 Your new post is loading...
Your new post is loading...
|
Scooped by
Gust MEES
|
In a growing sign of the increased sophistication of both cyber attacks and defenses, GitHub has revealed that this week it weathered the largest-known DDoS attack in history.
DDoS — or distributed denial of service in full — is a cyber attack that aims to bring websites and web-based services down by bombarding them with so much traffic that their services and infrastructure are unable to handle it all. It’s a fairly common tactic used to force targets offline.
GitHub is a common target — the Chinese government was widely suspected to be behind a five-day-long attack in 2015 — and this newest assault tipped the scales at an incredible 1.35Tbps at peak.
In a blog post retelling the incident, GitHub said the attackers hijacked something called “memcaching” — a distributed memory system known for high-performance and demand — to massively amplify the traffic volumes that were being fired at GitHub. To do that, they initially spoofed GitHub’s IP address and took control of memcached instances that GitHub said are “inadvertently accessible on the public internet.”
The result was a huge influx of traffic. Wired reports that, in this instance, the memcached systems used amplified the data volumes by around 50 times. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=DDos
|
|
Scooped by
Gust MEES
|
Eine DDoS-Attacke hat die Kryptowähungs-Börse Bitfinex lahmgelegt. Das bestätigten die Betreiber auf Twitter. Der Angriff sei während Wartungsarbeiten an der Infrastruktur gestartet worden.
Während Wartungsarbeiten an der Infrastruktur legten Hacker die Kryptowährungs-Börse Bitfinex mit einer DDoS-Attacke lahm. Wie die Betreiber auf Twitter mitteilen, ist der Angriff noch in vollem Gange.
Damit erleidet die Tauschbörse einen weiteren schweren Schlag. Erst vor wenigen Tagen hatte die von den Bitfinex-Machern entwickelte Kryptowährung Tether durch einen Cyber-Angriff 31 Millionen US-Dollar verloren. Es bleibt abzuwarten, wie lange die Nutzer der Plattform noch ihr Vertrauen schenken.
Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=Bitfinex https://www.scoop.it/t/securite-pc-et-internet/?&tag=crypto-currency
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
Am Tag nach dem mutmaßlichen Anschlag auf einen Berliner Weihnachtsmarkt ist das Hinweisportal des Bundeskriminalamts mehr als zwei Stunden durch einen DDoS-Angriff lahmgelegt worden. Inzwischen ist es wieder erreichbar. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=BKA
|
|
Scooped by
Gust MEES
|
Pour faire tomber des sites avec une attaque de type « Déni de service » (DDoS), plus besoin d’utiliser un grand nombre d’ordinateurs ou de louer les services d'un botnet, un seul PC peut suffire !
Les chercheurs danois de TDC ont révélé une nouvelle technique d’attaque qu’ils ont baptisés BlackNurse. Sa particularité est qu’elle ne nécessite qu’un seul ordinateur et une liaison internet de bonne qualité (au moins 15 à 18 Mbit/s). En comparaison, les dernières attaques DDoS contre le les fournisseurs Dyn et OVH ont nécessité des débits de l’ordre de 1 Tbit/s.
Comment arrive-t-elle à être aussi efficace en nécessitant si peu de puissance de feu ? Au lieu d’envoyer une grande quantité de trafic sur les serveurs, BlackNurse envoie des paquets de données spécifiques (Internet Control Message Protocol) qui sont utilisés par les appareils réseau pour la transmission de messages d’erreur. Ces paquets vont surcharger les processeurs des pare-feu conçus par des constructeurs connus tels que Cisco ou Palo Alto Networks. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DDos...
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
A distributed denial of service (DDoS) attack against DynDNS is causing havoc online, with many major websites reportedly unavailable. According to Dyn DNS, the attack started at 11:10 UTC, and it targeted its managed DNS service. The Domain Name System (DNS) is a tool used to resolve human-readable web addresses (like “thenextweb.com”) against IP addresses. A new era … Learn more: http://www.scoop.it/t/securite-pc-et-internet/?tag=DDos...
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
An internet hosting company has been the subject of a distributed denial of service attacks the likes of which the world has never seen.
The hosting company found that hacked CCTV cameras to blame for historic attack (Nasanbuyn via wikimedia commons)
Hosting company OVH has been subject to the biggest attack DDoS known to date, with peaks of over 1 Tbps of traffic.
Over the past week, the company has been subjected to an attack greater than the one suffered by Krebs on Security.
The attack led to company founder and CTO Octave Klaba tweeting, “last days, we got lot of huge DDoS. Here, the list of ‘bigger that 100Gbps' only. You can see the simultaneous DDoS are close to 1Tbps!”
Klaba also shared a screenshot of the multiple attacks on its infrastructure that when added together produced the 1Tbps directed at the company. The biggest single attack was documented at 799Gbps.
Learn more / En savoir plus / Mehr erfahren: https://gustmees.wordpress.com/2013/05/13/visual-cyber-security-see-attacks-on-real-time/
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
The number of DDoS attacks is soaring, according to Akamai’s latest State of the Internet report. But attack characteristics have shifted, as attackers have moved to quick strikes based on rented botnets, and are relying more heavily on reflection attacks that exploit compromised internet services.
Akamai reports that attacks were up a whopping 149% compared to this time last year – though it’s worth noting that the data reflects Akamai’s changing customer base, not all DDoS attacks everywhere.
