Cloudflare says it has blocked a distributed denial-of-service (DDoS) attack that peaked at between 50 and 70 million requests per second (rps), at one point reaching 71 rps. Cloudflare says that the attack “is the largest reported HTTP DDoS attack on record.” The record-breaking DDoS was just one of dozens of DDoS attacks over the …
DDoS
The websites of some German airports, financial institutions, and government agencies were targeted with distributed denial-of-service (DDoS) attacks earlier this week. The attacks are believed to be the work of Russian hacktivists. Germany’s Federal office for Information Security (BSI) says that some websites were made unavailable, but there were no service disruptions. Note DDoS attacks …
Updated on 2022-12-15: 50 DDoS websites taken down Europol and law enforcement agencies across Europe and the US have shut down 50 DDoS-for-hire portals. The crackdown is part of Europol’s yearly Operation PowerOFF, a yearly operation that shuts down DDoS service providers ahead of the winter holidays, a period when many kids use these services …
Updated on 2022-12-01: Vatican DDoS The official website of the Vatican went offline on Wednesday following a DDoS attack carried out by pro-Russian hacktivists. As CNA points out, the attack came a day after Moscow criticized Pope Francis’s latest condemnation of Russia’s invasion of Ukraine. Read more: The Vatican says it’s been hacked — again …
Updated on 2022-10-28: Misconfigured CLDAP Services are Being Used to Magnify DDoS Attacks According to researchers from Black Lotus Labs, misconfigured Connectionless Lightweight Directory Access Protocol (CLDAP) services on Microsoft domain controllers are being used to amplify distributed denial-of-service attacks. Known as reflection attacks, the technique has been in used for at least five years. …
Updated on 2022-12-01 Have some LuckyMouse APT TTPs, courtesy of Sekoia. Read more: Lucky Mouse: Incident Response to Detection Engineering Updated on 2022-10-24: APT27 intrusion French security firm INTRINSEC published a step-by-step technical breakdown of an APT27 (LuckyMouse, EmissaryPanda) intrusion, during which the Chinese espionage group breached a network, lay in hiding for 11 months, …