Recent DDoS Attack Impacts Swedish Transit Site

On Friday, August 16, the Sweden Stockholm Public Transport was hit by a powerful DDoS attack that affected the company's website and apps for purchasing tickets and planning routes for approximately 6 hours. This attack is a clear example of how critical infrastructure is vulnerable to DDoS attacks and why always-on DDoS mitigation and detection is needed.

Read more

Meet the Team: Mike Powell, Senior Security Services Engineer

Take a look into the life of one of Corero's Senior Security Services Engineer, Mike Powell!

Read more

Expansion of the Internet Necessitates Network-Based DDoS Defense

The continued expansion of Internet access, backbone and cloud connections will ultimately drive a fundamental shift to DDoS defense to more network-integrated solutions that are enabled by advanced next-generation networking technologies.

Read more

On the 20th Anniversary of DDoS, Prepare for the Future

July 22, 2019 marked the 20th anniversary of the world's first DDoS attacks. Since then, the nature of DDoS attacks has changed dramatically, and DDoS mitigation defenses have responded in turn. As the 5G era continues to expand, one thing we know for sure today is that DDoS attacks are a damaging problem that won’t go away in the foreseeable future.

Read more

Mirai Botnet Code Targets Corporate Networking Gear

Last month a report from Palo Alto Networks’ Unit 42 revealed that cyber criminals have now evolved the infamous Mirai botnet code to target corporate SD-WAN gear and recruit those assets into harmful botnets. To defend against such attacks, a security system must include comprehensive automated protections against Mirai type attack vectors.

Read more

Understanding and Stopping Multi-Vector DDoS Attacks

Multi-vector DDoS attacks present several challenges for detection and mitigation. As cybercriminals are using more sophisticated techniques, it has become much more difficult for IT security teams to prevent DDoS attacks.

Read more

What is DDoS Mitigation, and What Kinds of DDoS Protection Solutions Exist?

Every organization who relies upon the availability of its Internet presence should worry about the impact of modern DDoS attacks. However, solutions are available for organizations to defend against DDoS attacks of all sizes so that their network, application, or service performance is not impacted.

Read more

Using DDoS as a Political Weapon; Hacktivism or Cyber Warfare in Hong Kong?

In the midst of many protests in Hong Kong, the Telegram was hit with a massive DDoS attack that knocked the service offline for over an hour. The theory is that China ordered the DDoS attack because it has a vested interest in squelching communication among protesters. Will anyone ever know for sure whether the Chinese government is behind the attacks?

Read more

IoT Device Security Laws Won't Eliminate DDoS Attacks

It is now common knowledge among cyber security professionals that many of the billions of IoT-connected devices around the world are not secure and, of those, many have already been leveraged by bad actors. Given this reality of the IoT-powered world we live in, organizations should seek to protect their networks from the cyber-attacks that ensue, with one of the most common being DDoS.

Read more

Automated DDoS Protection Can Reduce CISO Stress

A recent Security Magazine UK article reports on a survey by Nominet Cybersecurity that quantified the work stress today’s CISOs endure. CISOs have a Sisyphean task of protecting every IT system and point of data, yet they commonly lack adequate budget, they often suffer a shortage of qualified cybersecurity staff, and security breaches are rampant.

Read more

DDoS Considerations for On-Premises Servers

There has been much hype around cloud computing in recent years, to the extent that it appeared the answer was to run everything in ‘the cloud’, as-a-service. Now the dust has settled somewhat, there is a level of pragmatism setting in.

Read more

What is a DDoS Attack and Why Should You Worry?

A distributed denial-of-service (DDoS) attack occurs when multiple systems overwhelm the available bandwidth or other system resources of their target; as a result, an application, service or website may either crash or suffer a significantly degraded service. In an always-on world, where many organizations rely on constant Internet connectivity to conduct business online, DDoS attacks are a serious issue.

Read more

Evolving DDoS Threat Challenges Service Provider Capacity

The DDoS threat continues to grow in sophistication as cybercriminals improve their attack techniques in an attempt to evade the trusted mitigation methodologies typically used for DDoS protection.

Read more

Enterprises Beware: Variations on the Mirai Malware Still Feeding DDoS Attacks

The Mirai Malware first attracted public attention in October 2016, when it was used to launch the notorious and massive botnet-driven distributed denial of service (DDoS) attacks against Brian Krebs’ blog and Dyn’s DNS infrastructure. Now, Tech Target reports that researchers at Palo Alto Networks have discovered another new variant of the Mirai malware that is “going after wireless presentation and display systems, indicating a potential shift in using Mirai to target enterprises.”

Read more

RSA 2019 Highlighted the Importance of Automation - Making SOCs More Efficient

Earlier this month Corero sent a team to the annual RSA Conference, where several education tracks and other exhibitors on the show floor also included discussions around the challenges of dealing with the latest wave of sophisticated distributed denial of service (DDoS) attacks.

Read more

Automated DDoS Mitigation Is Essential

Today, organizations of all types and sizes face distributed denial of service (DDoS) attacks; creating a top business continuity and security issue. The ongoing proliferation of DDoS-for-hire services, powered mainly by the continuing explosion of unsecure Internet of things (IoT) devices, has turned DDoS attacks into an everyday occurrence.

Read more

New Report: Latest DDoS Trends

The distributed denial of service threat continues to increase. Corero recently published our 2018 DDoS Trends Report, and the findings suggest that enterprises and service providers have ample reason to put DDoS mitigation at the forefront of their cybersecurity strategies.

Read more

Five Myths About DDoS Attack Protection

It’s a pity when myths get in the way of facts, especially in terms of cybersecurity, where there is little margin for error. When it comes to DDoS protection, several myths have been floating around for years, and it’s important to debunk them. Below are the top five DDoS myths, countered with the sobering facts:

Read more

Brexit and the Cybersecurity skills gap: Could automation provide a solution?

The cyber threat landscape is constantly evolving and expanding, as a result, organizations require increasing numbers of trained IT security personnel to mitigate against this threat. Unfortunately, the cybersecurity skills gap is a well-documented and growing issue within the industry.

Read more

Do Service Provider Networks Need Better Security?

How are communications service providers (CSPs) coping with network security threats these days? Heavy Reading conducted an anonymous survey of CSPs who are members of their Thought Leadership Council. According to that survey, “Council members say there are several security issues driving the development of those plans, including distributed denial of service (DDoS), illegal intercept, ransomware and data exfiltration, all of which were seen as critical issues by more than 60% of panelists.”

Read more

Minor Outages Do Matter

It’s a common misconception that distributed denial of service (DDoS) is all about the very large attacks. The highest volume attacks certainly make all the headlines, but they are actually a tiny minority of the overall DDoS threat. The fact is that small DDoS attacks are an everyday occurrence for many organizations.

Read more

The Dangerous Power of DDoS-for-Hire

It was reported in late December 2018 that law enforcement officials from the US, the UK, and the Netherlands, had seized the domains of 15 DDoS-for-hire sites. News reports suggested that the sites were taken down just before Christmas, because it is notoriously a time when hacker groups target retailers and gaming providers in a bid to disrupt their services.

Read more

How the Cyber Grinch Stole Christmas

The Cyber Grinch hated Christmas! The whole retail season! With Christmas fast approaching, he exclaimed “It’s practically here, I must find a way to stop Christmas from coming!”. He sat at his computer with his red coat and hat. ‘With this hat and this coat, I look just like Saint Nick’ he said with a laugh.

Read more

Don’t Let DDoS Attacks Hack the Holidays

Will cyber criminals be naughty or nice with your network this holiday season? Don’t let your guard down. If the past is any precedent, cyber criminals will be very busy Grinches, wreaking havoc around the world.

Read more

5G Will Increase DDoS Attack Risk

The next generation of wireless communications, known as 5G, is on the horizon. Telecoms providers such as Sprint, T-Mobile, AT&T and others are in a race to rollout 5G services that will empower smart devices and the Internet of Things (IoT).

Read more

Corero Networks’ 2019 Security Predictions

It is safe to say that 2018 has been a very busy year for cybercriminals. Between attackers exploiting Memcached reflection vulnerabilities to launch the largest DDoS attacks the world has ever seen and some of the world’s major airlines suffering catastrophic data breaches, today’s determined cybercriminals have shown no signs of slowing down.

Read more

Black Friday and Cyber Monday – Prime Time for Cyber Crime

Black Friday and Cyber Monday are just around the corner, and while holiday shoppers are making their lists and checking them twice, no doubt cyber criminals are making their own lists—of e-commerce sites to target.

Read more

DerpTroll: Despite the crime, will he even do time?

In 2013 and 2014 the cyber security industry was taken by storm after gaming super giants, including Sony, EA and Steam, were taken offline by DDoS attackers. The attackers went by the name of DerpTroll and they used Twitter to coordinate DDoS attacks and generally cause internet chaos.

Read more

Why Critical National Infrastructure Organizations Shouldn’t Overlook DDoS Attacks

On the 1st of November the Department of Homeland Security kicked off its National Critical Infrastructure Security and Resilience Month. The month is aimed at raising awareness on the security issues which surround our critical national infrastructure and providing organizations with best-practice advice on ways to help keep these systems safe from physical and cyber security threats.

Read more

DDoS Attacks on the Rise Again and Size Doesn’t Matter

Organizations today are heavily reliant on the internet to function and if anything is done to disrupt this availability, it can have catastrophic repercussions on the way those organizations operate. Distributed Denial of Service (DDoS attacks), in particular, can inflict the gravest consequences to a business and cause damage to a brand’s reputation, customer trust and revenue. What is even more staggering is that the frequency of DDoS attacks has once again risen in the past year.

Read more

DDoS Attacks Can Interfere with Election Campaigns

With the U.S. 2018 midterm elections less than two weeks away, elections officials and political candidates have reason to be concerned about cybersecurity. Potential targets could include either a state or local election system, or the websites of political candidates, or on voter registration systems.

Read more

California Connected-Devices Bill: Is it enough to Stop IoT Botnets?

It was recently announced that the State of California is introducing new legislation which amongst other requirements, will effectively ban the use of weak passwords on internet-enabled devices. The law will come into force in 2020 and means manufacturers of Internet-of-Things (IoT) devices will no longer be able to program their products with default or generic passwords, which have notoriously been exploited by cybercriminals.

Read more

Juniper Networks Enters into Global Sales Agreement with Corero, and Invests $2.0 Million

Last week Corero was pleased to announce the expansion of our global partnership with Juniper Networks; Juniper signed a multi-year agreement to resell Corero’s distributed denial of service (DDoS) protection software products and services, with Juniper’s MX Series 5G Universal Routing platform. Following closely on the heels of that announcement came yet another piece of good news: Juniper is investing $2.0 million in Corero.

Read more

Instagram – the New Advertising Platform for Botnets

Recent reports have revealed that cybercriminals are using the popular social media site, Instagram, as a marketplace to advertise the rental of Botnets. The advertisements do not make it clear how powerful the botnets are; however, some posts are claiming to provide cheap access to the Mirai botnet, which was behind one of the largest cyberattacks in history.

Read more

Survey Indicates Lack of Enterprise DDoS Awareness and Protection

Last month, I had the honor to host a workshop at the R3: Resilience, Response & Recovery Summit in London, with two of my fellow Corero colleagues: Sean Newman and Peter Cutler.

Read more

Small DDoS Attacks Shouldn’t Be Ignored

Organizations that continue to think of DDoS attacks as just large, long-drawn-out attacks are putting themselves at great risk. Over the past few years, Corero has observed that short sub-saturating DDoS attacks are dominating the threat landscape.

Read more

A Gambling Company Ups the Ante to Woo Players Back after DDoS Attacks

In the past month several online poker sites, as well as the DraftKings fantasy sports site, have been hit hard by distributed denial of service (DDoS) attacks. Clearly, even if those companies had DDoS mitigation solutions in place, they were not sufficient to protect their networks.

Read more

How DDoS Attacks Impact Businesses Across Industries

There is no doubt that the frequency and sophistication of DDoS attacks targeting various industries around the globe is likely to accelerate in the near future. But, what are the potential consequences of DDoS attacks on your business? This is a question every organisation should ask themselves in today’s dynamic cyber threat landscape, where DDoS attackers continue to look out for more creative techniques to create chaos.

Read more

Study Confirms DDoS Attacks Damage Customer Trust and Erode Confidence

Erosion of customer trust and confidence is the single most damaging consequence of DDoS attacks for businesses, according to a study amongst IT security professionals attending this year’s Infosecurity Europe, conducted by Corero Network Security.

Read more

The Current State of DDoS Attacks: Are They Getting Smarter?

There has been a flurry of DDoS reports in the last few months, highlighting the evolving state of DDoS threats and warning of an upcoming wave of even bigger and more dangerous attacks. The sheer number of vulnerable connected devices out there, combined with the hacker community’s unrelenting ability to find new vulnerabilities to exploit, has significantly increased the potential scale of DDoS attacks.

Read more

10-minute DDoS attacks: A Devil in Disguise

One of the biggest cybersecurity threats most organisations underestimate are short, sub-saturating DDoS attacks. However, they can be just as disruptive as bigger attacks and powerful enough to knock a firewall offline so that the hackers can target, map and infiltrate a network to install malware and engage into data exfiltration.

Read more

How Improving Password Security Helps Protect Against Botnets

The DDoS threat landscape has been transformed by the emergence of Internet of Things botnets. Password hygiene of consumer and industrial IoT devices is often lax leading to easy criminal exploitation and potentially devastating attacks. The exponential growth in the number of IoT connected devices is a key driver in the ever increasing scale of the largest DDoS attacks.

Read more

The Effects of DDoS Attacks on Essential Services

Public services continue to fall victim to distributed denial of service (DDoS) attacks with many industry experts, including Corero, predicting that this is going to get worse before it gets better. Our collective pessimism is being fuelled by dire warnings from government agencies that Nation State sponsored cyber-criminals are continuing to...

Read more

DDoS For Hire Industry and its Impact on Source-Based Mitigation Techniques

A lot has been written and said about the DDoS for hire industry over the past few years, with major media publications recently reporting on the takedown of a popular Booter website. With all the hype surrounding this, the focus tends to be on ease of use of these malicious services, however, it is equally important to keep in perspective the...

