#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Search results for DNS amplification | Breaking Cybersecurity News | The Hacker News

New Rapidly-Growing IoT Botnet Threatens to Take Down the Internet

New Rapidly-Growing IoT Botnet Threatens to Take Down the Internet

Oct 21, 2017
Just a year after Mirai —biggest IoT-based malware that caused vast Internet outages by launching massive DDoS attacks—completed its first anniversary, security researchers are now warning of a brand new rapidly growing IoT botnet. Dubbed ' IoT_reaper ,' first spotted in September by researchers at firm Qihoo 360, the new malware no longer depends on cracking weak passwords; instead, it exploits vulnerabilities in various IoT devices and enslaves them into a botnet network. IoT_reaper malware currently includes exploits for nine previously disclosed vulnerabilities in IoT devices from following manufactures: Dlink (routers) Netgear (routers) Linksys (routers) Goahead (cameras) JAWS (cameras) AVTECH (cameras) Vacron (NVR) Researchers believe IoT_reaper malware has already infected nearly two million devices and growing continuously at an extraordinary rate of 10,000 new devices per day. This is extremely worrying because it took only 100,000 infected devices
Largest Ever 400Gbps DDoS attack hits Europe uses NTP Amplification

Largest Ever 400Gbps DDoS attack hits Europe uses NTP Amplification

Feb 12, 2014
The Distributed Denial of Service (DDoS) attack is the one of favourite weapon for the hackers to temporarily suspend services of a host connected to the Internet and till now nearly every big site had been a victim of this attack. Since 2013, Hackers have adopted new tactics to boost Distributed Denial of Service attack sizes, which is known as ' Amplification Attack ', that provide the benefits of obscuring the source of the attack, while enabling the bandwidth to be used to multiply the size of the attack. Just yesterday, hackers have succeeded in reaching new heights of the massive DDoS attack targeting content-delivery and anti-DDoS protection firm CloudFlare , reaching more than 400Gbps at its peak of traffic, striking at the company's data servers in Europe. " Very big NTP reflection attack hitting us right now. Appears to be bigger than the #Spamhaus attack from last year. Mitigating ," CloudFlare CEO Matthew Price said in a tweet. " Someone's got a big, new can
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
Reflection DDoS Attacks Using Millions of UPnP Devices on the Rise

Reflection DDoS Attacks Using Millions of UPnP Devices on the Rise

Oct 17, 2014
After successful in launching reflection and amplification Distributed Denial-of-Service (DDoS) attacks by abusing various protocols such as DNS, NTP and SMTP, hackers are now abusing Simple Service Discovery Protocol (SSDP) – part of the UPnP protocol standard – to target home and office devices, researchers warned. SSDP is a network protocol based on the Internet Protocol Suite that comes enabled on millions of networked devices, such as computers, printers, Internet gateways, Router / Wi-Fi access points, mobile devices, webcams, smart TVs and gaming consoles, to discover each other and automatically establish working configurations that enable data sharing, media streaming, media playback control and other services. FLAW IN UPnP USED IN AMPLIFICATION DDoS ATTACK Prolexic Security Engineering & Response Team (PLXsert) at Akamai Technologies have issued a warning that the devices use in residential or small office environments are being co-opted into reflection
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
1.7 Tbps DDoS Attack — ​Memcached UDP Reflections Set New Record

1.7 Tbps DDoS Attack — ​Memcached UDP Reflections Set New Record

Mar 06, 2018
The bar has been raised. As more amplified attacks were expected following the record-breaking 1.35 Tbps Github DDoS attack , someone has just set a new record after only four days — 1.7 Tbps DDoS attack. Network security and monitoring company Arbor Networks claims that its ATLAS global traffic and DDoS threat data system have recorded a 1.7Tbps reflection/amplification attack against one of its unnamed US-based customer's website. Similar to the last week's DDoS attack on GitHub, the massive bandwidth of the latest attack was amplified by a factor of 51,000 using thousands of misconfigured Memcached servers exposed on the Internet. Memcached, a popular open source distributed memory caching system, came into news earlier last week when researchers detailed how attackers could abuse it to launch amplification DDoS attack by sending a forged request to the targeted Memcached server on port 11211 using a spoofed IP address that matches the victim's IP. A few b
Over 20Gbps DDoS attacks Now Become Common for Hackers

Over 20Gbps DDoS attacks Now Become Common for Hackers

Mar 30, 2014
The Distributed Denial of Service ( DDoS ) attack has become more sophisticated and complex and therefore has become one of the favorite weapon for the cyber criminals to temporarily suspend the services of any host connected to the Internet and till now nearly every big site had been a victim of this attack, from WordPress to online game websites. According to the new report released by a US based security solutions provider  Incapsula , DDOS activities have become threefold since the start of the year 2013, pointing the key source of trash traffic to be the remotely controlled " zombie army " that can be used to flood various websites by DDoS attacks and other malicious activities. The report site as " DDOS Threat Landscape ", explains that almost one in every three DDoS attacks is above 20Gbps and 81% of attacks feature multiple vector threats. The attackers are becoming more skillful at working around the network security and reusing their DDOS Botnets to attack multi
BitTorrent Fixes Reflective DDoS Attack Security Flaw

