DDoS Attacks | Breaking Cybersecurity News | The Hacker News

Minecraft, with over 500 million registered users and 166 million monthly players, faces significant risks from distributed denial-of-service (DDoS) attacks, threatening server functionality, player experience, and the game's reputation. Despite the prevalence of DDoS attacks on the game, the majority of incidents go unreported, leaving a gap in awareness and protection. This article explains what happens to a Minecraft server during a DDoS attack and how to protect against such attacks. For an in-depth version of the article,  check out this white paper . When Creepers Breach: What Happens When an Attack Is Successful When a Minecraft server is hit with a DDoS attack, players may have problems with logging in to servers, loading worlds, navigating biomes, using tools, and chatting. They can also experience general lags, disconnections, timeouts, or server crashes. These in-game disruptions can ruin the gaming experience for players while causing financial and reputational losses to

The most recent  Gcore Radar report  and  its aftermath  have highlighted a dramatic increase in DDoS attacks across multiple industries. At the beginning of 2023, the average strength of attacks  reached 800 Gbps , but now, even a peak as high as 1.5+ Tbps is unsurprising. To try and break through Gcore's defenses, perpetrators made two attempts with two different strategies. Read on to discover what happened and learn how the security provider stopped the attackers in their tracks without affecting end users' experiences. A Powerful DDoS Attacks In November 2023, one of Gcore's customers from the gaming industry was targeted by two massive DDoS attacks, peaking at 1.1 and 1.6 Tbps respectively. The attackers deployed various techniques in an unsuccessful attempt to compromise Gcore's protective mechanisms. Attack #1: 1.1 Tbps UDP-based DDoS In the first cyber assault, the attackers sent a barrage of UDP traffic to a target server, peaking at 1.1 Tbps. Two methods were employed:

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.

Cloudflare on Thursday said it mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks that exploited a recently disclosed flaw called  HTTP/2 Rapid Reset , 89 of which exceeded 100 million requests per second (RPS). "The campaign contributed to an overall increase of 65% in HTTP DDoS attack traffic in Q3 compared to the previous quarter ," the web infrastructure and security company said in a report shared with The Hacker News. "Similarly,  L3/4 DDoS attacks  also increased by 14%." The total number of HTTP DDoS attack requests in the quarter surged to 8.9 trillion, up from 5.4 trillion in Q2 2023 and 4.7 trillion in Q1 2023. The number of attack requests in Q4 2022 stood at 6.5 trillion. HTTP/2 Rapid Reset (CVE-2023-44487) came to light earlier this month following an industry-wide coordinated disclosure that delved into DDoS attacks orchestrated by an unknown actor by leveraging the flaw to target various providers such as

A hacktivist group known as  Mysterious Team Bangladesh  has been linked to over 750 distributed denial-of-service (DDoS) attacks and 78 website defacements since June 2022. "The group most frequently attacks logistics, government, and financial sector organizations in India and Israel," Singapore-headquartered cybersecurity firm Group-IB said in a report shared with The Hacker News. "The group is primarily driven by religious and political motives." Some of the other targeted countries include Australia, Senegal, the Netherlands, Sweden, and Ethiopia. In addition, the threat actor is said to have gained access to web servers and administrative panels, likely by exploiting known security flaws or poorly-secured passwords. Mysterious Team Bangladesh, as the name indicates, is suspected to be of Bangladeshi origin. "We are working to protect Our Bangladesh Cyberspace," the group's Intro on Facebook  reads . The group has an active social media pre

A nascent Linux-based botnet named Enemybot has expanded its capabilities to include recently disclosed security vulnerabilities in its arsenal to target web servers, Android devices, and content management systems (CMS). "The malware is rapidly adopting one-day vulnerabilities as part of its exploitation capabilities," AT&T Alien Labs  said  in a technical write-up published last week. "Services such as VMware Workspace ONE, Adobe ColdFusion, WordPress, PHP Scriptcase and more are being targeted as well as IoT and Android devices." First disclosed by  Securonix  in March and later by  Fortinet , Enemybot has been linked to a threat actor tracked as Keksec (aka Kek Security, Necro, and FreakOut), with early attacks targeting routers from Seowon Intech, D-Link, and iRZ. Enemybot, which is capable of carrying out  DDoS attacks , draws its origins from several other botnets like Mirai, Qbot, Zbot, Gafgyt, and LolFMe. An analysis of the latest variant reveals