Read more

Botnet-driven DDoS Attacks Represent a Developing Cyberthreat

Security researchers recently discovered a new variant of the famous Hide and Seek (HNS) botnet, which infected nearly 90,000 unique devices from the time of its discovery at the start of the year. The botnet, the world’s first to communicate via a custom-built peer to peer protocol, has now also become the first IoT malware strain that, under certain conditions, can survive a device reboot and remain on infected devices after the initial compromise.

Read more

Critical Infrastructure Organisations Could Face Huge Fines Under NIS Directive

The NIS Regulations are taking effect and those who operate essential services and industrial control systems will be expected to improve their resilience to today’s cyber threats. We examine how critical infrastructure organisations will respond to the rising threat of cyber-attacks.

Read more

DDoS Attacks Can Cost Organizations $50,000 Per Attack

Corero surveyed over 300 security professionals from a range of industries including financial services, cloud, government, online gaming and media sectors, which revealed that DDoS attacks are costing enterprises up to $50,000 (£35,000) per attack.

Read more

Hajime Botnet Scanning for Vulnerable MikroTik Routers

Security researchers have shared concerns about scans being carried out by a Hajime IoT botnet looking to mass-infect unpatched MikroTik devices. This blog explains what is the Hajime botnet, Botnet herding and how to protect against the threat.

Read more

Banks in Denial over Their Resilience to DDoS attacks

Are retail and investment banks in denial about being adequately protected from the frequent advanced DDoS attacks they’re getting hit with today?

Read more

Critical Infrastructure Under Attack

Security researchers have long shared their concerns about potential cyberattacks on critical infrastructure systems. Over the past few weeks, there have been several reports highlighting the dangers of such attacks.

Read more

The NIS Directive – just how tough is it really?

Over the last few months, UK media outlets have been filled with reports about the series of tough new measures being introduced on 9th May to protect our national critical infrastructure against cyber threats.

Read more

The US Government Vs Botnets

U.S. government agencies are working hard to solve the problem of botnets and other cyber threats, and are asking for input from various stakeholders.

Read more

Corero’s Expertise Effectively Eliminates the Double-Trouble Threat of the Memcached Exploit

We’ve identified an “active defense” countermeasure which neutralizes the problem. In more emotive terms, we have found and implemented the “kill switch” for Memcached.

Read more

Minding Your MANRS

Maintaining the resilience and stability of the global Internet requires collaborative efforts between Internet Service Providers (ISPs), government agencies, enterprises, security vendors and end users.

Read more

Bursts, Waves and DDoS: What You Need to Know

A recent Cisco report found that 42 percent of organizations experienced “burst” distributed denial of service (DDoS) attacks in 2017.

Read more

US and European Agencies Warn about the Risk of International Cyber Threats

Critical infrastructure organizations have to take steps to mitigate the possibility of DDoS and other cyber threats.

Read more

Autosploit: A Marriage Made for DDoS Botnets

On January 30, 2018 a new mass exploitation tool called “Autosploit” was released on Github, a Git repository hosting service.

Read more

Pundits Speculate: Did Russian Hackers Launch DDoS Attacks on Dutch Organizations?

The Dutch national tax office said its website went offline briefly, for 5-10 minutes. Regardless of how long they were under DDoS attack, those afflicted Dutch organizations should also be concerned about a security breach.

Read more

Hackers Targeting 2018 Winter Olympic Games

As cyber threats have evolved and increased, so too has the probability of such attacks on the Games.

Read more

The Rise of IoT Botnet Threats and DDoS attacks

IoT devices still suffer from basic security vulnerabilities and it is precisely this lack of security that makes them so attractive to hackers. But it’s not just a password problem anymore.

Read more

New Malware and Mirai Botnet Variants Pose Significant Threats

There is no shortage of malware on the Dark Web. In particular, during the past week security researchers from various points around the world have been talking about three threats, two of which are variants of the now infamous Mirai botnet code.

Read more

DDoS Protection: a Big Need for Small Business

Cyber criminals will go after anybody who appears to be vulnerable with DDoS attacks that can mask nefarious security breaches. Learn more about why all businesses need to protect against DDoS attacks.

Read more

Spamhaus Project Releases Annual Report, Cites 32% Increase in Number of Botnet Command & Control Servers

The number of botnet Command and Control (C&C) IP addresses has dramatically increased in the past year, according to the 2017 annual report from The Spamhaus Project.

Read more

DHS, DOC Draft Report that Urges Government-Industry Cooperation to Strengthen Cyber Defense

The federal government realizes that it alone cannot manifest the reality of its vision; policies, standards, best practices, regulations and laws can go only so far.

Read more

Cybersecurity Compliance and Resilience

IT security professionals have to worry about defending against ever-evolving cyber threats and, increasingly, the C-suite has to worry about following cybersecurity laws.

Read more

Show Them That Crime Doesn’t Pay; Don’t Surrender to Cyber Extortionists

Ransomware and DDoS attacks are two of the most common and dangerous cyber threats now facing organizations.

Read more

Cyber Security Trends: What to Watch for in 2018

Based on Corero’s visibility into environments dealing with DDoS, we’ve summarized a few of the biggest trends we see on the horizon for 2018.

Read more

Pending Legislation May Allow Cyber Victims to Hack Back

A new piece of legislation proposed in October by U.S. Rep. Tom Graves (R-Ga.) and Rep. Kyrsten Sinema (D-Ariz.) would allow Victims of cyber security attacks to “hack back” at  perpetrators.

Read more

DDoS Attacks Gain Notoriety via Bitcoin

The digital cryptocurrency industry is facing two big cyber challenges, both of which affect website availability: system infrastructure capacity, and DDoS attacks.

Read more

ISPs Can Help Their Customers Defend Against DDoS Attacks

Every organization has IT security vulnerabilities, and many need to be especially concerned about distributed denial of service (DDoS) attacks.

Read more

DDoS Attacks Can Be Weapons in Cyber Warfare

Banks, energy utilities, transportation hubs and hospitals; these are the most high-profile examples of critical infrastructure that could be targeted by hackers.

Read more

New DDoS Protection for Physical or Virtual Environments

Corero recently launched the SmartWall Network Threat Defense - Virtual Edition (vNTD), which brings real-time DDoS attack visibility and mitigation to virtualized environments, for more diverse, flexible deployment possibilities.

Read more

Cryptocurrency: Top Target for DDoS attacks

It's essential that organizations maintain a comprehensive visibility across their networks to detect and block any potential DDoS incursions as they arise.

Read more

Holiday Hackers Can Ruin Website Availability and Security for Retailers

With so many website visitors during that crucial retail shopping window, companies must brace for spikes in traffic, protect their network security and maintain website uptime.

Read more

The New Face of DDoS-For-Hire Services

The rise of DDoS-for-hire services comes at a time when DDoS attacks are becoming more sophisticated than ever.

Read more

Mitigation Time Matters: The Difference between Seconds and Minutes

Organizations cannot afford to be slow in mitigating distributed denial of service (DDoS) attacks, no matter how large or small the attack.

Read more

Academic Research Reports Nearly 30,000 DoS Attacks per Day

Academics from the University of Twente (Netherlands); UC San Diego (USA); and Saarland University (Germany) recently conducted research that found that one-third of all /24 networks have suffered at least one DoS attack over the last two years. The research also found that “an average of 3% of the Web sites in .com, .net, and .org were involved with attacks, daily.”

Read more

The FBI Wants Victims to Report DDoS Attacks

Local municipal police forces seldom have the resources to track down cyber criminals, but the U.S. federal government has resources, and they want to help stem the surge of distributed denial of service (DDoS) attacks. Last week the U.S. Federal Bureau of Investigation (FBI) issued an appeal to organizations that have been victims of DDoS attacks to share details and characteristics of those incidents with an FBI Field office and the IC3.

Read more

7 Tips for Defending Your Network against DDoS Attacks

Today’s distributed denial of service (DDoS) attacks are almost unrecognizable from the early days of attacks, when most were simple, volumetric attacks intended to cause embarrassment and brief disruption.

Read more

‘Reaper’ Botnet – A DDoS Trick or Treat?

Researchers have discovered a massive new botnet, dubbed ‘Reaper’ or ‘IoTroop’, targeting poorly-defended IoT devices to form a ‘zombie army’ of devices that could rock the entire Internet with a powerful DDoS attack.

Read more

Botnets Growing, via Reaper and Sockbot Malware

In the past week security researchers have identified not one, but two malware types that infect devices to enslave them into IoT botnets: the Reaper, and Sockbot.

Read more

One Year after the Largest DDoS Attack

It’s been a full year since what most believe to be the world’s largest volumetric Distributed Denial of Service (DDoS) attack occurred.

Read more

DDoS Attacks on Sweden’s Transit System Signal a Significant Threat

Critical infrastructure organizations are at significant risk to the damaging impact of a Distributed Denial of Service (DDoS) attack.

Read more

Theft and DDoS Attacks Go Hand in Hand

Even if your organization has experienced a distributed denial of service (DDoS) attack only once, there’s still reason to feel uneasy.

Read more

DDoS Attacks Still on the Rise and Now Targeting Corporate Data

A new global survey by Kaspersky found that Distributed Denial of Service (DDoS) attacks have doubled over the last year.

Read more

Are Power Utilities Prepared for Cyber Attacks?

Accenture recently surveyed 100 utility executives from over 20 countries, and found that 57% of them are concerned that a cyber attack could interrupt the supply of electric power.

Read more

Survey Says More than One Third of US Businesses Experience DDoS Attacks

DDoS attacks cost not only time and money in the form of internal or external IT resources to bring a company’s network back online, but also create loss of revenue, brand reputation and customer trust.

Read more

Phantom RDoS Might Be a Fake Ploy, But Beware

A group that calls itself Phantom Squad has launched an email-based ransomware DDoS (RDoS) extortion campaign against thousands of companies across the globe in the past week.

Read more

“Everyday” DDoS Attacks Must Be Mitigated

At last week’s CLOUDSEC 2017 conference, Corero CEO Ashley Stephenson spoke to attendees about the importance of mitigating the “everyday” small-scale distributed denial of service (DDoS) attacks that are pervasive and harmful to global businesses.

Read more

DDoS Attacks on Internet Providers Can Impact Downstream Customers

Enterprises need to consider that even if they have protection against distributed denial of service (DDoS) attacks, their business could be taken offline if their Internet Service Provider (ISP), hosting provider or Domain Name Service (DNS) provider does not have adequate DDoS protection.

Read more

DDoS Attack Temporarily Folds Major Poker Game Site

Late last week America’s Cardroom’s Winning Poker Network (WPN), a major online gaming site, was hit with a ransom denial of service (RDoS) attack that lasted a few days.

Read more

Infected Google Play Store Apps Create Potential DDoS Botnet

This week the news broke that 300 apps from the Google Play Store were infected with malware that would allow Android phones to be recruited into a botnet.

Read more

The Rise of Ransom-Driven DDoS Attacks

In recent weeks, cyber attackers have become even more interested in extorting money from organizations by threatening to organize a DDoS attack on critically important online systems.

Read more

UK Considers Penalizing Operators of Essential Services for Lax Cyber Security

UK organizations that provide critical infrastructure could soon face penalties of up to £17m, or 4% of global turnover, if they suffer a loss of service due to having lax cyber security standards.

Read more

IT Professionals Forecast DDoS Attack Escalation

Corero recently surveyed some 100 IT security professionals at the InfoSecurity Europe conference in London last month, and their outlook on DDoS threat is bleak.

Read more

Federal Government Committee to Tackle the Botnet Problem

An advisory group for the U.S. federal government is taking on the challenge of preventing botnets, and reducing the number of botnets and their power.

Read more

Teen Hackers Can Launch a DDoS Attack for Cheap

You know it’s become way too easy to launch a distributed denial of service (DDoS) attack when even a 12-year old child can do it.

Read more

Final Fantasy 14 Plagued by DDoS Attacks

These attacks highlight just how exposed the gaming industry is to DDoS attacks, and reminds us how damaging successful attacks can be.

Read more

Cyber Insurance and DDoS Attack Protection

This past spring American International Group (AIG), one of the largest cyber insurance companies, surveyed cyber security and risk experts to gain a deeper understanding of their views of the likelihood and impact of a systemic cyber-attack.

Read more

Four Key Elements of Real-Time DDoS Defense

We have compiled a list of four elements of a DDoS defense system that will enable your business withstand a DDoS attack, in real-time.

Read more

Are DDoS Attacks on the Rise?

According to Corero’s recent DDoS Trends Report, Corero customers experienced an average of 124 attacks per month in the first quarter of this year (Q1 2017); that’s an increase of 9% compared to Q4 2016. In addition, 79 percent of DDoS attacks that Corero mitigated among its global customer base were less than 1Gbps in volume in Q1 2017. 98 percent of attacks were 10Gbps or less in volume.

Read more

Regulations May Decrease IoT Botnets, but Won’t Stop Them

The Internet of Things brings a host of advantages to consumers and businesses, but it also presents a slew of cyber security concerns.

Read more

Personal Data Security a Priority with New EU Regulations

Companies that have European constituents must prepare for the European Union General Data Protection Regulation that will go into effect in May 2018. The link between DDoS attacks and data theft should not be ignored.

Read more

DDoS Botnets, North Korea and the Threat of Cyber War

U.S. federal law enforcement and computer security agencies recently released a rare security alert, citing that a North Korean hacking group is actively targeting media, aerospace, financial, and critical infrastructure sectors in the United States and around the world. The hackers are believed to have used a botnet creation malware called DeltaCharlie to launch DDoS attacks.

Read more

Responding to DDoS Ransomware Demands & Attacks

Besides the financial loss that a company may experience by paying the ransom, companies must consider another risk: i.e., that they still will be subject to a DDoS attack by the hacker.

Read more

How to Handle DDoS Attacks: A Critique of DDoS Myths

A recent TechSpective article listed 20 ways to help prevent a DDoS attack. Some of the suggestions are helpful, but many of them have little benefit against the types of DDoS attacks which are common today. So, in the interest of busting some DDoS myths, this blog puts the recommendations in context.

