Singapore telecommunications company StarHub has said the recent service outages affecting some of its home broadband customers were caused by cyberattacks.
After inspecting the network logs of the internet connection disruptions, the company said that it found evidence of intentional, possibly malicious DDoS attacks on its domain name servers. The company noted that they did not find any evidence that their other services were affected by the two attacks that occurred. A DDoS occurs when an attacker floods a company's network with fake traffic or messages in an effort to take it down and render it useless to clients.Read more
Cyber attacks are getting evil and worst nightmare for companies day-by-day, and the Distributed Denial of Service (DDoS) attack is one such attacks that cause a massive damage to any service.
Recently, the Internet witnessed a record-breaking largest DDoS attack of over 1 Tbps against France-based hosting provider OVH, and now the latest victim of the attack is none other than Dyn DNS provider. A sudden outage of popular sites and services, including Twitter, SoundCloud, Spotify, and Shopify, for many users, is causing uproar online. It's because of a DDoS attack against the popular Domain Name System (DNS) service provider Dyn.Read more
Sierra Wireless is warning customers to change their default access credentials on AirLink gateway products after discovering the wireless products are being compromised by Mirai malware.
Mirai, a malware and botnet combination recently publicized after a 620 Gbps distributed DDoS attack on the prominent security blog Krebs on Security, enslaves thousands of vulnerable Internet of Things devices. Now, it seems the malware's operators could be scanning the web for Sierra Wireless gateway devices vulnerable to exploit. Experts issued a security advisory warning that these products are vulnerable to the Linux-based malware.Read more
Do you know — Your Smart Devices may have inadvertently participated in a record-breaking largest cyber attack that Internet has just witnessed.
If you own a smart device like Internet-connected televisions, cars, refrigerators or thermostats, you might already be part of a botnet of millions of infected devices that was used to launch the biggest DDoS attack known to date, with peaks of over 1 Tbps of traffic. Hosting provider OVH was the victim to the record-breaking DDoS attacks that reached over one terabit per second over the past week. As the Internet of Things or connected devices are growing at a great pace, they continue to widen the attack surface at the same time.Read more
KrebsOnSecurity.com was the target of an extremely large and unusual DDoS attack designed to knock the site offline. The attack did not succeed thanks to the hard work of the engineers at the company that protects site from such digital sieges.
It was nearly double the size of the largest attack they’d seen previously, and was among the biggest assaults the Internet has ever witnessed. The attack began on Sept. 20, and initial reports put it at 665 Gigabits per second. Additional analysis on the attack traffic suggests the assault was closer to 620 Gbps, but in any case this is many orders of magnitude more traffic than is typically needed to knock most sites offline.Read more
US-CERT is warning businesses around the world about the presence of three unpatched vulnerabilities in the firmware of the AVer Information EH6108H+ DVR system that can allow attackers to take over the device.
According to its website, the AVer Information EH6108H+ is a hybrid DVR device with IP security camera management features and video streaming and recording functions. The device is used together with IP and CCTV cameras and allows a business owner to stream content via the Internet, or record it locally. Problems arise when the device is connected online because attackers can reach the device via various methods and access its management panel.Read more
A new trojan named Mirai has surfaced, and it's targeting Linux servers and IoT devices, mainly DVRs, running Linux-based firmware, for the purpose of enslaving these systems as part of a large botnet used to launch DDoS attacks. Mirai is an evolution of an older trojan, also used for DDoS attacks.
Mirai's mode of operation is largely the same as Gafgyt, targeting IoT devices running Busybox, a slimmed-down version of select GNU tools and libraries, usually deployed on small embedded hardware. The trojan also targets only a specific set of platforms, on which IoT devices are usually built.Read more
A new DDoS botnet, powered by the Bashlite malware has been uncovered by security researchers, primarily using vulnerable IoT devices. The Bashlite malware family, also known as Lizkebab, Torlus and Gafgyt is responsible for the rise of a million-endpoint botnets conducting DDoS attacks.
Security researchers said the Bashlite malware's source code was first leaked in early 2015, after which cybercriminals have developed several variants of the malware. "Of the bots we've observed participating in attacks, peaking at more than one million devices, a large percentage are located in Taiwan, Brazil and Colombia," the researchers said.Read more
Thousands of web-connected CCTV cameras and webcams have been taken over by hackers to carry out cyber attacks on government department websites and online banks.
The network of compromised cameras was uncovered by researchers at security firm Arbor Networks, who reported that large scale distributed denial of service attacks took down websites by flooding them with traffic. The botnet has been assembled by the notorious hacker collective Lizard Squad, best known for taking down the Xbox Live and Playstation gaming networks, as well as knocking North Korea’s Internet offline in 2014 using its LizardStresser DDoS tool.Read more
A 470 gigabits per second distributed denial of service attack on an unnamed gambling website has been described as one of the largest and most complex assaults to date. The perpetrators' multi-vector approach reached a packet-per-second peak of 110 million, although the assault was quickly mitigated by a security firm.
The attack reportedly lasted just over four hours on 14 June and was notable not only for the strength of the assault, but also the multi-vector approach that mixed "nine different payload types". The security firm claims that only 0.2% of DDoS attacks from the first quarter of 2016 were multi-vector.Read more