ddos protection | Breaking Cybersecurity News | The Hacker News

Hackers are leveraging large number of compromised machines (a botnet network) to carry out massive DNS Flood DDoS attack against a large Video Gaming Industry website, peaking above 110 Gbps. A US based security solutions provider Incapsula , is protecting a famous Video Gaming website from this high bandwidth DDoS attack from last 48 Hours and according to them, the attack is still continuing. Incapsula has not yet disclosed the name of the video gaming company. "The attack is still going on - that over 48 hours by now, from what I see it ain't gonna stop anytime soon ," Incapsula spokesperson wrote in an e-mail to The Hacker News. DDoS AT 90 MILLION PACKETS/SECOND The researchers at the security firm noticed a surge of massive DNS Flood DDoS attack on one of its clients, peaking at approximately 90 Mpps (Million Packets Per Second), which is really a very very big number. Majority number of attacking IP addresses belong to China and India. " Good reason to think

Till Now the Internet was encountering the traditional Distributed Denial of Service (DDoS) attacks , where a large number of compromised systems use to flood servers with tremendous amount of bandwidth; but in past few months we have noticed massive change in the techniques of DDoS attack. Hackers are using creative, but evil DDoS techniques such as NTP and DNS Amplification DDoS attacks. Last month we have seen that how cybercriminals abused a vulnerability in one of the biggest Chinese video hosting website Sohu.com to convert their millions of visitors to participate into the Layer 7 (Application Layer) DDoS attack with 20 Million requests. According to the new report released by a US based security solutions provider Incapsula , another interesting DDoS attack activities have been noticed by the researchers in which an attacker abused two major anti-DDoS Service providers to perform massive DDoS attack on other websites. Its really EPIC that the services who should

Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now. How this will change – in a positive or negative direction – as artificial intelligence (AI) takes on a larger role in software development is one of the big uncertainties related to this brave new world. In an era where AI promises to revolutionize how we live and work, the conversation about its security implications cannot be sidelined. As we increasingly rely on AI for tasks ranging from mundane to mission-critical, the question is no longer just, "Can AI  boost cybersecurity ?" (sure!), but also "Can AI  be hacked? " (yes!), "Can one use AI  to hack? " (of course!), and "Will AI  produce secure software ?" (well…). This thought leadership article is about the latter. Cydrill  (a

The New Year begins with a new form of amplified Distributed Denial of Service (DDoS) Attack, a weapon for attackers to bring down websites and servers. As we have reported two weeks ago that the attackers are abusing the Network Time Protocol (NTP) servers to perform an amplified version of DDoS Attack on various targets across the world. Earlier this week a number of popular Gaming services, including League of Legends, EA.com and Battle.net from Blizzard were taken down by similar DDoS attack . 'Network Time Protocol (NTP)' is a distributed network clock time synchronization protocol that is used to synchronize computer clock times in a network of computers and runs over port 123 UDP. " The attacker sends a small spoofed 8-byte UDP packets are sent to the vulnerable NTP Server that requests a large amount of data (megabytes worth of traffic) be sent to the DDoS's target IP Address.  "Security Researcher, Wang Wai  detailed  in a previous article on 'The

Browser-based botnets are the T-1000s of the DDoS world. Just like the iconic villain of the old Judgment Day movie, they too are designed for adaptive infiltration. This is what makes them so dangerous. Where other more primitive bots would try to brute-force your defenses, these bots can simply mimic their way through the front gate. By the time you notice that something`s wrong, your perimeter has already been breached, your servers were brought down, and there is little left to do but to hang up and move on. So how do you flush out a T-1000? How do you tell a browser-based bot from a real person using a real browser? Some common bot filtering methods, which usually rely on sets of Progressive Challenges , are absolutely useless against bots that can retain cookies and execute JavaScripts. The alternative to indiscriminately flashing CAPTCHA's for anyone with a browser is nothing less than a self-inflicted disaster - especially when the attacks can go on for weeks a