Read more

Ponemon Report Weighs in on the Internet of Things

According to Dark Reading, a new Ponemon Institute report states that a majority of companies rely on legacy technologies such as network firewalls and intrusion prevention systems (IPS) to ward off cyber threats such as malware, ransomware and distributed denial of service (DDoS) attacks.

Read more

Benefits of Automatic DDoS Protection in a Hosting Environment

It’s relatively easy for hackers to launch distributed denial of service (DDoS) attacks against a web hosting provider, because they have such large attack surfaces.

Read more

Attack Detection: The Crucial First Step in DDoS Mitigation

If your IT security system fails to detect and block the majority of DDoS attacks, how can you be sure that your network is truly safe from other incursions?

Read more

The Future of DDoS Protection: Turning the Threat into a Revenue Generating Opportunity

Corero Network Security, in conjunction with Fierce Telecom has released "The Future of DDoS Protection: Turning the Threat into a Revenue Generating Opportunity". This executive summary highlights the unique needs of Service Providers, when deploying DDoS mitigation for infrastructure protection, as well as a new service offering for their customers.

Read more

Service Providers Can Offer Per-Customer DDoS Attack Dashboards

Distinguishing between “good” traffic and “bad” network traffic has not always been easy, and it has been traditionally difficult to present in visual terms. But when IT security staff can see network intrusions in real-time, they can better defend against them.

Read more

WannaCry Ransomware Attack Wreaks Havoc Across Globe

May 12, 2017 now marks an unwelcome milestone in hacking history; the largest-ever ransomware attack occurred that day, affecting thousands of private and public sector agencies across 150 countries.

Read more

DDoS Attack Briefly Cripples the FCC Comment System

It’s hardly surprising that DDoS attacks finally caught the attention of politicians; it was just a matter of time until a DDoS attack affected a government agency. A combination of events has led to more awareness of cyber threats, including DDoS attacks.

Read more

5 Essential Qualities to Look for in a DDoS Mitigation Solution

When vetting various distributed denial of service (DDoS) mitigation services, enterprises would be wise to determine which kind of protection their business needs, and look for five key characteristics.

Read more

DDoS Attacks: The Changing Legal and Regulatory Landscape

Internet service providers are increasingly treated more like public utilities than consumer services; will government regulations require that they block DDoS traffic? That remains to be seen. Ultimately the demands of enterprises and consumers may have more influence than any government regulations. The business landscape may require ISPs to provide DDoS protection, if only to protect themselves from litigation.

Read more

The Threat of North Korea’s DDoS-driven Cyber Attack

DDoS attacks can cripple crucial Internet systems. Learn about the potential damage a cyber attack wielded by North Korea could do.

Read more

What ISPs Need To Know About CLDAP DDoS Attack Vectors

The Corero Security Operations team has identified significant exploitation of the CLDAP attack vector in attack attempts against its customers since it was first disclosed in October 2016.

Read more

DDoS-For-Hire Services Under the Spotlight

The rise of DDoS-for-hire botnets has caused an explosion of attacks, partly due to their cheap price point – they can be launched for just a few dozen dollars per month.

Read more

DDoS Attacks and Political Hacks

The British House of Commons issued a report last week, indicating the possibility that hackers from Russia or China launched a DDoS attack that crashed the United Kingdom's voter registration website before the deadline to register for the historic Brexit vote. Was that the likely cause of the crash, and could something similar happen in the US?

Read more

Why Real-Time DDoS Mitigation Is Essential for Your Network Security

If you think your network is safe from distributed denial of service (DDoS) attacks just because your website or web application has not been taken offline, think again. The cyber threat landscape continues to evolve dramatically. In terms of DDoS attack trends, two things have happened.

Read more

Survey Says Businesses Want DDoS Protection from ISPs

Corero conducted a survey of decision makers and security experts, to get a pulse on industry concerns about DDoS attacks in 2017. Learn about the results!

Read more

Myths that Surround Cloud-based DDoS Mitigation

Now that DDoS attacks are a common occurrence for many companies, more organizations are rightfully worried about protecting their servers and web applications. With that wave of concern comes a slew of advice—some good, some bad—from IT experts about the best anti-DDoS approaches. One example of bad advice is to suggest that organizations can rely exclusively on cloud-based mitigation.

Read more

How Can a DDoS Attack Be Part of a Security Breach?

A recent study by BitDefender showed that 34 percent of companies in the U.S. were breached in the past year, and 74 percent of the victims don’t know how it happened. Companies must realize that DDoS attacks are often part of the toolkit for cyber criminals to launch a security breach.

Read more

Is DDoS Protection Worth the Investment?

Anti-DDoS technology has often been difficult or costly for individual organizations to deploy. Fortunately, DDoS defense solutions have evolved, enabling hosting providers and ISPs to offer affordable DDoS protection to their customers.

Read more

Lack of IoT Security Fuels Terabit DDoS Attacks

Learn why unsecured IoT devices have become the backbone source for current and future multi-terabit distributed denial of service (DDoS) attacks.

Read more

DDoS Attacks, Who Dunnit? The Fight for Improved Detection and Protection

A recent Kaspersky Lab study found that many businesses that have suffered DDoS attacks believe that their competitors launched the attacks. Is there evidence to support their beliefs?

Read more

Mirai IoT Malware Now Infecting Windows Systems

The Windows-based spreader appears to have been created by a developer with advanced skills, and has a richer and more sophisticated code and components than the original Mirai malware. 

Read more

What is the Benefit of Real-Time DDoS Mitigation? Let a Corero Customer Tell You!

The following post is contributed by our friends at Zare, a UK based hosting provider for quality, affordable and DDoS protected dedicated hosting solutions.

Read more

The Importance of DDoS Attack Visibility

As sophisticated DDoS threats continue to evolve, effective security analysis requires continuous visibility into the traffic flowing between the protected network and the Internet. Analysis of past events is valuable to help prepare for future threats.

Read more

Nearly 40% of Companies Lack Skills and Technology to Handle DDoS Attacks

A recent TripWire study highlights the growing problem of cyberattacks, and whether IT staff feel that their companies have the right combination of skills and technology to cope with various types of cyber threats.

Read more

If You Haven’t Already Been DDoS’ed, Assume You Will Be

Some companies are keenly aware of attacks on their networks, but other companies are not. Even in some companies that have dedicated IT security staff and systems in place, major security breaches have occurred. It can take months or even years for an organization to realize that it has been breached.

Read more

IoT-Driven Botnet Attacks US University

To avoid experiencing similar incidents, companies need to pay close attention to the network settings for their IoT devices and, where possible, separate them from access to the Internet and to other devices.

Read more

Financial Impact of Mirai DDoS Attack on Dyn Revealed in New Data

Several months after the now-infamous DDoS attack on DNS provider Dyn last October, the incident continues to make headlines. Earlier this month, reports emerged about the scale of customer losses that the company experienced in the wake of the attack. According to security ratings provider, BitSight, roughly 8% of Dyn’s customer base stopped using their services in the aftermath of the attack.

Read more

DDoS Attacks Won't Be Blocked by Black Holing/Null Routing

Anti-DDoS solutions have evolved dramatically over the past few years, so it’s surprising to see occasional articles that still recommend outdated approaches, such as remote black holing (also called null routing) to stop unwanted traffic.

Read more

An Economical Approach to DDoS Attack Protection for Hosting & Service Tenants

Corero's new product, the SmartWall® Service Portal, enables Internet Service providers and hosting providers to offer DDoS Protection as-a-Service (DDPaaS) to their tenants in a flexible and economic model. A few years ago, such DDoS technology was not available; now, it’s the wave of the future.

Read more

Increased Risks of DDoS Attacks for Ransom to Businesses

DDoS extortion campaigns are a common tool in the cyber-threat arsenal, and one of the easiest ways for an attacker to turn a quick profit. When service availability is threatened, the victim company needs to consider the potential loss in downtime, revenues and brand damage.

Read more

Untangling the Dark Web behind Mirai IOT Botnet DDoS Attacks

Security researcher Brian Krebs believes he has unraveled the mystery of who launched a massive Mirai botnet DDoS attack on his site in September of 2016. If Krebs’ allegation is true, then this is a seamy tale of a good programmer who went bad: a white hat turned into a black hat.

Read more

How DDoS Attacks Impact Hosting Providers [Part 2] – Data Security

On its own, a DDoS attack is not a security breach; however, it can pose a serious data security risk for hosting providers and others. Learn why IT security teams cannot afford to ignore DDoS threats, no matter how small the attacks may be.

Read more

How DDoS Attacks Impact Hosting Providers [Part 1] – Web Availability

Most hosting providers experience DDoS attacks on a nearly daily basis, even if they are typically not volumetric attacks that drag down an entire network. When a hosting provider gets hit with a volumetric attack, the ramifications can be far-reaching and long-lasting.

Read more

Law Enforcement Tries to Curb DDoS Attacks

Law enforcement is at a disadvantage against hackers, mostly because distributed denial of service (DDoS) attacks leave little or no trace of evidence. However, police have made some arrests recently, which counts as a tiny bit of progress in the uphill battle against cyber criminals.

Read more

Could Volumetric DDoS Attacks Shut Down the Internet?

Many people are now asking the question, were the 2016 DDoS attacks just warm-up drills or test runs for even larger attacks that would cripple large parts of the Internet? The potential certainly exists; is it probable?

Read more

5 Cyber Security Questions to Ask an Internet Service Provider

Business depends upon Internet reliability and security, so when it comes to choosing your Internet Service Provider (ISP), it pays to ask the right questions. Given the prevalence of DDoS attacks, one can no longer assume that that your Internet service will be 1) always reliable or 2) “clean.”  

Read more

DDoS-for-Points: How to Beat Hackers at Their Own Game

DDoS attacks are popular among online game players, and recently a Turkish hacker created a game that rewards players for launching DDoS attacks against a set of political websites.

Read more

Traditional Layers of Defense Are Not Enough to Stop DDoS Attacks

Although DDoS mitigation solutions have been around for nearly 20 years, there are still some myths about DDoS attacks and much debate about how to best protect a network.

Read more

DDoS Attack Predictions for 2017

What challenges and changes will 2017 bring to the DDoS threat landscape? And why is there reason to be optimistic that the number of volumetric DDoS attacks will decrease in the next few years? Read our predictions for 2017.

Read more

The Link Between DDoS Attacks & Security Breach Dwell Time

The costs of security breaches are infamous, and the methods are myriad, constantly evolving. One might ask, how could a security breach go unnoticed, especially for long periods of time?

Read more

DDoS Hackers for Hire

Unfortunately, just in the past few weeks it’s become exponentially easier to launch a massive DDoS attack. There are two reasons for this evolution.

Read more

The Dangers of Underestimating DDoS Attacks

Organizations should be wary of being quick to claim that their business systems have not been affected by a DDoS attack, because this can be extremely difficult to ascertain.

Read more

DDoS Attacks on Critical Infrastructure

Could a DDoS attack cause a long-term disruption of industrial control systems, which operate or monitor much of the nation’s critical infrastructure?

Read more

How to Handle Terabit-Scale DDoS Attacks

In the wake of so many DDoS attacks in recent months/years, many enterprises and agencies are seeking ways to protect themselves from such attacks, and the burden of stopping DDoS attacks should fall mostly on Internet Service Providers and Hosting Providers.

Read more

DDoS Attacks Open the Door to Ransomware

Short DDoS attacks might seem harmless, in that they don't cause extended periods of downtime. But IT teams who choose to ignore them are effectively leaving their doors wide open for ransomware attacks or other more serious intrusions.

Read more

BlackNurse DoS Attack – What You Should Know

Researchers have warned that a low-volume BlackNurse DoS attack can easily take down certain firewalls.

Read more

ISPs Can Stop DDoS Attacks, Without Violating Net Neutrality Laws

In reference to the massive DDoS attack on Dyn, some telecommunications industry experts recently gathered to discuss the issue of “Net Neutrality,” an important and sensitive issue for Internet Service Providers.

Read more

Will Companies Suffer DDoS Attacks on Cyber Monday?

Most of the time, Cyber Monday attacks have taken the form of phishing scams and theft of data such as credit card numbers and email addresses. There have not been many major DDoS attacks on Cyber Monday, but with the way DDoS attack trends are going, there is still reason for concern.

Read more

Cleaning up DDoS at the Network Edge

Hosting providers and/or the tenants they serve experience distributed denial of service (DDoS) attacks on a daily basis. Some attacks are large and noticeable, but the vast majority go unnoticed unless the provider has a granular DDoS detection solution.

Read more

Can DDoS Attacks Be Prevented by Policies or Legislation?

To avoid future DDoS attacks, several U.S. lawmakers have called on the government to improve cyber security protections and consider new rules for web traffic. Would such laws or policies help?

Read more

4 New Trends in the DDoS Threat Landscape

The now infamous DDoS attack on DNS provider DYN broke records for the sheer size of the attack. Unfortunately, the scale of that attack is likely to become commonplace in the near future because of a perfect storm of four trends brewing in cyberspace.

Read more

Help Prevent IoT Devices from Becoming DDoS Botnet Slaves

It’s impossible to make sure that every IoT device is immune to botnet enslavement; however, there are things that companies and consumers can do to make it more difficult for DDoS hackers.

Read more

DDoS Attacks, Security Breaches Validate the Need for National Cyber Security Awareness

It’s very apropos that October is National Cyber Security Awareness Month because this month and the preceding month have been chock full of record-breaking cyber attacks.

Read more

Corero Team Discovers a New DDoS Vector

The Corero research team has discovered a new distributed denial of service (DDoS) Reflection/Amplification attack vector that leverages Connectionless Lightweight Directory Access Protocol (CLDAP UDP:389).

Read more

The Impact of Recent DDoS Attacks Against DNS Infrastructure

Websites across the East Coast were impacted as a result of a reported DDoS attack against a well-known DNS provider’s Infrastructure.  The online availability of popular brands such as Twitter, Spotify, Basecamp, Netflix and a laundry list of others were impacted.

Read more

DDoS Attacks: How Service Providers Can Protect the Media

In the run-up to the US election, we can expect to see more and more of the types of DDoS attack that took Newsweek offline last week. However, these attacks can easily be defeated by service providers, at the network edge.