BitTorrent Fixes Reflective DDoS Attack Security Flaw

Aug 28, 2015
Two weeks ago, we reported how a serious flaw in the popular peer-to-peer BitTorrent file sharing protocols could be exploited to carry out a devastating distributed denial of service (DDoS) attack, allowing lone hackers with limited resources to take down large websites. Good news is that the developers of BitTorrent have fixed the security issue in its service that is being used by hundreds of Millions of users worldwide. In a blog post published Thursday, BitTorrent announced that the flaw was resided in a reference implementation of the Micro Transport Protocol (uTP) called libuTP , which is used by many widely used BitTorrent clients such as μTorrent , Vuze and Mainline . The San Francisco company also announced that it has rolled out a patch for its libuTP software that will stop miscreants from abusing the p2p protocol to conduct Distributed Reflective Denial-of-Service (DRDoS) attacks. DRDoS attack is a more sophisticated form of conventional DDoS att
How to Exploit BitTorrent for Large-Scale DoS Attacks

How to Exploit BitTorrent for Large-Scale DoS Attacks

Aug 17, 2015
A flaw discovered in several widely used BitTorrent applications, including uTorrent, Vuze and Mainline , could be used to carry out a devastating distributed denial of service (DDoS) attack that makes it very easy for a single undetectable hacker to bring down large sites. A new research by Florian Adamsky of the City University London shows that open BitTorrent protocol can be exploited to carry out Distributed Reflective Denial of Service (DRDoS) attacks . The bitTorrent protocol is a file-sharing protocol used by Millions of active online users at any given point in the day to exchange files over the Internet. DRDoS attack is a more sophisticated form of conventional DDoS attack where open and misconfigured DNS (Domain Name System) can be used by anyone to launch high-bandwidth DDoS attacks on target websites. In a paper , titled " P2P File-Sharing in Hell: Exploiting BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks ," the resea
Friday's Massive DDoS Attack Came from Just 100,000 Hacked IoT Devices

Friday's Massive DDoS Attack Came from Just 100,000 Hacked IoT Devices

Oct 27, 2016
Guess how many devices participated in last Friday's massive DDoS attack against DNS provider Dyn that caused vast internet outage? Just 100,000 devices. I did not miss any zeros. Dyn disclosed on Wednesday that a botnet of an estimated 100,000 internet-connected devices was hijacked to flood its systems with unwanted requests and close down the Internet for millions of users. Dyn executive vice president Scott Hilton has issued a statement , saying all compromised devices have been infected with a notorious Mirai malware that has the ability to take over cameras, DVRs, and routers. "We're still working on analyzing the data but the estimate at the time of this report is up to 100,000 malicious endpoints," Hilton said. "We are able to confirm that a significant volume of attack traffic originated from Mirai-based botnets." Mirai malware scans for Internet of Things (IoT) devices that are still using their default passwords and then enslaves those
THN Weekly RoundUp – 12 Hacking Stories You Don’t Want To Miss This Week

THN Weekly RoundUp – 12 Hacking Stories You Don't Want To Miss This Week

Oct 12, 2015
Here we are with our weekly roundup, showcasing last week's top cyber security threats and challenges. Just in case you missed any of them (ICYMI), THN Weekly Round-Up helps you provide all important stories of last week in one shot. We advise you to read the full story (just click ' Read More ' because there's some valuable advice in it as well). Here's the list: 1. Facebook to Launch Its Own Satellite to Beam Free Internet Facebook has revealed its plans to launch a  $500 Million Satellite  by next year in an effort to provide free or cheap Internet access in the developing countries. The social network giant has teamed up with the French satellite provider  Eutelsat  Communications to  beam free Internet  access to several parts of countries in Sub-Saharan Africa. For detailed information on Facebook's Satellite Project –  Read more … 2. Angler Exploit Kit Campaign Generating $30 Million Took Down Researchers took down a large ran
Microsoft Fended Off a Record 2.4 Tbps DDoS Attack Targeting Azure Customers

Microsoft Fended Off a Record 2.4 Tbps DDoS Attack Targeting Azure Customers

Oct 12, 2021
Microsoft on Monday revealed that its Azure cloud platform mitigated a 2.4 Tbps distributed denial-of-service (DDoS) attack in the last week of August targeting an unnamed customer in Europe, surpassing a  2.3 Tbps attack  stopped by Amazon Web Services in February 2020. "This is 140 percent higher than  2020's 1 Tbps attack  and higher than any network volumetric event previously detected on Azure," Amir Dahan, senior program manager for Azure Networking,  said  in a post, calling it a " UDP reflection " lasting for about 10 minutes. Reflected amplification attacks are a type of denial of service attacks wherein a threat actor takes advantage of the connectionless nature of UDP protocol with spoofed requests so as to overwhelm a target server or network with a flood of packets, causing disruption or rendering the server and its surrounding infrastructure unavailable. The attack is said to have originated from a botnet of approximately 70,000 compromised d
Cybersecurity Resources