Over 2011-2012 we've seen an increase in distributed denial-of-service (DDoS) attacks and other web attacks on SME's websites. Incapsula is one of the companies whose service is useful to protect your website from all threats and mitigate DDoS attacks which affect your websites, servers, databases, and other essential infrastructure. Incapsula is a cloud-based website security and performance service, including a PCI-certified cloud web application firewall and a content delivery network (CDN) for small and medium-sized businesses. We at ' The Hacker News ' got the chance to review the service using an Enterprise plan account. Really it takes I think 1-2 minutes to join the service and add this extra layer of virtual shield around your Website. You have to make a simple DNS settings change in your domain panel. Your site traffic is then routed through Incapsula's global network of high-powered servers. Incoming traffic is analyzed and a security layer is a

Russian anti-virus company Doctor Web is warning users about the malicious program which is helping attackers carry out mass spam mailings and allow attacker to use victim's PC as slave of his DDOS Army. According to researchers from the company they have discovered a Trojan " Trojan.Proxy.23012 " application that uses a rare method of distribution through peer networks. " The botnet, consisting of Trojan.Proxy.23012-infected computers, is used by criminals to control proxy servers for the purpose of using them to send spam upon command ". An example of such a spam message is shown in the screenshot below. This Malware work as: 1.) Using peer to peer network it will download the executable file and that will be a encrypted malicious module. A very interesting algorithm used by the Trojan to download the infected computer other malware. 2.) After successfully decrypt it launches another module that reads the image in computer memory or other malicious applica

Are you running Linux just because you think it's safer than Windows? Think again. Sure, security is a built-in   feature and extends right from the Linux kernel to the desktop, but it still leaves enough room to let someone muck about with your /home folder. Linux might be impervious to viruses and worms written for Windows, but that's just a small subset of the larger issue. Attackers have various tricks up their sleeves to get to those precious bits and bytes that make up everything from your mugshot to your credit card details. Computers that connect to the internet are the ones most exposed to attackers, although computers that never get to see online action are just as vulnerable. We have a small and enough very fast solution for Hardning the security of your Linux machine in few seconds using  Server Shield , It is a lightweight method of protecting and hardening your Linux server. It is easy to install, hard to mess up, and makes your server instantly and effortle

With over 140,000 known computer viruses and 85,000,000 spam emails sent out each day, the likelihood of your PC coming into contact with malware such as viruses, worms, and spyware is almost guaranteed. It is very important to secure your computer just like you would secure your house or car. Your computer can be completely taken over without your permission or knowledge if it is vulnerable and connected to the Internet. Hackers constantly scan the Internet looking for vulnerable hosts, and a computer can be infected by a worm or virus within 15 minutes of connecting to the Internet if certain precautions are not taken. You can avoid most common infections by taking just a few steps, Here is an overview of PC security best practices and tips - " HackerProof : Your Guide To PC Security " This 53 page guide provides an objective, detailed, but easily understood walk through of PC security. By the end of this guide, you will know exactly what PC security means an

As warned by Izz ad-Din al-Qassam Cyber Fighters They launched another distributed denial-of-service (DDOS) attack against the website of Regions Financial Corp (regions.com) and SunTrust. The computer attacks burden the bank websites with heavy traffic volume that causes slow service for the sites or makes them completely unavailable. In a Pastebin post dated Oct. 8, the hacktivist group announced the planned Oct. 9 attack against Capital One, the Oct. 10 attack against SunTrust and an Oct. 11 takedown date for Regions Financial Corp and THEY DID IT. SunTrust ( suntrust.com ) spokesman Michael McCoy confirmed SunTrust's site had been hit by an uptick in traffic. "We have seen increased online traffic today and experienced intermittent service availability of some online functions," he said. A couple of days ago, Regions representatives told Fox Business that the organization was aware of the threats. At the time, they claimed they were "taking every mea

Capital One Financial Corp. said it's the latest target in a new round of coordinated cyber attacks aimed at disrupting the websites of major U.S. banks, and SunTrust Banks Inc. and Regions Financial Corp. said they expect to be next. The so-called "Izz ad-Din al-Qassam Cyber Fighters" posted a specific timetable for its attack program on PasteBin.com, a website commonly used by hackers to brag about exploits. Izz ad-Din al-Qassam also threatened to pursue more cyber attacks next week and has long said it will not stop until the video is removed from the Internet. American banks will reportedly face a massive cyberattack in coming weeks. A Russian-speaking hacker is organizing a massive trojan attack based around fraudulent wire transfers--and American banks appear to be at the center of the raid. In the past, such attacks have sometimes caused websites to slow to a crawl or become inaccessible for some users; however, the impact cannot be gauged in advance. The same gr