Read more

Modern or Legacy DDoS Protection? The Important Differences

DDoS attacks have evolved over the years and, thankfully, so has DDoS protection technology. However, not all DDoS solutions are equal.

Read more

Bad News: Bots Thrive on the IoT

The explosion of IoT devices and the release of the "Mirai" code enables more botnet-driven DDoS attacks. However, telecoms can help reduce such attacks.

Read more

Sub-Saturating DDoS Attacks Steal Bandwidth

Sub-saturating, surgical DDoS attacks can be a threat to any organization, but the impact on Service Providers can be even greater.

Read more

The IoT Makes it Easier to Launch Massive DDoS Attacks

Despite its advantages, the Internet of Things (IoT) comes with a host of security disadvantages, allowing hackers to harness connected devices for a variety of nefarious purposes, including DDoS attacks.

Read more

6 DDoS Attack Protection Myths

Having been in the business of DDoS protection for many years, Corero has seen plenty of bad advice thrown around by various cyber pundits. Below we have put together 6 common myths around DDoS protection, and our response to them.

Read more

How DDoS and Malware Could Impact the Voting System

Recent stories in the national media have heightened concerns about the potential for hackers to interfere with the upcoming U.S. elections; how could DDoS attacks play a role?

Read more

SDN and NVF: Blessing or a Curse for DDoS Security?

Software Defined Networks (SDN) and Network Functions Virtualization (NFV) technologies are growing more common, but they are inherently vulnerable to DDoS attacks.

Read more

911 Systems at Risk for TDoS Attack Takedown

Researchers from Ben Gurion University in Israel recently discovered that cyber criminals could launch a telephony denial-of-service (TDoS) attack that could take over thousands of smartphones to form a zombie army of botnets that would automatically dial repeated calls to a 911 system.

Read more

The Links Between Ransom, Ransomware and DDoS Attacks

Of all the cyber threats today, distributed denial of service (DDoS) ransom attacks and ransomware are high on the list of IT security concerns because they are growing more common and they are expensive to remediate.

Read more

Study: 78% of Businesses Not Prepared for Security Breaches

A new study published by international consulting firm KPMG and telecoms group BT recommends that businesses collaborate with telecom companies, Internet Service Providers, banks, credit-card providers, insurers and the security industry in a concerted effort to improve cyber security.

Read more

Online Gaming Companies are EA-sy Targets for DDoS Hackers

Recent DDoS attacks on Blizzard and EA servers highlight the vulnerability of the online gaming industry. Fortunately, gaming companies— or, for that matter, all companies that rely on a continuous online presence— now have better choices that can deliver near-instantaneous protection.

Read more

Why is the UK a Prime Target for DDoS Attacks?

Reports surfaced last week that the UK has now become the world’s second most targeted nation for DDoS attacks, following a 220% rise in the number of attacks globally in the last year.

Read more

Choose Your Network Threat Defenses Wisely

Ransomware, Trojans, Malware, and distributed denial of service (DDoS) attacks are some of the most common types of threats. Each has different vectors and flavors, and each brings its own risks and costs. IT pros clearly need multiple layers of security, but which layers are most important?

Read more

Lessons Learned from the Australian Census DDoS Attack

After the DDoS attack on Australian Bureau of Statistics, what can we learn from it? The incident highlights the importance of having DDoS protection at the network perimeter, as well as reliable analytics and clear visibility in the event of a DDoS attack.

Read more

Strategies Shifting for DDoS DNS Amplification Attacks

New research presented at the Black Hat conference indicates that DDoS DNS amplification attacks are now more likely to use SSDP than NTP, and that DDoS attacks may generally be smaller than are commonly reported.

Read more

Improper Network Configuration Can Lead to DDoS Attacks

Recent research found that cyber attackers can launch DDoS attacks by abusing improperly configured DNSSEC (Domain Name System Security Extensions) domains. Learn how to protect your network, whether it includes DNS service or not.

Read more

Does “DDoSCoin” Crypto Currency Encourage More DDoS Attacks?

Recent academic research reinforces the fact that DDoS attacks are not going away, especially if hackers are rewarded with crypto currency.

Read more

Customers Want “Clean Pipe”

If your water utility delivered contaminated water into your home, you’d probably complain; of course consumers expect clean, potable water from their water utilities. Likewise, enterprise customers have begun to realize that “dirty” Internet traffic threatens their availability, security and bottom line, so they increasingly demand “clean pipe” from their Internet Service Providers (ISPs).

Read more

DDoS Attacks Plague Olympic & Brazilian Government Websites

When the Rio Olympic Games began last week, several websites associated with the Games and the Brazilian government were hit by DDoS attacks. But beware; hackers don't attack only high-profile websites.

Read more

A Blizzard of DDoS Attacks on the Gaming Industry

It may be summertime in the Northern Hemisphere, but the first week of August has been marked by a blizzard. A virtual blizzard, that is, of DDoS attacks on some gaming companies.

Read more

NATO Declares the Internet a War Zone

NATO recently published a Cyber Defense Pledge, recognizing the growing threat of nation state cyber warfare and the need for greater cyber security and collaboration among allies.

Read more

Corero Emphasizes Network Threat Protection at HostingCon 16

This year the leading conference for hosting providers featured an emphasis on cyber security and network protection, with many attendees interested in adding DDoS mitigation to their portfolio of services.

Read more

Need for ISP DDoS Protection Demonstrated in Mumbai Attack

A DDoS attack on an Internet Service Provider (ISP) earlier this week crippled Internet service throughout Mumbai, India, which clearly demonstrated why it’s so important for ISPs to have DDoS protection.

Read more

Automated DDoS Protection Hardware Fills a Gap in Network Security

There is no shortage of cyber threats, but there is a shortage of trained IT security personnel to guard against them. With automated DDoS mitigation in place, IT security staff would have more time to handle other cyber security threats.

Read more

DDoS Attacks Temporarily Stop Pokémon GO

The popularity of the online game Pokémon GO has exploded like wildfire in a matter of days (as anyone who does not live under a rock knows). It took only a few days for cyber hackers to find a way to cripple the online game with two apparently separate DDoS attacks that caused service disruptions and outages.

Read more

5 Tips: DDoS Protection for Hosting Providers

New anti-DDoS technology is not only more effective than ever, it’s also more affordable. Here's a list of five tips to guide hosting providers in their strategy to protect their networks and their customers’ networks from DDoS.

Read more

DDoS Attack Trends in the Gaming Industry

From historic DDoS attacks against the PlayStation Network to the recent sustained attacks against Blizzard, DDoS attacks have become such a regular occurrence in the gaming industry that it has almost become an accepted part of the culture. This blog looks at a few commonalities that indicate how and why these attacks occur.

Read more

Small DDoS Attacks Cause Big Problems

Most DDoS attacks are not large, volumetric attacks, and DDoS hackers target all kinds of organizations, not only big, household name companies or government agencies. No website or online application is immune to DDoS, and any size DDoS attack is cause for alarm. You see, DDoS is not just a web availability issue; it’s a security issue.

Read more

IT Security Professionals Want Better DDoS Protection from Service Providers

Corero polled over 100 IT security professionals at the Infosecurity Europe 2016 conference in London last month, and the survey shows that UK businesses are not only worried about DDoS attacks, they want better protection from their Internet Service Providers.

Read more

Meet Corero’s Family of DDoS Mitigation Hardware

If you’re doing research about DDoS protection solutions there are many choices out there, and it can be challenging to find the solution that best fits your organization. Learn about the pros and cons of scrubbing service vs. cloud-based mitigation vs. DDoS mitigation appliances.

Read more

Massive Botnet Attack Proves That Firewalls Offer No DDoS Protection

A massive botnet DDoS attack, composed of approximately 25,500 compromised closed-circuit television (CCTV) systems, has been ongoing for the past few weeks, attacking various businesses across the globe. A firewall offered no protection.

Read more

New Report Points to Alarming DDoS Attack Statistics and Projections

A new report from Cisco includes data on DDoS attacks worldwide, citing increased size and frequency of attacks. However, Corero finds that the vast majority of attacks targeting customers are 1Gbps or less in size.

Read more

DDoS Protection Increases Customer Retention for Telecoms

Retaining and growing accounts for existing customers is much easier than gaining new ones, particularly in the telecommunications industry, which has significant turnover. But which technologies offer the greatest opportunities for this kind of advancement?

Read more

Cyber Criminals Sell Compromised Servers to Carry Out DDoS Attacks

A major underground marketplace is selling access to more than 70,000 compromised servers, allowing buyers to carry out widespread cyberattacks around the world.

Read more

What Bank Executives Need to Know about DDoS Protection

A recent KPMG study showed that 1 in 10 banking executives didn't know if their bank had been hacked. Bank executives need to realize how easily hackers breach networks by using Dark DDoS attacks as a smokescreen.

Read more

Can The Criminal Justice System Thwart Botnet-Driven DDoS Attacks?

In mid-May three senators on Capitol Hill introduced a bill (S.2931 - Botnet Prevention Act of 2016) that aims to give law enforcement and the courts more teeth when it comes to going after cybercriminals, especially those that launch botnet-drive DDoS attacks. It's a nice idea, but will it work?

Read more

A DDoS Mitigation Appliance Blocks Attacks

In a recent survey, 30% of respondents said their enterprise relies on traditional security infrastructure products (firewall, IPS, load balancers) to protect their businesses from DDoS attacks. Unfortunately, those companies are still very vulnerable to DDoS attacks.

Read more

Dark DDoS Attacks Often Mask Security Breaches

It's a challenge for network security professionals to detect, never mind block, every intrusion. What’s troubling is how much time it can take for an organization to realize that its security system has been breached.

Read more

Cyber Security & DDoS Protection: Major Themes at Big Communications Event

At last week's Big Communications Event, the annual gathering of experts in the telecoms and communications industry, one major topic was how to secure the provider network and protect downstream customers from cyber threats.

Read more

Automated DDoS Protection Reduces Costs & Prevents Downtime

Human intervention is insufficient for most cyber security attacks because humans can’t immediately see every attack, and they certainly can’t respond fast enough (in real time) to block all infiltrations.

Read more

Does Artificial Intelligence Apply to Network Security and DDoS Attacks?

Human intervention alone is no longer sufficient to stop cyberattacks. However, it’s important to recognize that not all software techniques that are automatic or reactive should be classified as Artificial Intelligence.

Read more

All Gigs Are Not Created Equal: DDoS Protection Makes a Difference for ISPs

When evaluating an Internet Service Provider, it’s important to consider the quality, as well as quantity, of bandwidth it offers. How effectively a provider protects its customers from Distributed Denial of Service (DDoS) attacks can have a dramatic impact on the quality of Internet service.

Read more

Anonymous Launches DDoS Attacks on Banks in "Op Icarus"

Banks across the globe need maximum security not only for their safes and vaults, but also for their networks.

Read more

Benefits of Real-Time DDoS Protection

If your organization is debating the merits of a DDoS protection appliance compared to a DDoS scrubbing service, this blog post offers a short explanation of the key differences between these types of DDoS solutions.

Read more

Breaking the Bank: DDoS Hackers Unleash Their Fury on Financial Institutions

The recent Anonymous DDoS attacks on international banks prove that financial institutions should be more proactive, rather than reactive, in handling DDoS attacks.

Read more

Key Components of Our DDoS Monitoring Tool for Virtual Machines

Corero’s latest product, the SmartWall® Threat Defense - Virtual Edition (vNTD Monitor), allows service providers who are looking to scale out their security analytics environment to simply “drop” security visibility into any part of their network to analyze the nature of a threat.

Read more

Distributed Denial of Service Attacks are Preventable!

A news story about the recent DDoS attack on the Hawaii Better Business Bureau illustrates common misperceptions about effective DDoS protection.

Read more

Protect Your Network from Cyber Extortion with a DDoS Protection Solution

This week ushered in several news articles about recent DDoS extortions that turned out to be scams conducted by some hackers who pretended to be part of the Armada Collective. Some businesses paid the ransom fee, but they could have avoided the entire problem if they had adequate DDoS protection in place.

Read more

DDoS Protection – Why Hosting Providers Need It!

Hosting providers face increasing pressure to prevent DDoS attacks from infiltrating their networks. Here are three primary reasons why providers need to implement DDoS protection, and three benefits they'll gain from doing so.

Read more

DDoS Attacks Impact the Janet Network & Connected Universities

Last week the Janet Network, the government-funded educational network used by many universities in the United Kingdom, experienced another serious DDoS attack. Universities can’t afford to adopt a “whack-a-mole” approach to DDoS attacks. They need real-time, automatic protection against DDoS attacks to protect network services, maintain availability and protect users and their confidential data.

Read more

Majority of Enterprise Customers Want Better DDoS Protection from ISPs

FierceMarkets and Corero jointly published a new research report based on a survey of ISPs and enterprise customers regarding DDoS mitigation strategies. The report discusses not only the traditional methods of DDoS mitigation, but also the rationale of some ISPs who have not yet adopted more effective anti-DDoS technology.

Read more

DDoS Hackers Using IoT Devices to Launch Attacks

There are millions of connected devices that comprise the Internet of Things (IoT), which leads to many security weaknesses that DDoS hackers can leverage. By using amplification techniques on the millions of very high bandwidth density devices currently accessible, such as baby video monitors and security cameras, DDoS attacks are set to become even more colossal in scale.

Read more

DDoS Mitigation as a Service Offering for Telecoms

For today’s internet-driven businesses, any service degradation or outage can have a detrimental impact on brand, customer loyalty and the bottom line. Increasingly, such incidents are being caused by Distributed Denial of Service (DDoS) attacks, and this is one area where telecoms can take leadership.

Read more

Hosting Providers Can Capitalize on DDoS Protection as a Service

The majority of hosting provider customers expect the provider to ensure “clean pipe.” Here's a summary of a webinar that we co-presented with Web Host Industry Review (WHIR), which discusses how hosting providers can implement the most comprehensive level of DDoS protection to eliminate DDoS attack traffic from their networks, and offer that DDoS protection as a value-added service to their customers.

