Cloudflare says it has blocked a distributed denial-of-service (DDoS) attack that peaked at between 50 and 70 million requests per second (rps), at one point reaching 71 rps. Cloudflare says that the attack “is the largest reported HTTP DDoS attack on record.” The record-breaking DDoS was just one of dozens of DDoS attacks over the …
DDoS
The websites of some German airports, financial institutions, and government agencies were targeted with distributed denial-of-service (DDoS) attacks earlier this week. The attacks are believed to be the work of Russian hacktivists. Germany’s Federal office for Information Security (BSI) says that some websites were made unavailable, but there were no service disruptions. Note DDoS attacks …
Updated on 2022-12-15: 50 DDoS websites taken down Europol and law enforcement agencies across Europe and the US have shut down 50 DDoS-for-hire portals. The crackdown is part of Europol’s yearly Operation PowerOFF, a yearly operation that shuts down DDoS service providers ahead of the winter holidays, a period when many kids use these services …
Updated on 2022-12-01: Vatican DDoS The official website of the Vatican went offline on Wednesday following a DDoS attack carried out by pro-Russian hacktivists. As CNA points out, the attack came a day after Moscow criticized Pope Francis’s latest condemnation of Russia’s invasion of Ukraine. Read more: The Vatican says it’s been hacked — again …
Updated on 2022-11-28: European Parliament Website Hit with DDoS The website of the European Parliament (EP) was temporarily taken down last week due to a cyberattack. The attack came just hours after the legislative body passed a resolution calling the Kremlin a “state sponsor of terrorism.” An EP spokesperson said the website was the target …
Updated on 2022-11-18: RapperBot Fortinet researchers say that a botnet called RapperBot, which they first spotted back in August, launching brute-force attacks in an attempt to expand their numbers, has been recently repurposed to launch DDoS attacks. According to current data, these attacks appear to target gaming servers and are a continuation of a similar …
Updated on 2022-11-11: DDOS attacks on election day Some websites operated by the Mississippi state government were knocked offline during the US midterm elections on Tuesday following DDOS attacks claimed by pro-Russian hacktivist groups. None of the attacked websites were involved in the vote and vote counting process. Read more: Mississippi Secretary of State website …
Updated on 2022-11-08: FBI Warns of Hacktivist Activity The US Federal Bureau of Investigation (FBI) has published a Private Industry Notification warning that hacktivists are launching distributed denial-of-service (DDoS) attacks. The document includes recommendations for mitigating the effect of the attacks. Targets have included financial institutions, emergency services, airports, and healthcare-related facilities. Note The bulletin …
Updated on 2022-10-31 The CISA, the FBI, and the MS-ISAC issued the Understanding and Responding to DDoS Attacks guidance for network defenders and leaders to respond to DDoS attacks. Read more: Joint CISA FBI MS-ISAC Guide on Responding to DDoS Attacks and DDoS Guidance for Federal Agencies Updated on 2022-10-30: US DDOS guidance CISA, the …
Updated on 2022-10-28: Misconfigured CLDAP Services are Being Used to Magnify DDoS Attacks According to researchers from Black Lotus Labs, misconfigured Connectionless Lightweight Directory Access Protocol (CLDAP) services on Microsoft domain controllers are being used to amplify distributed denial-of-service attacks. Known as reflection attacks, the technique has been in used for at least five years. …
Updated on 2022-10-30 In a series of DDOS attacks, Pro-Russian hacktivist groups have targeted the IT networks of the Parliaments of Poland and Slovakia. The attacks targeting Poland’s Parliament came after the government passed a resolution recognizing Russia as a terrorist state and brought down the Senate’s website. The attack targeting Slovakia’s Parliament systems was …
Updated on 2022-10-14: Large DDoS attack In its quarterly threat report for Q3 2022, Cloudflare said it mitigated a large-scale DDoS attack that reached a massive 2.5 Tbps, launched by a Mirai botnet variant and aimed at the Wynncraft Minecraft service. Read more: Cloudflare DDoS threat report 2022 Q3 Overview Cloudflare claimed to have thwarted …
Updated on 2022-12-01 Have some LuckyMouse APT TTPs, courtesy of Sekoia. Read more: Lucky Mouse: Incident Response to Detection Engineering Updated on 2022-10-24: APT27 intrusion French security firm INTRINSEC published a step-by-step technical breakdown of an APT27 (LuckyMouse, EmissaryPanda) intrusion, during which the Chinese espionage group breached a network, lay in hiding for 11 months, …
Ukraine’s Main Directorate of Intelligence of the Ministry of Defense warns that Russia is planning to escalate cyberattacks against Ukrainian and Ukrainian allies’ critical infrastructure. The Directorate says it expects the first attacks to target the energy sector. They also warn that Russia is likely to escalate distributed denial-of-service (DDoS) attacks against critical infrastructure in …
Akamai researchers say they detected and mitigated a record-setting distributed denial-of-service (DDoS) attack against an unnamed customer in Eastern Europe. The attack peaked at 704.8 million packets-per-second (Mpps). Akamai says that this attack was the work of the same group of cybercriminals that launched a 659.6 Mpps attack in July against the same customer. Note …