Github – the popular code sharing website used by programmers to collaborate on software development – again became a victim of a distributed-denial-of-service (DDoS) attack on Tuesday morning. The attack came just a few months after the popular code repository website GitHub suffered a massive DDoS attack, which was linked to China. Also Read: China Using A Powerful 'Great Cannon' Weapon to Censor The Internet The company was made aware of the issue early on Tuesday. After investigating the problem, the team discovered that the service was under a new DDoS attack. The code repository disclosed the new attack on its status page as well as its official Twitter account. "The connectivity problems have been identified as a DDoS attack. We're working to mitigate now," GitHub status log read early on Tuesday. The March DDoS attack against GitHub lasted close to a week . At the time, the attackers used malicious JavaScript to hijack Internet

U.S. and European law enforcement agencies have shut down a highly sophisticated piece of the botnet that had infected more than 12,000 computers worldwide , allowing hackers to steal victims' banking information and other sensitive data. The law enforcement agencies from the United States, United Kingdom and the European Union conducted a joint operation to get rid of the botnet across the globe and seized the command-and-control server that had been used to operate the nasty Beebone (also known as AAEH ) botnet . What's a Botnet? A botnet is a network of large number of computers compromised with malicious software and controlled surreptitiously by hackers without the knowledge of victims. Basically, a "botnet" is a hacker's "robot" that does the malicious work directed by hackers. Hackers and Cyber Criminals have brushed up their hacking skills and started using Botnets as a cyber weapon to carry out multiple crimes such as DDoS attacks

Users running the website on a self-hosted WordPress or on Drupal are strongly recommended to update their websites to the latest version immediately. A moderately critical vulnerability was discovered in the way Drupal and WordPress implement XMLRPC, which can lead an attacker to disable your website via a method known as Denial of Service (DoS) . VULNERABILITY RESULTS IN DoS ATTACK The latest update of WordPress 3.9.2 mainly addresses an issue in the PHP's XML processor that could be exploited to trigger a DoS (denial of service) attack . The vulnerability affects all previous versions of WordPress. The XML vulnerability was first reported by Nir Goldshlager , a security researcher from Salesforce.com's product security team, that impacts both the popular website platforms. The issue was later fixed by Michael Adams and Andrew Nacin of the WordPress security team and David Rothstein of the Drupal security team. ATTACK MAKES YOUR WEBSITE COMPLETELY INACCES

The Distributed Denial of Service ( DDoS ) attack has become more sophisticated and complex and therefore has become one of the favorite weapon for the cyber criminals to temporarily suspend the services of any host connected to the Internet and till now nearly every big site had been a victim of this attack, from WordPress to online game websites. According to the new report released by a US based security solutions provider  Incapsula , DDOS activities have become threefold since the start of the year 2013, pointing the key source of trash traffic to be the remotely controlled " zombie army " that can be used to flood various websites by DDoS attacks and other malicious activities. The report site as " DDOS Threat Landscape ", explains that almost one in every three DDoS attacks is above 20Gbps and 81% of attacks feature multiple vector threats. The attackers are becoming more skillful at working around the network security and reusing their DDOS Botnets to attack multi

The Russian anti-virus vendor Doctor Web has found a new malicious program for Android which allows hacker groups to carry out mobile denial of service attacks. While it's not entirely clear how the Trojan is spread, researchers suspect that the attackers use social engineering tactics since the malware appears to disguise itself as a Google Play clone. This malware works in the background without your knowledge. Once it is activated it searches for its command and control center and sends out information regarding your device there. One piece of information that will be sent is your phone number. The criminals will be using this number to send text messages to your phone to control the malware. Dubbed TheAndroid.DDoS.1.origin, creates an application icon, similar to that of Google Play. If the user decides to use the fake icon to access Google Play, the application will be launched. When it receives a DDoS attack command, the malware starts to send data packets to the sp

Anonymous, a loosely affiliated group of Internet vigilantes, has claimed responsibility for various Internet attacks against organizations perceived as hostile to WikiLeaks. Today, the group sought to portray itself as more focused on symbolic protest rather than outright disruption. These claims come amid reports that the online payment site Moneybookers was taken offline by a distributed denial of service (DDoS) attack launched by Anonymous members. In a statement released today, Anonymous organizers contended that they are not a group of hackers but a "gathering" of average Internet citizens. "We do not want to steal your personal information or credit card numbers. We also do not seek to attack critical infrastructure of companies such as Mastercard, Visa, PayPal, or Amazon," the statement read. Instead, the focus has been on attacking corporate websites or the online "public face" of companies seen as anti-WikiLeaks. The group described these acti