Read more

DDoS Mitigation Solutions & MSSPs Work Together to Keep SMBs Safe

Cyber attacks are on the rise, affecting all kinds of organizations, yet there is a shortage of cybersecurity employees who know how to prevent and manage cyber threats. Small to medium-sized businesses are increasingly turning to Managed Security Service Providers (MSSPs) for help.

Read more

Corero Receives “Recommended” Rating in NSS DDoS Prevention Solutions Security Value Map

Corero SmartWall® Threat Defense System (TDS) earned a top position in the latest NSS Labs DDoS Prevention Group Test, earning the coveted “Recommended” rating, with high performance in all test categories.

Read more

Survey: DDoS Attacks Cause Loss of Customer Trust & Decreased Revenues

We've released the results of our annual DDoS Impact Survey, which polled technology decision makers, network operators and security experts about key DDoS issues and trends that Internet service providers and businesses face in 2016. Nearly half (45%) of the survey participants indicated that loss of customer trust is the most damaging consequence of DDoS attacks to businesses. See our infographic that sums up rest of the survey results!

Read more

Cyber Warfare or Hacktivism? DDoS Attacks Can Be Used Either Way

Recent DDoS attacks on government and corporate websites in Sweden, Finland and Switzerland illustrate that DDoS can be used as either cyber warfare or political hacktivism.

Read more

Researchers Discover New Vector for DDoS Amplification Attacks

Researchers in Scotland have found a new vector for DDoS amplification attacks: the TFTP protocol (Trivial File Transfer Protocol). Thus far it appears that hackers have not relied heavily on the TFTP protocol; however, you can be sure it will become popular with DDoS attackers.

Read more

The Dangers of Short-Duration, Sub-Saturating DDoS Attacks

Many organizations aren’t even aware of when their sites are experiencing a DDoS attack, because the majority of attacks are under 1 Gbps, and are perceived as only annoying “noise” in the IT background; the attacks are not large enough to get the attention of IT security staff. That doesn’t mean they should be ignored, however. Unseen, low-level DDoS attacks cause two problems.

Read more

DDoS Mitigation Service Provider, Staminus Suffers a Major Security Breach

Staminus, a global hosting and Web security firm, suffered a major blow late last week when it became the victim of a security breach. Staminus is a hosting provider and provider of cloud-based DDoS mitigation services.

Read more

Department of Homeland Security Supports Anti-DDoS Efforts

Give the U.S. federal government credit for attempting to find more broad-based solutions to the global problem of DDoS attacks. We reported a few months ago that DARPA is soliciting research projects on innovative ways to create resilient defenses against DDoS attacks. Now the Department of Homeland Security (DHS) is getting in on the act as well.

Read more

How Corero Protects Against Blended DDoS Attacks

DDoS attacks come in various forms, and hackers have become more sophisticated by launching blended attacks that combine three, four or five types of attacks at the same time. Fortunately, the Corero SmartWall Threat Defense System (TDS) defends against all of them. A recent 75Gbps combined ACK and SYN flood attack on a Corero customer illustrates this point.

Read more

A Telecom Case Study: Deployment of DDoS Mitigation Solution

In a recent webinar hosted by IHS on “Service Provider Deployment of DDoS Mitigation,” Stephen Clark, Director of IP Networks at Telesystem, explained that Block Communications implemented the Corero SmartWall® Threat Defense System on each of its vital interconnects to Tier 1 providers. The solution is in-line deployment of automatic DDoS mitigation that stops malicious traffic at the peering edge. “We can protect our networks at the gate, in real-time,” said Clark.

Read more

Introducing the Corero Virtual Edition (vNTD) Monitor – a DDoS Detection Engine

Last week we announced a new product: vNTD Monitor, which provides the freedom and flexibility to monitor DDoS activity in real-time against any server, application or network. This industry-leading technology provides visibility of attack traffic, intuitive analytics and alerting of DDoS attack vectors targeting a system or workload.

Read more

How to Win the DDoS Game

Xbox Live is again making headlines, but not in a good way. Earlier this week the company suffered various service outages that kept thousands of Xbox gamers at bay. The rumor—unconfirmed by Xbox Live—is that the outages may have been caused by a series of distributed denial of service (DDoS) attacks. Regardless of whether this incident was caused by a DDoS attack, it is well-known that DDoS hackers love to wreak havoc with online gaming companies.

Read more

A Security Guide for Next Generation Service Provider Network Architecture

In the typical service provider network today, security is often an afterthought; after building the network, engineers typically add encryption and firewalls, neither of which is sufficient to protect against the increasing malware and DDoS attacks that plague networks and service functions.

Read more

Clear and Comprehensive Visibility into DDoS Attack Mitigation

Whether they are online enterprises, hosting providers or Internet service providers, companies need 24/7 insight into their network security, particularly regarding DDoS attacks and other cyber threats that target their Internet-facing services.

Read more

Distributed Denial of Service Attacks Caused 22% of Unplanned Data Center Outages in 2015

The “2016 Cost of Data Center Outages Report,” published recently by Emerson Network Power in conjunction with the Ponemon Institute, states that unplanned data center outages cost companies nearly $9,000 per minute, and the second most common cause of outages was cybercrime, specifically Distributed Denial of Service (DDoS) attacks.

Read more

In-Line, Always-On DDoS Protection Makes Sense for Service Providers

It's not practical or cost effective to handle DDoS attacks with a swing to a cloud scrubbing service; they must be mitigated locally to maintain availability, performance and latency.

Read more

The Cybersecurity Issue Gets Attention from the White House

President Obama's announcement of a Cybersecurity National Action Plan is an important step towards protecting the American public from the ever-growing threat of cyber attacks.

Read more

Going After the People Behind DDoS Attacks

There are two aspects of fighting DDoS attacks. One is remediation—stopping the attack when it comes in. Corero and other providers have this part of the equation covered. The other aspect of stopping attacks has to do with law enforcement, which can be done only with the help and support of the victim companies.

Read more

DDoS Attacks Rise in Size, Sophistication and Frequency

Distributed denial of service (DDoS) attacks are clearly on the rise: growing in size, sophistication and frequency. Any type of website can be preyed upon by a DDoS attacker, and several high-profile websites have been hit in recent weeks, ranging from corporate enterprises and government agencies to educational institutions. In this blog post Corero COO Dave Larson answers questions about these troubling trends.

Read more

Mitigating Multi-Vector DDoS Attacks

Corero's Security Operations Center* team monitors various customer websites 24/7, 365 days per year. They regularly see DDoS attacks in real-time, many of which are so small that they would be unnoticed by the customer if not for the Corero SmartWall® Threat Defense System (TDS). However, they also see very large, multi-vector attacks in progress. This blog includes sample reports of high-volume, multi-vector attacks detected and mitigated in real-time by the SmartWall® Threat Defense System.

Read more

DDoS Mitigation Solutions Have Evolved from Cost Item to Revenue Opportunity

Now that DDoS mitigation solutions are more affordable and scalable, there is opportunity to not only save on operational and bandwidth costs, but also to generate new revenue. Service providers can turn mitigation structure around to re-sell it as a service to their customers downstream.

Read more

On the Upswing: Cyber Insurance to Cover the Liability of DDoS Attacks

Cyber insurance is not a substitute for making smart investments in cyber security and following industry best practices. However, it is an important part of almost any business's risk mitigation strategy.

Read more

What Motivates DDoS Attackers?

Whether motivated by greed, cheap thrills or politics, DDoS hackers wreak havoc on websites. The best protection is prevention: defensive solutions that can detect and stop DDoS hackers in their tracks before they do any damage.

Read more

This new hacktivism tactic makes every organization with a web presence a potential target for a DDoS attack

Hacktivism is on the rise as a motivation behind numerous DDoS attacks. For whatever reason, groups like Anonymous, Lizard Squad, Syrian Electronic Army, Chaos Computer Club and others believe they can intimidate corporations, government agencies, and other institutions by knocking these entities' websites offline for a period of time. One of the latest victims of a hacktivist attack is the Japanese carmaker Nissan.

Read more

DDoS Attacks Lead to Downtime and Lost Revenue for Hosting Providers

Corero is pleased to note that one of our customers, InMotion Hosting, has won PC Mag’s Editor’s Choice Award for The Best Web Hosting Services for 2016. One of the key factors for the win was uptime, which is increasingly recognized as the most important feature that hosting providers must offer to website customers. After all, if a customer’s website goes down, it’s difficult, if not impossible, for that customer to conduct business.

Read more

DDoS Rings in the New Year With a Vengeance

High profile DDoS attacks rang in the new year in full force, starting 2016 with a flood (no pun intended) of activity. The morning of New Year’s Eve, BBC websites and other associated online services went dark due to a DDoS attack. Since the outage, hacker group “New World Hackers” have stepped forward claiming responsibility, indicating that the attack was carried out as a “test of its capabilities”.

Read more

Someone is trying to break the Internet, and it isn't Kim Kardashian

Break the Internet? Kim Kardashian's Paper Magazine cover couldn't do it, but now someone is trying to bring it down for real using DDoS attacks on the Internet Domain Name System's root name servers. Root Server Operators (RootOps) reports that on at least two separate occasions, several of the root name servers were hit with an...

Read more

Hacker group is targeting Xbox Live and PlayStation Network with DDoS attacks, just in time for Christmas

Do you know someone who is expecting an Xbox or PlayStation game console under the Christmas tree this year? If so, you'd better tell them to make plans for doing something other than playing with their new game systems for a few days. The New York Daily News reports that the Grinch (aka, a hacker group calling itself Phantom Squad) has vowed...

Read more

DDoS Lessons Learned, and Staying Ahead of These Threats in 2016

The DDoS attack landscape of 2015 has brought a consistent spattering of headlines that further highlight the severity of this type of cyber-attack.

Read more

Carrier Grade NAT and the DoS Consequences

The Internet has a very long history of utilizing mechanisms that may breathe new life into older technologies, stretching it out so that newer technologies may be delayed or obviated altogether. IPv4 addressing, and the well-known depletion associated with it, is one such area that has seen a plethora of mechanisms employed in order to give it...

Read more

Here they come – DDoS attacks via the Internet of Things

Experts have long warned that the inherent lack of security in many of the devices that make up the Internet of Things (IoT) would come back to harm us in the end. Now there is firm evidence that hackers are exploiting weak and default credentials on embedded devices to create botnets that are the sources of DDoS attacks. Closed-circuit...

Read more

ProtonMail Gives in to DDoS Ransom

Last month I published a post in reference to the surge in ransom driven DDoS attacks against Corero’s customers. “Over the last thirty days, roughly 10% of Corero’s customer base has been faced with extortion attempts, threatening to take down their websites and services unless they pay out various Bitcoin ransoms. Through...

Read more

Is DDoS Mitigation as-a-service becoming a defacto offering for providers?

It’s well known in the industry that DDoS attacks are becoming more frequent and increasingly debilitating, turning DDoS mitigation into a mission critical initiative for providers. From the largest of carriers to small and mid-level enterprises, more and more Internet connected businesses are becoming a target of DDoS attacks. What was once...

Read more

Vigilante DDoS attacker goes after offensive websites

It's almost easy to empathize with someone who feels justified in using DDoS tactics to temporarily take down websites that belong to the Islamic State, pedophiles, and racist and homophobic hate groups. Then we have to remind ourselves that, no matter how offensive or repugnant the content of these websites is, it's still considered to be...

Read more

Corero Observes Surge in Ransom Driven DDoS Attacks

The Corero Security Operations Center has seen an increase in cyber-extortionists targeting web hosting providers with Bitcoin ransom demands. Over the last thirty days, roughly 10% of Corero’s customer base has been faced with extortion attempts, threatening to take down their websites and services unless they pay out various Bitcoin...

Read more

Rutgers University gets an F for its failure to prevent repeated DDoS attacks

On September 28, 2015, Rutgers University experienced another DDoS attack—the fifth such attack in less than a year. Now some students and parents are asking for a refund of a portion of the tuition they have paid, attributing the demand to the university's inability to keep services available.  You see, the university's Board...

Read more

DDoS Defense as-a-service: A new Revenue Opportunity

In the past 12 months Corero has worked with many organizations world-wide; helping to solve their DDoS dilemma by deploying Corero’s SmartWall Threat Defense System (TDS).  Today Corero’s technology is protecting large swaths of the internet against the ill-effects of DDoS attacks.  As more-and-more service providers,...

Read more

DDoS Impact on Mobile Networks – Radio Congestion

Most CSP’s and Mobile Carriers have deployed some form of DDoS scrubbing complex in their network to clean large, long duration DDoS attacks. While this is a necessary first step in proactively working to defeat the DDoS challenge, the threat landscape is constantly changing and requires a more modern approach to protection. Based on...

Read more

Groups like DD4BC are just the beginning!

The group calling themselves “DDoS for Bitcoin” (DD4BC) continues to extort money from a host of companies located all over the globe, and today very few organizations are able to adequately protect themselves from DD4BC’s tactics. The group’s extortion campaigns have been increasing recently which include a preemptive...

Read more

DDoS Defense Initiatives – It looks like everyone is getting involved!

Over the past few weeks news feeds all over the world have been pulsating about the recent DARPA announcement.  On August 14th, 2015 the U.S. Defense Advanced Research Projects Agency (DARPA) announced an initiative called Extreme DDoS Defense (XD3).  Interestingly enough, DARPA is not the only U.S. government agency calling for research...

Read more

Lizard Squad retaliates against the UK's National Crime Agency following arrests of "customers"

Lizard Squad just can't leave it alone. Last week we reported that the National Crime Agency (NCA) in the United Kingdom arrested a number of teenagers who used Lizard Squad's DDoS tool Lizard Stresser. (See Users of DDoS-as-a-Service are arrested in the UK.) Just days after those arrests, the NCA's website was attacked and...

Read more

DARPA announces the Extreme DDoS Defense Program to solicit innovative ways to thwart attacks

Do you think you have what it takes to come up with a really innovative way to mitigate the effects of DDoS attacks? If so, the Defense Advanced Research Projects Agency (DARPA) wants to hear from you. Recognizing that DDoS attacks can have serious consequences on businesses as well as government agencies and military branches, the agency...

Read more

Users of DDoS-as-a-Service are arrested in the UK

Back in January I told you about DDoS-as-a-Service, brought to you by the nefarious hacking group known as Lizard Squad.

