A team of Chinese academics has found a new way to abuse HTTP packets to amplify web traffic and bring down websites and content delivery networks (CDNs). Named RangeAmp, this new Denial-of-Service (DoS) technique exploits incorrect implementations of the HTTP “Range Requests” attribute. HTTP Range Requests are part of the HTTP standard and allow clients (usually browsers) to request only…
The scourge of distributed denial-of-service (DDoS) attacks has been a major concern for businesses and governments for more than two decades. First reported in 1996, this is a destructive and ever-evolving vector of cyber raids that knocks electronic networks offline by flooding them with the traffic they can’t handle. Not only is DDoS a way for hacktivists to manifest protest…
A previously unknown SQL injection vulnerability in the Sophos XG Firewall gave hackers access to customers’ local usernames and hashed passwords for several days. The Abingdon, U.K.-based platform security vendor said it learned late Wednesday of an attack against its physical and virtual XG Firewall units when a suspicious field value was discovered inside the device’s management interface. The attack…
There is no escaping it. COVID-19 is dominating headlines and has impacted virtually every corner of the world. Like most people at this point, I’m 30 days into isolation and trying everything in my power to ignore the elephant in the room and the politics that go along with it. Unfortunately, or fortunately, cyber security is an essential business. As…
US Health Agencies Are Fending off DDoS Attacks and Disinformation Campaigns in the Midst of a Pandemic Unfettered by social distancing measures or economic concerns, cyber threat actors are taking full advantage of opportunities created by the coronavirus pandemic. United States health agencies are being tested by distributed denial of service (DDoS) attacks and social media disinformation campaigns as they…
There has been a 168% increase in DDoS attacks in Q4 2019, compared with Q4 2018, and a 180% increase overall in 2019 vs. 2018, according to Neustar. The company saw DDoS attacks across all size categories increase in 2019, with attacks sized 5 Gbps and below seeing the largest growth. These small-scale attacks made up more than three quarters…
As the cryptocurrency industry continues to mature, security remains a major challenge. Over the last few weeks, a number of cryptocurrency exchanges — namely, OKEx, Bitfinex, Digitex and Coinhako — have experienced security breaches. Although the attackers apparently did not manage to steal any funds, one of the incidents resulted in a leak of Know Your Customer data. All of…
A DDoS attack — which stands for “distributed denial of service” — is a type of cyberattack that hijacks innocent users’ computers in order to attack a website and render it temporarily inaccessible or inoperable. In such an attack, the targeted website is flooded with fake user requests, so many of them that they cannot handle the traffic. The site…
The head of Iran Civil Defense has accused Washington of the latest large-scale cyber-attack that targeted Iranian infrastructure. The coordinated Distributed Denial of Service (DDoS) attack affected two mobile operators and partially shut down Iran’s internet for hours. Iranian officials said they stopped the DDoS attack after activating Iran’s digital fortress DZHAFA shield. He added that the frequent cyber-attacks had…
With over 23,000 recorded attacks per day, customer-facing enterprise services are bearing the brunt of attacks. Two-thirds of customer-facing enterprise systems are bearing the majority of Distributed Denial-of-Service (DDoS) attacks, of which 8.4 million were recorded in 2019 alone. DDoS attacks are aimed at disrupting online services. A flood of illegitimate traffic is generated by PCs, Internet of Things (IoT),…