Anonymous Group taken down several Greek government websites, on the eve of a visit by German Chancellor Angela Merkel. Hackers Hack several sites including those of the Citizens Protection Ministry, the police and the Ministry of Justice. A message appeared saying: " The page cannot be found ". In a message posted on YouTube, Anonymous criticized the huge security operation that police plan for Tuesday to contain protests against Merkel, comparing the government to the military junta that ruled Greece from 1967 to 1974. Police could not confirm who was responsible for the attack, which Anonymous claimed in a series of Tweets on the social media site Twitter. Trade unions and opposition political parties have called for mass protests to greet the German chancellor, whom many Greeks accuse of unfairly forcing them down the path of painful austerity and driving the country even deeper into recession.

A hacker group " Kosova Hacker's Security " based in the Middle East take down Interpol website yesterday. According to claim of Hackers, they are doing this cyber attack on a law enforcement agency to show their protest against the controversial Anti-Islam film, Innocence of Muslims. According to the mail notification from Hackers, they claim to DDOS Interpol servers including DNS servers also with a Botnet army of 770 Bots. In more technical terms, hackers are DDOSing Interpol servers with 770 Bots and 65500 packets/second. Interpol website (  https://www.interpol.int/  ) server 193.22.7.16:80 and DNS server 193.22.7.80:53 was under attack by these hackers. At the time of writing this article, may be the website is working fine. On asking, How they got 770 Bots ? Hacker give a screenshot ( shown above ) of the Exploit pack they are using to infect computers and to make them slave of their Botnet weapon. Recently the six major American banks suffered de

Hacker groups that are against the controversial Cybercrime Prevention Law for its effect on the country's freedom of expression defaced 11 more government websites since 11 p.m. Monday A message which said, " Hacked by M4N1L4 PR1D3, PHILIPPINE CYBER ARMY AND -=TheFamilyPride=- ," appeared on the homepage of PNP's Police Community Relations Group (PCRG). "Private X" and "Anonymous Philippines" hacked websites of the Department of Interior and Local Government, the One-Stop Information Shop for Technologies in the Philippines of the Department of Science and Technology, National Telecommunications Commission (NTC), Philippine Nuclear Institute, Intellectual Property Office of the Philippines, Tourism website of the City of San Fernando, Optical Media Board, Pilipinas Anti-Piracy Team, Department of Health's Smoke Free Philippines, Marina Industry Authority and the Maritime Training Council. The Twitter account of the Department of Social Welfare and Services was

According to reports, some of the United States biggest financial institutions  including Wells Fargo, JPMorgan Chase, Bank of America, Citigroup, and Bancorp were hit by a series of cyber attacks last week, by a group claiming Middle Eastern ties, that caused Internet blackouts and delays in online banking. The banks suffered denial-of-service attacks, in which hackers barrage a website with traffic until it is overwhelmed and shuts down. Such attacks, while a nuisance, are not technically sophisticated and do not affect a company's computer network or, in this case, funds or customer bank accounts. Hacktivists, calling themselves " Mrt. Izz ad-Din alQasssam Cyber Fighters ," attacked Wells Fargo and posted on Pastebin that U.S. Bancorp and PNC Financial Services Group are next. The group said it had attacked the banks in retaliation for an anti-Islam video that mocks the Prophet Muhammad. It also pledged to continue to attack American credit and financial instit

GoDaddy.com, which hosts millions of websites mostly for small businesses, said Monday it was investigating an outage that had knocked some of its customers offline. A hacker using the " Anonymous Own3r " Twitter account claimed credit for the outage, " Hello https://godaddy.com/ now yes! all servers #tangodown by @AnonymousOwn3r ," a tweet said. We talk with  Anonymous Own3r to find out the way he used to take down this giant server. Hacker said," I am using thousand of Hacked server as bots to perform the attack. Sending dos attack commands using IRC  to all of them together. I just upload IRC connect on each server to control my every slave by commands ." On further talk, we came to know that he use  DDOS IRC Bot script , available on Pastebin . Its really easy to use, hack randomly hundreds of Servers online and upload your Script. Now just via IRC you can control your slaves to perform a huge DDOS attack. Email services from the company, and GoDaddy