Read more

Upping Their Game - Three New DDoS Attack Methods already in 2015

The stakes have been raised even higher as organizations prepare for three new methods of DDoS attacks that have emerged in the last six months alone. The reflective/amplified category of DDoS attack has been around for nearly four years, but once again attackers are finding new methods of launching their assaults within this attack...

Read more

Optimizing Carrier DDoS Mitigation Scenarios - Part 2- Peering Point Deployment

In an in-line peering point DDoS protection deployment scenario, SmartWall ® Network Threat Defense Appliances (NTD) are deployed on each of the Service Providers’ peering points to their upstream Internet bandwidth providers.  This ensures always-on DDoS attack mitigation services while benefitting from the highest levels of...

Read more

Financial Institutions Are Seeing DDoS Extortion Campaigns

Several writers on this blog have been calling attention to recent DDoS extortion campaigns. (See DDoS extortion campaigns on the rise and FBI Warning! Businesses Are Threatened with DDoS Attacks Unless Extortion Money Is Paid.) Now the FBI is sending notice to banks and other financial institutions to be on the watch for shakedown attempts....

Read more

DDoS extortion campaigns on the rise

Just recently the Internet Complaint Center (IC3) issued an alert to businesses regarding a rise in extortion campaigns, tied to threats of DDoS attack activity unless a ransom is paid. The rise in DDoS attacks generally, is not surprising at all and the use of the “DDoS threat” for ransom or extortion is not a new tactic in...

Read more

This week in DDoS attacks – Protest and Activism

Ideological motivations for DDoS attacks can impact anyone at any time. This week, two high profile organizations Planned Parenthood and New York Magazine were severely impacted by ideological hacktivists taking down their websites with DDoS attacks.

Read more

FBI Warning! Businesses Are Threatened with DDoS Attacks Unless Extortion Money Is Paid

If you're running an illegal business that the authorities would like to shut down, you are highly unlikely to call the police or FBI if a cyber attack is affecting your business. And so it is that online operators of "unregulated activities" such as illegal gambling sites are finding themselves to be the victims of extortion...

Read more

The DDoS Opportunity Awaits

In the late 1990’s a large number of DSL providers were raising millions of dollars in venture capital to build their DSL networks in the United States. in order to offer broadband Internet access to local consumers. Many subscribers were still utilizing dial-up services and the demand for faster Internet connections and more available...

Read more

Optimizing Carrier DDoS Mitigation Scenarios - Part 1

In a large Carrier environment, DDoS attacks have escalated from a nuisance, to a sophisticated threat, and now to a revenue opportunity. Scrubbing DDoS traffic at a centralized location, after attacks have been detected has become a commonplace approach to reducing the amount of DDoS traffic transiting Carrier networks, and sent to downstream...

Read more

If it looks like a duck, quacks like a duck and walks like a duck…

Several high profile organizations experienced ‘unexplained’ service outages yesterday, begging the question “is there any connection across these discrete outages”. All trading on the New York Stock Exchange was halted for nearly four hours for undisclosed internal technical reasons, while a so-called technical glitch halted United Airlines flights around the country for about two hours. The Wall Street Journal’s web site was also rendered unavailable just after the NYSE halted trading.

Read more

DDoS – A Global Epidemic

Corero’s Q4, 2014 DDoS Trends and Analysis Report highlights that organizations are faced with DDoS attack attempts at an alarming frequency. For example, Corero’s customers on average are experiencing up to four DDoS attacks per day –up to 351 DDoS attacks per quarter.  What we find even more interesting is that 96% of the...

Read more

Shapes of DDoS Threats

For a device to offer DDoS protection it must be able to handle the different traffic profiles that constitute the current DDoS attack landscape. By illustrating the relative layer 3 and layer 4 counts of source and destination one can easily see the major categories of DDoS Threats. After introducing a basic traffic shape, anomalous variants will...

Read more

Denial of Service Attack Grounds Airplanes for Hours

If you're old enough to remember the turn of the millennium, then you'll recall the big Y2K scare. Many people believed that computers that were never designed to accommodate the change of the millennium – from the year 1999 to 2000 – would have such crazy problems that airplanes in flight might fall out of the...

Read more

The State of Internet Security is Getting Worse, According to Akamai

Akamai is out with its State of Internet Security report for the first quarter of 2015. This report is based on actual, observed traffic as opposed to being the result of user surveys, making it a good record of recent security conditions. The report opens with a very troubling statistic: the number of DDoS attacks recorded in the first quarter...

Read more

DDoS Attack Kicks Canadian Government Websites Offline

The Canadian Federal Government’s network service availability was impacted by reported ‘large-scale’ DDoS attacks earlier this week.  Reports indicate that the illustrious Anonymous group has claimed responsibility for these outages, due to outrage over the recently passed anti-terror Bill C-51.  Attacks left the...

Read more

The Attack of the Baby Monitors!

Most of us who operate in the world of DDoS attacks have known about the reflective/amplified DDoS attack vector for several years.  As a matter of fact Corero was warning the public that this attack vector was coming nearly 5 years ago; before the first attack of this type was ever observed. Today it seems the attackers will do whatever is...

Read more

Computer Center Serving the UK's University System Has a Lot to Learn

We've posted several articles lately about DDoS attacks being aimed at educational institutions right about the time that important exams are being taken by a large percentage of students. (See Sorry, Kids, Your Final Exam Has Been DDoS'd and  High school student charged with a felony after DDoSing his school district.) Now comes...

Read more

High school student charged with a felony after DDoSing his school district

Sure to be voted "least popular student" in the West Ada, Idaho, school district: the 17 year old kid who took down the district's computer system, forcing students to retake the state mandated achievement test multiple times. In mid May, just as 36,000 students across the district's 52 schools were taking their Idaho Standard...

Read more

Sorry Kids, Your Final Exam Has Been DDoS’d

It’s that time of year when Colleges and Universities are hustling and bustling with year-end activities such as graduation, senior occasions, final athletic events and countless ceremonies. It’s also the time when final exams are well underway. Perhaps it is a coincidence (or maybe quite the opposite) that we are hearing of several...

Read more

Black Hole Routing – Not a Silver Bullet for DDoS Protection

As ISPs, Hosting Providers and Online Enterprises around the world continue suffering the effects of  DDoS attacks, often the discussions that follow are, “What is the best way to defend our networks and our customers against an attack?” Traditional techniques of defense include SYN-cookies, SYN-proxy, redirects, challenges, and...

Read more

Telescope Protesters Are Not Acting With "Aloha"

Most people would consider Hawaii to be an idyllic place, but there's quite a controversy erupting over the plan to build a new telescope on Hawaii Island ("the Big island"). Not just any telescope, mind you, but one of the world's largest, known as the Thirty Meter Telescope (TMT). Construction of the $1 billion+ scientific...

Read more

DDoS vs. Natural and Man-Made Disasters

When researching the topic, Do cyber-attacks, especially DDoS attacks result in more outages than natural or man-made disasters, I stumbled upon a 2013 annual report from The European Union Agency for Network and Information Security (ENISA).  According to their website, “ENISA is a centre of network and information security expertise...

Read more

Who have you pissed off lately?

One of the prime motivations for DDoS attacks today is hacktivism. That is, some individual or group is trying to inflict revenge or punishment on the targeted company because of political or social beliefs. One of the more famous uses of DDoS as a hacktivist tool is the take-down of Sony Pictures' systems in retribution for the planned...

Read more

The Do-No-Harm Approach to Real-Time DDoS Protection

The vast majority of Corero customers require always on DDoS protection to ensure service availability for their customers—ensuring that all good user traffic flows unimpeded, while DDoS attack traffic is mitigated in real-time.  The Corero SmartWall® Threat Defense System (TDS) allows for always-on DDoS protection with a unique and...

Read more

When you fight fire with fire, you risk getting burned

Censorship watchdog GreatFire.org lit a fire that has turned into quite a conflagration. GreatFire.org is known for punching holes in China's Great Firewall, the surveillance and censorship system that attempts to prevent Chinese businesses and citizens from reaching the outside world via the Internet. GreatFire provides open access to the...

Read more

Can we “squelch” DDoS attacks, closer to the source?

A DDoS focused report released by Neustar earlier this week caught my eye with a statement made by Neustar Senior Vice President and Fellow, Rodney Joffe. Rodney makes an interesting recommendation around the need to “develop industry-based mitigation technologies that incorporate mechanisms to distribute attack source information into ISPs,...

Read more

Man your battle stations – DDoS is pulling a fast one on you

The DDoS threat landscape is a broad, ever evolving and dynamic topic that is covered by many different perspectives. One angle that doesn’t always get the spotlight is the use of DDoS attacks as a diversionary tactic or profiling mechanism for advanced assaults against a target victim. Traditionally the term “DDoS” has been...

Read more

DDoS – whose responsibility is it?

As organizations around the globe become more-and-more reliant on the Internet, a serious weakness has begun to emerge in our connected world.  Since its inception, the Internet has been all about availability; when the Internet goes down, businesses that rely on that availability go down with it. DDoS attacks are single handedly the most...

Read more

Are DDoS attacks getting bigger or smaller?

There has been a flurry of DDoS reports from DDoS protection vendors as of late, and Corero has thrown its hat in the ring as well. The recently released Corero DDoS Trends and Analysis report offers a unique perspective of the growing DDoS threat; offering a stark contrast to the majority of the reports saturating the headlines this month. The...

Read more

Gaming companies collaborate to fight DDoS attacks

Online game players that got new consoles or games this past Christmas might have been disappointed when they went to play. Both Microsoft's Xbox Live and Sony's PlayStation Network were down for extended times of a day or more due to DDoS attacks. The now notorious group Lizard Squad had said it would target the gaming industry with...

Read more

Gaming Provider – Looking for new options?

As industry statistics suggests, many gaming providers are under DDoS attack continuously - each and every day.  Gamers are said to be one of the highest profile targets on the Internet, while at the same time their business models require 100% uptime.  These two facts manifest into quite the conundrum for today’s gaming providers....

Read more

Industry Observations of DDoS Trends

Observing and analyzing DDoS attacks over a period of time helps us all understand trends so that we can better prepare for the future. Verisign has recently published its DDoS Trends Report for the last half of 2014, and there are some interesting observations. For one thing, attacks are growing larger in size. In the attacks observed by...

Read more

Why DDoS scrubbing-lanes?

With regards to scrubbing-lane approaches, years ago Internet Service Providers (ISP) realized, “Yes DDoS is a problem we will have to deal with now and in the future”.  From some reports as early as the year 2000 ISPs began observing DDoS attacks traversing their networks. How did they see the effects of DDoS attacks - way back...

Read more

Don't Dig a Well When Your House is on Fire

Relying on human intervention to mitigate DDoS attacks is like digging a well when your house is on fire. When it comes to ensuring service availability and maintaining uptime and SLAs, hosting providers should use minimal (if any) manual intervention when defending against a DDoS attack.

Read more

Return on Investment vs. Return on Availability

In my discussions with organizations looking to protect their business from the wrath of DDoS attacks, I often hear the same question, “How do we obtain a Return on Investment (ROI) on a DDoS protection solution?”  Years ago I would attempt to delineate a potential ROI model, often on the fly.  On several occasions, I worked...

Read more

More than half of U.S. businesses were targeted by a DDoS attack last year. Was yours among them?

How pervasive have DDoS attacks become? According to research from the global network services company BT Global Services, two out of every five organizations worldwide were targeted by DDoS attacks last year. That's the global average. In the United States, more than half (58%) of all organizations were targeted. Those aren't good...

Read more

Experiencing Pain you can’t Explain?

Last week I attended the Corero annual sales kickoff at our HQ in Hudson, MA. While there, I had the opportunity to spend several days with one of our most seasoned security engineers, David B.  He was discussing his experience regarding a hosting provider who was currently evaluating the Corero SmartWall® Threat Defense System (TDS) as a...

Read more

The double-edged sword of operating a hosting data center  

The more customers you host in your data center, the better, right?  Of course, that means more revenue.  And if those customers are in multiple industry verticals, even better, correct?  Supporting a variety of customer types protects  against revenue fluctuations if rough economic times affect a certain vertical and not the...

Read more

The biggest threat to your SLAs - DDoS Attacks (Part II)

It’s obvious that latency and outages caused by DDoS attacks can severely impact uptime measurements.  A sustained outage caused by an attack could result in an organization losing or reducing its uptime certifications. The reality of the impact of DDoS to a provider’s APS ratings is staggering if you put it into...

Read more

The biggest threat to your SLAs - DDoS Attacks (Part I)

It is no secret that Hosting Providers live and die by the Service Level Agreements (SLAs) and uptime guarantees they offer to their customers.  Organizations select providers, and remain loyal when SLA thresholds are continuously met.  Hosting Providers are fighting an up-hill battle in striving to meet these aggressive guarantees....

Read more

Looking for a Cheap Service for DDoS Penetration Testing? How Does $2.99 Sound to You?

Lizard Squad, the hacking group that takes credit for attacking the Sony PlayStation Network and the Microsoft Xbox network back in December, now wants to be your commercial provider of a sort of "penetration testing" toolkit. CNN recently reported that anyone can rent the Lizard Squad tool called Lizard Stresser for as little as $2.99...

Read more

Hope for the best, but plan for the worst.

From my time spent in the military back in the 1980’s I remember many of the lessons learned.  The title of this blog is one of them. Without a plan, all of the hope in the world solves little, if anything and hope simply cannot replace a good plan. Hope is not a strategy for success. With the recent news pertaining to Lizard Squad...

Read more

The Hacker Group Anonymous as Do-Gooder?

We are usually writing about the hacker group Anonymous in terms of the harmful attacks its members launch against business and government websites. But now the BBC is reporting that Anonymous is claiming credit for knocking a terrorist recruiting website offline. Anonymous is declaring war on jihadist websites following the recent terrorist...

Read more

The Web as Equalizer in Cyber Terrorism

When the World Wide Web rose to prominence two decades ago, it was called the great equalizer. By having a Web presence, a small company could look as impressive as a large company when it came to courting prospective customers and employees. Individuals could access information that previously had been locked away in hard copy sources only....