Last quarter, the average DDoS attack against an Akamai customer clocked in at just under 15 hours, barely half the average length from a year before. And, measured by data volume, there were fewer mega-attacks: only five exceeding 100 Gbit/sec, compared with nine a year before.
Drilling down, Akamai found that the vast majority of DDoS attacks are now launched from stresser/booter-based botnets (such as the one run by Lizard Squad) that bounce traffic off servers that run compromised versions of certain services. These botnets aim to maximize attack bandwidth and intensity, so they deliver larger (but fewer) packets faster. Learn more: http://www.scoop.it/t/securite-pc-et-internet/?tag=DDos...
|
|
|
Scooped by
Gust MEES
|
GitHub has revealed it was hit with what may be the largest-ever distributed denial of service (DDoS) attack.
The first portion of the attack against the developer platform peaked at 1.35Tbps, and there was a second 400Gbps spike later. This would make it the biggest DDoS attack recorded so far. Until now, the biggest clocked in at around 1.1Tbps.
In a post on its engineering blog, the developer platform said that, on Feb. 28, GitHub.com was unavailable from 17:21 to 17:26 UTC and intermittently unavailable from 17:26 to 17:30 UTC due to the DDoS attack.
Github said that at no point "was the confidentiality or integrity of your data at risk. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=Cyberattacks
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
One of the largest distributed denial-of-service attacks happened this week and almost nobody noticed.
Since the cyberattack on Dyn two weeks ago, the internet has been on edge, fearing another massive attack that would throw millions off the face of the web. The attack was said to be upwards of 1.1 Tbps -- more than double the attack a few weeks earlier on security reporter Brian Krebs' website, which was about 620 Gbps in size, said to be one of the largest at the time. The attack was made possible by the Mirai botnet, an open-source botnet that anyone can use, which harnesses the power of insecure Internet of Things devices.
This week, another Mirai botnet, known as Botnet 14, began targeting a small, little-known African country, sending it almost entirely offline each time.
Security researcher Kevin Beaumont, who was one of the first to notice the attacks and wrote about what he found, said that the attack was one of the largest capacity botnets ever seen. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=Mirai+Botnet http://www.scoop.it/t/securite-pc-et-internet/?tag=wearables https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/ http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things http://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/ http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
Criminals this morning massively attacked Dyn, a company that provides core Internet services for Twitter, SoundCloud, Spotify, Reddit and a host of other sites, causing outages and slowness for many of Dyn’s customers. Twitter is experiencing problems, as seen through the social media platform Hootsuite. In a statement, Dyn said that this morning, October 21, Dyn received a global distributed denial of service (DDoS) attack on its DNS infrastructure on the east coast starting at around 7:10 a.m. ET (11:10 UTC). “DNS traffic resolved from east coast name server locations are experiencing a service interruption during this time. Updates will be posted as information becomes available,” the company wrote. DYN encouraged customers with concerns to check the company’s status page for updates and to reach out to its technical support team. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DDos...
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
Thanks, Internet of things
Instead, the attacks against KrebsOnSecurity harness so-called Internet-of-things devices—think home routers, webcams, digital video recorders, and other everyday appliances that have Internet capabilities built into them. Manufacturers design these devices to be as inexpensive and easy-to-use as possible. Consumers often have little technical skill. As a result, the devices frequently come with bug-ridden firmware that never gets updated and easy-to-guess login credentials that never get changed. Their lax security and always-connected status makes the devices easy to remotely commandeer by people who turn them into digital cannons that spray the Internet with shrapnel. On Thursday, security firm Symantec cataloged 11 different families of IoT malware that do just that.
"The current IoT threat landscape shows that it does not require much to exploit an embedded device," Symantec researchers wrote in the report, which was headlined "IoT devices being increasingly used for DDoS attacks." "While we have come across several malware variants exploiting device vulnerabilities—such as Shellshock or the flaw in Ubiquiti routers—the majority of the threats simply take advantage of weak built-in defenses and default password configurations in embedded devices."
The growing supply of IoT malware is creating a tipping point in the denial-of-service domain that's giving relatively unsophisticated actors capabilities that were once reserved only for the most elite of attackers. And that, in turn, represents a threat to the Internet as we know it. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=Smart+Home https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/ http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things http://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/ http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars
|
|
Scooped by
Gust MEES
|
DDoS-Angriffe kosten Unternehmen sehr viel Geld – doch es gibt Schutzmechanismen. com! professional stellt die verschiedenen DDoS-Varianten und Möglichkeiten zu deren Abwehr vor. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DDos
|
In a growing sign of the increased sophistication of both cyber attacks and defenses, GitHub has revealed that this week it weathered the largest-known DDoS attack in history.
DDoS — or distributed denial of service in full — is a cyber attack that aims to bring websites and web-based services down by bombarding them with so much traffic that their services and infrastructure are unable to handle it all. It’s a fairly common tactic used to force targets offline.
GitHub is a common target — the Chinese government was widely suspected to be behind a five-day-long attack in 2015 — and this newest assault tipped the scales at an incredible 1.35Tbps at peak.
In a blog post retelling the incident, GitHub said the attackers hijacked something called “memcaching” — a distributed memory system known for high-performance and demand — to massively amplify the traffic volumes that were being fired at GitHub. To do that, they initially spoofed GitHub’s IP address and took control of memcached instances that GitHub said are “inadvertently accessible on the public internet.”
The result was a huge influx of traffic. Wired reports that, in this instance, the memcached systems used amplified the data volumes by around 50 times.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=DDos