"Operation Payback" is evolving, as attackers have initiated a fax-based campaign against companies that severed ties with WikiLeaks. Hacktivists from the group "Anonymous" are urging members to send faxes to Amazon, MasterCard, PayPal, Visa, Tableau Software, and Moneybookers. This action aims to create a fax-based version of denial-of-service attacks, according to Netcraft. Over the past few days, the group has launched distributed-denial-of-service (DDoS) attacks against websites of several companies and organizations, including MasterCard and Visa. Paul Mutton from Netcraft blogged, "This latest campaign by the Anonymous group is analogous to the distributed denial of service attacks it has been carrying out against websites over the past week. In essence, this has turned into a DDoS attack against fax machines. The group started the fax-attacks on Dec. 13 at 13:00 GMT and published a list of target fax numbers in their call to arms." "The Anon

A Dutch hacker collective called Revspace aims to "re-educate" Dutch teens suspected of cyberattacks against Mastercard, Visa, and the Dutch National Prosecutors Office, transforming them into "ethical hackers." Last week, Dutch police arrested a 16-year-old boy for participating in web attacks against MasterCard and Visa as part of a grassroots effort to support WikiLeaks. On Saturday, another teenager was arrested in Hoogezand-Sappemeer for admitting to flooding the website of the Dutch prosecutor. The 19-year-old, known online as Awinee, reportedly encouraged others to join the attack. The teen was released today. Martijn Gonlag, who admitted to using the tool, claimed he only wanted to test software and did not support Wikileaks. Both arrests were straightforward because the teenagers used LOIC (Low Orbit Ion Cannon), a tool that lacks security features like anonymization. The attackers' IP addresses were visible in all packets sent during the attacks, as

Dutch authorities announced the arrest of a 16-year-old hacker involved in the pro-WikiLeaks attacks on the websites of MasterCard and PayPal. The Dutch National Prosecutors Office reported that the teen, whose name was not disclosed, was arrested by a high-tech crime team last night. The arrest follows a series of attacks organized by the group known as Anonymous. This group has previously targeted entities such as the Church of Scientology and the Australian government. Recently, they launched distributed denial-of-service (DDoS) attacks on companies distancing themselves from WikiLeaks. These attacks use thousands of computers to overwhelm a target by making simultaneous connections. Yesterday, Visa.com was briefly taken offline, though the company assured CNET that no payments or transactions were affected. MasterCard.com was also unreachable in the morning. Additionally, the website for the Swedish prosecution agency, which is seeking the extradition of WikiLeaks editor Julian A

WikiLeaks' main website became inaccessible on Friday via its WikiLeaks.org domain after EveryDNS.net, a subsidiary of Dynamic Network Services, terminated its domain name service. EveryDNS.net terminated the WikiLeaks.org domain due to repeated Distributed Denial of Service (DDOS) attacks. These attacks threatened the stability of EveryDNS.net's infrastructure, which supports nearly 500,000 other websites. This information was stated on EveryDNS.net's website. EveryDNS.net notified WikiLeaks via email, Twitter, and the chat function on the WikiLeaks.org website that its domain name service would be terminated within 24 hours. This period ended on Dec. 2 at 10 p.m. Eastern Standard Time in the U.S. EveryDNS.net remarked, "Any downtime of the Wikileaks.org website has resulted from its failure to use another hosted DNS service provider." In response, WikiLeaks tweeted, "WikiLeaks.org domain killed by U.S. EveryDNS.net after claimed mass attacks," urging su

WikiLeaks faced another distributed denial of service (DDoS) attack on Tuesday morning, as reported by Fast Company. This attack was more intense than the one on Sunday, but it still didn't come close to shutting down the site. A computer hacker known as "The Jester" shocked officials by claiming responsibility for the cyber attack that disabled the WikiLeaks website on Sunday morning. This incident occurred just before WikiLeaks released hundreds of thousands of classified U.S. embassy cables to the public. The Jester, an ex-soldier, justified his hacking by accusing the website of "attempting to endanger the lives of our troops, 'other assets,' and foreign relations." The self-proclaimed "hacktivist for good" turned to the web to combat terrorism and organizations that seem to support Islamic extremism after his military service. Cybersecurity expert Mikko Hypponen of F-Secure told CNN he believed The Jester was indeed behind the attack. WikiLeaks