Read more

DDoS attacks: Normally I don't blame the victim, but in this case the blame is deserved

April 2011 – Sony Playstation Network, Sony Online Entertainment (SOE), and the Sony Qriocity music service (now known as Music Unlimited) were all knocked offline by a large-scale DDoS attack. The group Anonymous claimed responsibility for this attack. Sony was so busy trying to get its services back online that it failed to notice that a...

Read more

Interview with Corero CTO, Dave Larson – It’s Game On for DDoS

The Gaming Industry, given its high-volume, high-transactional environment, requires 24/7 accessibility. Any downtime or interruption has a significant financial and reputational impact. The Gaming Industry thrives on the Internet, which makes them especially sensitive to DDoS attacks not only by motivated attackers, but also competitors and poor...

Read more

Can we still trust email?

You'd better be extra vigilant as you read through your business emails these days. Cyber attackers are growing more tenacious in their use of corporate email systems to plant malware on networks. Here are a couple of proof points. Symantec recently posted an article on its Security Response blog about attackers behind malicious spam...

Read more

'Twas the Night Before Payday

Enjoy a little bit of Holiday Fun!  Watch the Video   'Twas the night before payday, when all through the net Most attackers were stirring, increasing the threat. Tomorrow’s targets were chosen, sighted in their crosshairs, In hopes the victims, soon would be theirs.   Evading the law, and even the...

Read more

The DDoS myth about the firewall and the IPS

It is about time we put an end to the myths that often come up when choosing a network security solution to protect against distributed denial of service (DDoS) attacks.  We'll take a look at a couple of common myths, namely: Myth #1: An IPS can protect against Distributed Denial of Service (DDoS) attacks Myth #2: A...

Read more

DDoS Attack left “Sweden not Working”

The recent DDoS attacks impacting Swedish cable, Internet and mobile service provider, TeliaSonera is another grim reminder of the impact a DDoS attack can have not only on the business itself, but the 5 million subscribers that were left without service, and left "Sweden not working", as TeliaSonera’s CEO Johan Dennelind has...

Read more

The Netherlands' Trusted Networks Initiative is an alternative means to stop DDoS attacks

While visiting the Hague Security Delta in The Netherlands last week, I learned about an interesting initiative that's being tested to provide trusted computing among select organizations. Known as the Trusted Networks Initiative, it is being touted as an alternative "last resort" means to fend off DDoS attacks. The idea is to close...

Read more

“It’s not you, it’s the Internet” – Time to break up with DDoS

Lizard Squad said it best in the recent Sony PlayStation DDoS attacks, rocking the online gaming industry, and leaving players denied from logging into the gaming community. Fact: DDoS attack tools are easy to come by, and cheap to execute, and the motivations for targeting victims are endless. Myth: “I’m not susceptible to...

Read more

What Does a DDoS Attack Really Cost? It Depends...

In a recently released report companies estimated the average cost of a successful DDoS attack – one that actually disrupts a target's business – is $40,000 per hour. $40,000 per hour. It's a nice composite number that is easy to present to management when you need to justify a budget for preparing for the potential of a...

Read more

Change is inevitable – Time to re-write the playbook

Hopefully most of you in the industry have noticed that the approach to DDoS protection has changed dramatically over the last few years. What was once considered a good defensive posture is now proving to be sub-par protection against today’s sophisticated and adaptive DDoS attacks.  The days of firewalls, IPS’s and other...

Read more

Why Vendor Risk Management is Critical to Your Business

You've heard the trite expression "A chain is only as strong as its weakest link." Well, it's true, and when it comes to enterprise security, the weakest link might be outside your own organization. Every since it came to light that the Target data breach originated through compromised credentials belonging to a third party...

Read more

Insights from the FBI on Fighting Cyber Crime

If your company experienced an IT security breach, would you contact law enforcement? According to an unofficial poll by the FBI and Trend Micro, about 60% of people said yes. I'd venture to guess that a portion of that 60% would only report the incident because some law or industry regulation requires them to do so.

Read more

Why would anyone launch a DDoS attack against us?

During my travels across the globe I meet lots of people, and it always amazes me when individuals continue to believe that they are not susceptible to a DDoS attack. I frequently hear, “Why would anyone attack us, why should we plan for an impending DDoS attack?”  Believe it or not statistics show that over 40% of online...

Read more

Increased use of Intelligent, Adaptive DDoS Attack Techniques

Many equate DDoS with only one type of attack vector – volumetric. It is not surprising, as these high bandwidth consuming attacks seem to frequent the headlines most often. Volumetric DDoS attacks are easier to identify, and defend against with on-premises or cloud anti-DDoS solutions, or a combination of both. Recently, Corero Network...

Read more

One More Type of Cyber Attack to Worry About: Redialing for Dollars—Your Dollars

Attention company cyber sleuths: here's one more type of cyber attack that criminals are using to steal billions of dollars a year, mostly from small businesses. Keep your eyes open for this one and read the phone bill closely.   An article in The New York Times details how hackers are using phone networks to direct businesses'...

Read more

SSDP Amplified Attacks, a Sitting Duck against Sophisticated DDoS Analytics

The craftiness of cyber attackers never ceases to amaze me and now a new kid on the block has emerged – the SSDP Reflective/Amplified DDoS attack.   Many people may wonder what SSDP is.  SSDP otherwise known as the Simple Service Discovery Protocol is a network based protocol used for the advertisement and discovery of network...

Read more

Looking for a job? Cyber Aces is hosting another National Cybersecurity Career Fair in November

Last spring I wrote about Cyber Aces hosting its first National Cybersecurity Career Fair (NCCF).  Cyber Aces is a non-profit organization dedicated to identifying and encouraging individuals with an aptitude for information security to refine their skills and talent. One of the organization's missions is to grow the cybersecurity...

Read more

Using sFlow for Security Analytics

sFlow (sampled flow) is a scalable protocol for statistical monitoring of a network.  When used for security monitoring, it can provide valuable insight for establishing baseline behavior and identifying deviations from the baseline.  Security administrators can be alerted when an anomaly is detected and investigate whether new security...

Read more

Software developers get SWAMP'ed, and that's good for software security assurance

October is National Cyber Security Awareness Month. The theme of this week's awareness messaging is how to build secure software products, and we've got a great tip on how you can do that. If you look at the evolution of software, it has changed quite a bit over the last 20 to 25 years. Software is more complex than ever, and the size...

Read more

Shellshock – Picking up the Pieces

4.1 million. That’s the number of news items, blogs, webpages, reports, and opinion articles related to the recently discovered ‘Shellshock’ (Bash) vulnerability that were matched via a quick Google search for ‘Shellshock bash bug’ this morning. There’s no denying that this vulnerability is one of the...

Read more

49½ pounds of DDoS attack visibility

Why is visibility important? The answer is an easy one to deliver. When you’re under a DDoS attack or when one of your customers comes under attack, “end-point pipe” visibility is the key to quick mitigation. You cannot proactively defend a network if you cannot detect, analyze and respond to the attack and this level of visibility is critical to proper DDoS protection.

Read more

SANS Institute's Webcast on Shellshock is Worth Watching

On September 25, Alan Paller, the Director of Research for the SANS Institute, sent out a FLASH report about the vulnerabilities involving Bash. This report has some very good information for security practitioners that is worth repeating here. The vulnerability, dubbed Shellshock, affects the Bash command processor which is used in most Linux...

Read more

D'oh! Get Your Hammer and Your Payment Card Hacked at "the Homer Depot"

By now the news of the massive payment card data breach at the Home Depot is well known. The company has acknowledged the theft of an estimated 56 million debit and credit card numbers, making it the largest retail breach on record. In a September 18 press release confirming the breach, the merchant says malware discovered on its systems...

Read more

Corero is growing - do you have the skills to be a part of the team?

Conversations recently overhead in the busy hallways of the Cambridge Innovation Center (CIC) include the number of in-flight projects being pursued by a single entrepreneur(60+!), a business plan for a(nother) new startup mining Facebook images, and the next international gig to be social media-enabled by another busy team.  And starting...

Read more

Here's a Good Resource for Learning About Encryption Schemes Before You Put Data in the Cloud

If your organization is planning to have data and applications in the cloud, then you are probably planning to use encryption to secure the data. Encryption is a technology that transforms your data into an alternate format that only authorized parties with a decryption key can read. Like most technologies, encryption can be implemented in...

Read more

NATO Nations work to level the playing field in response to cyber attacks

It has been interesting to see news recently of a NATO agreement that indicated that member states would now come to each other’s aid in the event of digital attacks as well as in the case of military attacks.  This newly signed deal reaffirms that cyber defense is now, more than ever critical component to a Nation’s comprehensive...

Read more

Promoting Voyeurism in the Name of Marketing and Advertising

About the same time the story about the celebrity photo hacking incident broke, I read another disturbing article that does not bode well for personal privacy. San Francisco tech blogger Wendy Lee wrote about advertisers trolling through personal photos that people are posting to social media sites to learn more about their customers. How creepy...

Read more

Victim Company Refuses to Pay DDoS Extortion Fee and Is Permanently Forced Out of Business

If your company relies on your website to conduct any amount of business, it's time to take notice of what has been happening lately with regards to DDoS attacks. In the past few weeks, numerous companies have experienced DDoS attacks in which there is a demand for money in order to stop the attacks. In plain words, extortion. According to...

Read more

When Trends Collide: Data Collectors Are Gathering Information from Smartphones Used for BYOD

I had an interesting conversation the other day with Rob Shavell, the co-founder and CEO of the online privacy company Abine. We talked about two big trends in mobile computing and what happens as a consequence of their intersection. This collision of trends could have big implications for companies that permit employees to use their...

Read more

Passwords Are Like Underwear—They Aren't Meant to Be Shared

In the world of IT security, perhaps nothing is so maligned as the humble computer password. End users hate jumping through hoops to create and remember complex passwords that contain letters, numbers and special characters. IT security professionals complain that end users ignore corporate policy and create obvious passwords like, well,...

Read more

First Line of Defense Against DDoS Attacks in a Hosting Environment

Hosting Providers and Datacenters must overcome the challenges associated with a wide range of hosting requirements; maintaining highly available applications, mission critical systems and maximum levels of reliability. Unfortunately, DDoS attacks threaten their ability to do so. This is problematic as a Web hosting, co-location and datacenter...

Read more

Boost Your Security Posture through Membership in an Industry Information Sharing and Analysis Center (ISAC)

It's a huge responsibility to try to ensure cyber security for an organization, regardless of its size. Few companies would say they have the full complement of resources they would like to have in order to properly protect themselves from cyber threats. On the belief that there is strength in numbers, many organizations are joining an...

Read more

Six Common Sense Steps from the FFIEC to Address DDoS Attacks

Who can forget the series of distributed denial of service (DDoS) attacks on American banks back in 2012 and 2013? Some of the attacks were highly effective in knocking online banking services offline for days at a time. Over time, financial institutions (FIs) learned to bolster their defenses until the attacks grew less and less effective at...

Read more

Why Prompt Breach Notification Is Important

In a blog post last April, I wrote about a merchant that waited up to a year to notify customers that their payment card information may have been compromised in a breach. There were extenuating circumstances; the federal authorities investigating the breach asked the merchant to stay silent about the incident during the lengthy investigation. The...

Read more

Specially Crafted Packet DoS Attacks, Here We Go Again

One of the unique types of Denial of Service (DoS) attacks involves the usage of specially-crafted packets.  Most cybersecurity professionals are already familiar with volumetric and amplified DDoS attacks, but more recent attention has been surrounding fragmented and application-layer DDoS attacks. However, few understand what a...

Read more

A Real Story About Successful DDoS Mitigation

If you’re a cybersecurity professional, you may be all too familiar with the risks associated with DDoS attacks. Over the years, the threat landscape has had detrimental effects on organizations. Including, system downtime, brand damage, loss of customer confidence, and ultimately negatively impacting your bottom line. These implications can...

Read more

Considering Standards Security

The Internet Engineering Task Force (IETF) Request for Comments (RFCs) are required by RFC 2223, Instructions to RFC Authors, to have a section titled “Security Considerations” that is supposed to call out any special security implications relating to the protocol itself or to the networking infrastructure around it. Unfortunately, the...

Read more

Why Do We Call It Cyber Crime If We Don't Treat It Like a Crime?

My subdivision outside of Houston, Texas has a monthly newsletter, and one of the features is the neighborhood police patrol report. It's mostly stuff like items being taken from unlocked cars or suspicious people or vehicles in the neighborhood. Every now and then someone reports identity theft or fraudulent charges on their credit card. I...

Read more

Why Would a Cute Little Slow Loris Take Down a Web Server?

You've heard of the "infinite monkey theorem," which states that if you put a hundred monkeys in a room with a bunch of keyboards they will eventually type the works of Shakespeare. Is it possible that another little primate, the incredibly cute slow loris, is capable of taking down web servers with a clever type of denial of service...

Read more

DDoS Attacks Hit the World Cup. The Current Score: Anonymous 1, FIFA 0

The world’s most watched sporting event, the World Cup, is now underway in Brazil. Despite an expected audience of billions over the next few weeks, not everyone is a fan. Protesters of every ilk are using the prominence of this event to make a point. That includes hacktivists from Anonymous and other cyber groups looking for...

Read more

Securing the Data Center and Generating Revenue - #Winning

Corero CTO, Dave Larson, spoke recently to an audience of Hosting Providers during a (Web Hosting Industry Review) WHIR hosted webinar event.   Dave addressed the audience alongside WHIR editor, Nicole Henderson, and explained how hosting providers have a new opportunity to increase their revenue and customer base.  After an...

Read more

For Sale: Practically All the Details of Your Personal Life

When documents released by Edward Snowden showed that the National Security Agency (NSA) is collecting various types of data on ordinary American citizens, a lot of people were quick to voice their opinion that this is just wrong. Many Americans don’t believe our federal government should be able to snoop on us to learn who we choose to call...

Read more

Attack of the Month Video Blog Series: Blended DDoS Attacks

It’s no surprise that today's hackers are getting increasingly smarter. Unfortunately, traditional defenses aren't enough to fight against the different types of DDoS attacks, which are more sophisticated and common place. Hackers are now carrying out a combination of DDoS attacks, known as Blended DDoS attacks, to maximize...

