS in 2020. On the other hand, 10.7% of the websites which used a private DNS in 2016, have moved to a single third party DNS provider. Between these snapshots, redundancy has remained roughly similar. Overall, critical dependency has increased by 4.7% in 2020. More popular websites have decreased their critical dependency," they noted.

A 22-year-old North Carolina man has been sentenced to nearly eight years in prison for conducting bomb threats against thousands of schools in the U.S. and United Kingdom, running a service that launched distributed denial-of-service attacks, and for possessing sexually explicit images of minors. Timothy Dalton Vaughn from Winston-Salem, N.C. was a key member of the Apophis Squad, a gang of young ne'er-do-wells who made bomb threats to more than 2,400 schools and launched DDoS attacks against countless Web sites - including KrebsOnSecurity on multiple occasions.

Amidst all the different types of cyberthreats, distributed denial of services attacks don't typically strike as much fear as do ransomware and malware, but a concerted DDoS attack can wreak major havoc. Further, DDoS attacks have become more dangerous and challenging as they've adopted a range of innovative tactics.

Google revealed last week that its infrastructure was targeted in a record-breaking distributed denial-of-service attack back in September 2017. In terms of bits per second, Google spotted the largest attack in September 2017.

The actor targeted thousands of Google IP addresses at the same time and used several attack methods in a campaign that span across multiple months. Google did not attribute the attack to a particular actor but said that the bad UDP packets hurled at its systems came from devices using several Chinese internet service providers.

I think my husband's arrived at like, 1:30 or something in the morning, Thursday morning, so they kind of sent this out under cover of darkness, which I'm sure they want to minimize the publicity around it, but that's not going to happen because it's Barnes and Noble. Over the weekend, the Nook e-book reader - which my mom has one of those and they're kind of awesome - but the syncing feature for that went down and there was this outage that continued and it just kind of trended on a low level, nobody really knew what was going on.