A team of researchers has discovered a weakness in the command-and-control infrastructure of one of the major DDoS toolkits, Dirt Jumper, that enables them to stop attacks that are in progress. The command and control (C&C) servers of the Dirt Jumper DDoS toolkit can be compromised and, in principle, completely taken over via SQL injection holes. SQL injection involves inserting database instructions in unexpected and unprotected places, effectively taking charge of a web application's database from the outside. According to the Prolexic report, the open source penetration testing tool sqlmap can be used to dump the contents of Dirt Jumper's database configuration file in a matter of seconds, revealing administrative usernames and passwords. The company's research includes Dirt Jumper v.3, Pandora and Di BoT. According to Prolexic, the Dirt Jumper family of DDoS botnet kits was originally authored by an individual who uses the handle 'sokol.' Various versions of Dir

Dmitry Olegovich Zubakha, a  Russian  man accused of launching distributed-denial-of-service (DDOS) attacks on Amazon.com, has been arrested this week by authorities in Cyprus based on an international warrant, the Department of Justice revealed. Zubakha, a native of Moscow, was indicted for two denial of service attacks in 2008 on the Amazon.com website. The indictment, unsealed Thursday, also details denial of service attacks on Priceline.com and eBay. " Orders from Amazon.com customers dropped significantly, as legitimate customers were unable to access the website and complete their e-commerce transactions during the pendency of the attack ," read an indictment unsealed in district court in western Washington on Thursday. The botnet involved requested "large and resource-intensive web pages" on a magnitude of between 600 and 1,000 percent of normal traffic levels, according to the indictment. The hacker is charged with conspiracy to intentionally cause damage

Zemra Botnet Leaked, Cyber Criminals performing DDoS Attacks The Zemra DDoS Bot is currently sold in various forums for about 100 € and detected by Symantec as Backdoor.Zemra . Zemra first appeared on underground forums in May 2012. This crimeware pack is similar to other crime packs, such as Zeus and SpyEye, in that is has a command-and-control panel hosted on a remote server. Zemra uses a simple panel with an overview of all statistics is needed.With the help of two graphs can be seen operating machinery and the region location.In addition, statistics on online and for more information. You have a chance to see everything online Socks5 and export them to the list.Traffic is encrypted and protected using the algorithm AES, each client communicates with a unique generated key. Note : In " Tools Yard " we have Posted Zemra Source Code , Only for Educational Purpose. A brief functional: • Intuitive control panel • DDos (HTTP / SYN Flood / UDP) • Loader (Load and ru

The tale of LulzSec  two admits targeting websites Two British members of the notorious Lulz Security hacking collective have pleaded guilty to a slew of computer crimes, in the latest blow against online troublemakers whose exploits have grabbed headlines and embarrassed governments around the world. LulzSec members Ryan Cleary , 20, and Jake Davis , 19, pleaded guilty in a London court to launching distributed denial of service (DDoS) attacks last year against several targets, including the CIA, the Arizona State Police, PBS, Sony, Nintendo, 20th Century Fox, News International and the U.K.'s Serious Organized Crime Agency and National Health Service Ryan Cleary is from Essex, United Kingdom who was arrested by Metropolitan Police on June 21 2011 and charged with violating the Computer Misuse Act and the Criminal Law Act 1977. He was accused of being a member of LulzSec but was not a member of the said group although he admitted that he did run one of the IRC channels that t

Anonymous hater takes credit for Pirate Bay and Wikileaks Ddos Attack WikiLeaks and Swedish BitTorrent file-sharing site Pirate Bay were reportedly battling Distributed Denial-of-Service (DDoS) attacks for several days earlier this week. The user, who goes by the Twitter handle @AnonNyre, has been riling up members of the hacktivist group and supporters of TPB with a series of angry posts on Twitter, to the extent that Anonymous supporters are now demanding to get in contact with him over the social network. WikiLeaks tweeted the status of its Web site a short while ago: " WikiLeaks has been under sustained DDOS attacks over the last 72 hours. https://www.wikileaks.org is good, https://wikileaks.org is flooded ". " We're mirroring the #WikiLeaks website, in case you can't reach it. https://wl.wikileaks-press.org, " reads the final. AnonNyre also later posted on Pastebin , claiming that he works for the FBI and wants to take TPB website down because it is &