DDOS

OpenSSL vulnerability can ‘definitely be weaponized,’ NSA cyber director says

Derek B. JohnsonMarch 21, 2022

The flaw affects OpenSSL versions 1.02, 1.1.1, and 3.0, all of which have been patched. OpenSSL is a core component of Unix and Linux-based systems, and is also bundled into software applications that run on Windows.

DDOS

Largest-ever cyberattack on Israel takes down government sites

Stephen WeigandMarch 15, 2022

Israeli government sites are back online after being struck with a distributed denial of service cyberattack on March 15.

Hardware security

Mapping the MikroTik attack surface (or why your home office may have DDoSed a Russian search engine)

Joe UchillDecember 9, 2021

Owners of the globally popular and cheap MikroTik brand of home routers inadvertently were involved in an attempt to take down Russian search engine giant Yandex in September, when the MikroTik-based Mēris botnet was used in a record-breaking DDoS attack.

IOT

Claroty and JFrog disclose 14 new vulnerabilities in BusyBox

Steve ZurierNovember 9, 2021

Researchers say potential vulnerabilities in the IoT devices that run on BusyBox could cause denial of service attacks or remote code execution.

DDOS

Microsoft Azure customer hit by record DDoS attack in August

Steve ZurierOctober 12, 2021

Record 2.4 terabits-per-second attack on the Microsoft Azure customer eclipsed a DDoS attack on Amazon Web Services in Q1 2020.

DDOS

New twist on DDoS technique poses threat to CSP networks

Bradley BarthSeptember 28, 2021

Black Storm reflective attack uses spoofed IP addresses and internet-connected devices to inundate victims with ICMP packet replies.

DDOS

Cloudflare reports record-breaking HTTP-request DDoS attack

Joe UchillAugust 20, 2021

The attacks appear to be directed through a massive, 20,000 IoT device botnet, with a disproportionate amount of devices, more than a combined 30 percent, located in Indonesia and Brazil.

Architecture

Related events

DDoS Attacks March On…and On…and On

Related Perspectives

Six network protocols that signal an incoming DDoS attack

What to do about the new wave of DDoS extortion attacks

Briefs

US charges WireX botnet admin for launching DDoS attack against hotel chain

DDoS attack hits VoIP provider Bandwidth

New BazaLoader lures include phony DMCA complaints, DDoS threats

OpenSSL vulnerability can ‘definitely be weaponized,’ NSA cyber director says

Largest-ever cyberattack on Israel takes down government sites

Mapping the MikroTik attack surface (or why your home office may have DDoSed a Russian search engine)

Claroty and JFrog disclose 14 new vulnerabilities in BusyBox

Microsoft Azure customer hit by record DDoS attack in August

New twist on DDoS technique poses threat to CSP networks

Cloudflare reports record-breaking HTTP-request DDoS attack

CallStranger bug in billions of devices can enable data exfiltration, DoS attacks

Mirai variant Mukashi searching out Zixel NAS devices

Gafgyt variant exploits 3 devices to target game servers with DDoS attacks