Read more

Cash is King!

As early as 2005, government and other Internet security experts were openly discussing the concept of ‘Maybe the Cloud Can Help Secure the Internet’.  Should the ISPs, Hosting Providers, Colocation and other bandwidth providers get involved in helping to secure the Internet? According to an article still floating around the...

Read more

The 2014 Verizon Data Breach Investigations Report Includes Recommendations to Control or Prevent DoS Attacks

Have you read the 2014 Verizon Data Breach Investigations Report (DBIR) yet—all 60 pages of it? Actually, if you’re pressed for time, you don’t need to read the whole report cover to cover. This year, Verizon made it easy on security practitioners by segmenting the report into 9 major incident patterns. So, you don’t...

Read more

Finding Needles in the Haystack of Security Events

I hate to throw a cliché at you, but when it comes to security event and log management, a picture (or a handful of pictures) is certainly worth a thousand words.  Security devices generate volumes of raw data, usually in a proprietary manner.  Parsing such unstructured data and making sense out of it is a tedious, if not an...

Read more

Here’s Why Even Official Public App Stores Can’t Be Trusted

Here’s Why Even Official Public App Stores Can’t Be Trusted One of the first rules of protecting end user devices has always been “Install anti-virus software and keep it up to date.” Even as people have shifted from laptops and desktops to more mobile devices like smart phones and tablets, security experts advise...

Read more

How to Get More Value from Your Vulnerability Assessments and Penetration Testing

A lot of companies do vulnerability assessments and penetration testing of their own systems to try to head off cyber attacks. Some companies are compelled to do annual pen testing because of regulations that govern their business. Regardless of the reasons for doing the testing, companies are spending good money on the process and should look for...

Read more

Best Common Practice - 38, Perhaps Wise Beyond Its Years

Best Common Practice - 38, Perhaps Wise Beyond Its Years Perhaps a little known fact in the inner workings of what we know as the World Wide Web, is that ability to spoof Service Provider source IP addresses and send traffic into the Internet using a fake or pseudo IP address is quite a common practice. Most often used for malicious purposes...

Read more

2014 – The rise and fall of the NTP Reflection Attack

I think the industry should set a goal to eliminate the NTP reflection attack before the end of 2014.   I’m talking about total eradication, and I’ll tell you why I think it is possible.  Although the ICS Cert was published in February of this year, the big news about NTP attacks started at the end of 2013, so...

Read more

The Oxymoronic Notion of “Online Privacy”: When Information is Too Private for a Search Engine to Display

There was a ruling by the Court of Justice of the European Union this week, and it’s causing quite a bit of controversy on the U.S. side of the pond. The ruling has to do with online privacy and the obligation of Internet search engine operators to respect individuals’ privacy by not displaying specific search results if requested to...

Read more

Life in the Fast Lane

Many of us buy premium gas at gas stations, premium seats on airlines, premium upgrades at hotels and premium groceries at boutique retailers.  If individuals or their respective businesses are willing to pay for a premium service, why would anyone oppose it?  I ask this question as we await a ruling from the FCC as it relates...

Read more

Big Things from Small Data

Big data is big, and security vendors across the globe participate in the phenomenon by collecting, slicing, and dicing representative traffic (good and otherwise) on customer networks to better identify, predict, and mitigate attacks on the front lines. Still, for all the data used daily to baseline, extrapolate, and diagnose, it is sometimes...

Read more

The State of PCI Compliance in 2014: Getting Better but Still Insufficient

2014 marks the 10-year anniversary of the Payment Card Industry Data Security Standards (PCI DSS). It is also the year that version 3.0 of the set of security standards was released. All merchants who accept credit and debit cards as a form of payment should now be upgrading their systems to meet the new higher standards of PCI DSS 3.0. There...

Read more

ISACA Launches Cybersecurity Nexus, a Comprehensive Program for Information Security Professionals

A few weeks ago I wrote about an opportunity for entry-level information security (infosec) professionals to get some training and “skill up” for their careers. Now there is a new option for people coming into the infosec profession. Today ISACA is launching a comprehensive new program called Cybersecurity Nexus (CSX).

Read more

What’s Hiding Behind that DDoS Attack?

Multi-vector patterns of DDoS attacks are becoming more commonplace in the world of cyber warfare. From the volumetric attacks aimed to fill your pipe and squeeze your Internet bandwidth down to nothing, to the low and slow application layer attacks that sneak right through traditional defenses – combination attacks are becoming the norm....

Read more

Communications Teams Get a Failing Grade Over Heartbleed

First of all, let me say thank you to the security professionals who are working their butts off to develop patches and permanent fixes for problems caused by Heartbleed. I know this is an extraordinary case of the highest priority. Thank you for using your talents and your time to plug this gaping hole and make your users safe again. That...

Read more

What’s Needed Now: Supply Chain Integrity Testing

Listen up, all you security experts who want to be an entrepreneur! John Pescatore, the SANS Institute Director of Emerging Security Trends, sees an opportunity for the Next Big Thing in tech security. In Pescatore’s view, there’s a growing need for supply chain integrity testing. In the wake of all the digital spying revelations...

Read more

Attack of the Month Video Blog Series: Network Layer Attacks In ICS

In the world of Industrial Control Systems (ICS) system outage or infiltration can result in system downtime, loss of productivity and loss of revenue, as well as loss of confidentiality, integrity and availability. Additionally, system outage or infiltration could possibly result in loss of life often due to the critical nature of these devices....

Read more

Who Are Breach Disclosure Laws Meant to Protect? One Merchant Held up Notifications for More Than a Year at the Request of Federal Authorities

I live in Texas, and there’s a regional retailer that has just announced a data breach that is believed to have affected more than half a million customers. The announcement is controversial because the company, Spec’s, supposedly knew about the theft of payment card data almost a year ago and is just now telling customers. As you...

Read more

New DDoS Warning Issued - Banking Industry Beware

The Federal Financial Institutions Examination Council (FFIEC), today released advisory statements warning Financial Institutions of risks associated with cyber-attacks on ATM's, credit card authorization systems and the continued DDoS attacks against public-facing websites. It is encouraging to see continued awareness and general guidance...

Read more

Who Is Reading Your Email, and for What Purpose?

Thanks to the NSA, so much attention has been on the fact that the federal government is collecting metadata about our phone calls that we have taken our eyes off what’s happening on the email front. There have been a few stark reminders in the news recently that email isn’t private and we shouldn’t use it to transmit sensitive...

Read more

Cybersecurity Professionals Are in Big Demand as Staffing Shortages Hit Critical Levels

In a previous blog post I talked about the upcoming National Cybersecurity Career Fair (NCCF) this June 18 and 19, 2014. NCCF is an innovative virtual meeting place for the top cybersecurity employers and entry to mid level cybersecurity jobseekers in the United States. It turns out that this job fair is desperately needed by employers in...

Read more

DDoS Attacks - A Mainstream Occurrence and Disruption to Your Business

Corero recently partnered with John Pescatore, Director of Emerging Security Trends with the SANS Institute in developing a survey program designed to shed more light on organizations’ experiences with DDoS attacks. What we uncovered does not come as a surprise to those well entrenched in the DDoS defense space. The results continue...

Read more

National Cybersecurity Career Fair in June Will Connect Employers to Entry Level Cybersecurity Workers

Do you know anyone who is an aspiring cyber security professional? Here is some important information to pass along to help them get their career started. This is also big news if your organization is looking to recruit entry-level people for IT security positions. Coming up this June 18 and 19, 2014, Cyber Aces is presenting the first National...

Read more

NTP Amplification DDoS Attacks Are Skyrocketing. Do You Have Your Defense System in Place?

In his recent “Attack of the Month Video Blog Series,” Stephen Gates talks about NTP reflective traffic as the latest technique being used to launch DDoS attacks against hapless victims. This is certainly something to pay attention to. Since the beginning of 2014, the number of attacks using this method has skyrocketed, largely because...

Read more

Vulnerable WordPress Servers, A Real Cause for Concern

Attacks against, and attacks used to manipulate WordPress servers have been seeing more of their fair share of publicity over the last several months.  As we dig a little deeper into the two attack scenarios, a few key points come to light. In the spring of 2013 many WordPress servers located in both Hosting Centers and DMZs throughout the...

Read more

Attack of the Month Video Blog Series: NTP Reflective Attacks

NTP or Network Time Protocol attacks have been taking center stage as of late. What’s interesting here is that the move to exploit UDP based protocol suggests that we (the good guys) are raising the security bar and thus making it more difficult to successfully exploit DNS amplification attacks. NTP is another critical Internet service...

Read more

Business Lessons from the DDoS Attacks on Social Networking Site Meetup

In early March, the social networking site Meetup was hit by a series of DDoS attacks. The attacks did some damage, not the least of which was knocking the site offline for hours at a time over a period of several days. However, I have to say that it appears that the Meetup management and technical team did a few things right to get through this...

Read more

Internet Hosting Providers that Fail to Prepare for DDoS Attacks are Derelict in Their Duties to Care for Their Clients

On February 18, 2014, the online gaming website Wurm was the victim of a DDoS attack. The company posted the following note on its website at the time of its attack: "Shortly after today's update we were the target of a DDoS attack and our hosting provider had to pull us off the grid for now. We will be back as soon as possible but...

Read more

Cybersecurity in the U.S. Healthcare System is in Critical Condition and Needs Intensive Care

Last fall my husband was visiting a relative in the hospital when he noticed an Ethernet port on the side of the bed. He asked the nurse what the hospital uses the port for. She explained that they occasionally connect patient-monitoring devices to the port on the bed to facilitate transmission of alerts to the nurses’ station. For example,...

Read more

Watch for DDoS Attacks as a Diversionary Tactic for Other Types of Cyber Crime

Have you heard of a smash-and-grab robbery? In the physical world, it usually refers to a group of thugs who storm a retail store – often a jewelry store or a pawn shop – and smash the display cases with sledge hammers. They grab all the expensive merchandise they can get and run out of the store before shocked store clerks have much...

Read more

Attack of the Month Video Blog Series: Application Layer DDoS Attacks

Happy Valentine's Day everyone. For the LOVE of DDoS defense, I'm pleased to share with you another video blog, this time focused on Application Layer attacks. Today's 5 minute session I will cover Application Layer attacks in more detail: What are these attacks? Why are they an emerging threat, or continue to be a...

Read more

Hacking Attacks are Practically Guaranteed at the Sochi Olympics

The winter Olympics get underway in Sochi, Russia this week, and most of the attention about security has been focused on physical security and the potential for acts of terrorism. Russian President Putin has promised a “ring of steel” around the Olympic venues to provide a high level of physical safety for the athletes and tens of...

Read more

The Role of Service Providers in Strengthening the Nation’s Cybersecurity

In November 2013, the President’s Council of Advisors on Science and Technology (PCAST) submitted a public report to U.S. President Barack Obama. The report, Immediate Opportunities for Strengthening the Nation’s Cybersecurity, provides key insights from a more comprehensive but classified assessment of the Nation’s cybersecurity...

Read more

What’s in that Refrigerator—Fish or Phish?

Well, here’s a switch. Usually televisions are bringing crap into our households. Now experts have learned that some smart TVs have been sending crap (in the form of spam) out of their owners’ houses. A recent press release from Proofpoint, Inc. details how the security service provider uncovered an Internet of Things (IoT) based...

Read more

Federal Investigators Warn Retailers: If You Have a POS System in Operation, You May be at Risk

Hang on to your credit cards and start checking your free credit reports:  The latest news about retail breaches is not good.

Read more

Survey Shows that Small Merchants Exhibit Lax Security Practices and Put Consumers’ Financial Data at Risk

Ever since news of the Target breach broke a few weeks ago, everyone from security experts to concerned consumers have been hyper-sensitive to what’s happening in retail security. If it’s true that 110 million consumers had their financial account data compromised in that one breach alone, it’s no wonder many of us are fearful...

Read more

LinkedIn Admits Being Inundated with Fake Accounts – Could that Portend a Wave of Social Engineering Attacks?

I’ve never been a fan of social media. There’s something very unnerving to me about putting personal or private information about yourself online for anyone to see. Don’t try to tell me that you can adjust who sees your content with security settings; I don’t believe for a minute that privacy settings actually keep your...

Read more

Six Ways that Most Companies Shortchange Their Enterprise Security

I recently had a conversation with Michael Sutton, vice president of security research for Zscaler and head of Zscaler ThreatLabZ. We talked about where many organizations are falling short today in defending against current threats and especially the more dangerous advanced persistent threats. I’ve singled out six common shortcomings that...

Read more

Attack of the Month Video Blog Series: Reflective (Amplified) DDoS Attacks

Happy New Year everyone! I'm pleased to kick off 2014 with another dynamic video blog post. Today's video discusses the real threat of Reflective, or as some call them, Amplified DDoS Attacks.  As you may recall from our initial v-blog post the goal for these 5 minute sessions is to dissect and analyze a specific attack type each...

Read more

Considering a Master’s Degree Program? Look to the SANS Technology Institute for a Fully Accredited Program Focused Solely on Cybersecurity

If you are an IT security professional and you’ve been thinking about going back to school to earn a master’s degree, the SANS Technology Institute (STI) master degree program might now be a more attractive choice for you. The graduate institution is now fully accredited by The Middle States Commission of Higher Education, an...

Read more

Two DDoS Attackers are Given 5 Year Jail Terms for Blackmail, Unauthorized Impairment of Computers

Polish computer programmers Patryk Surmacki and Piotr Smirnow were recently sentenced to 5 years and 4 months in jail for perpetrating a blackmail scheme that also involved the use of a DDoS attack as intimidation. Prior to sentencing, the pair plead guilty to blackmail and they admitted to conspiracy to access, use and impair computers without...

Read more

Take the SANS Institute’s Holiday Hacking Challenge: It’s a Hackerful Life

The long holiday season is here, and if you’re one of the lucky ones, you probably have a few days off from the grind you call work. When you’ve had enough of your kids’ over excitement and your relatives’ overstaying their welcome, why not steal away by yourself for a few hours and work on the SANS Institute’s 10th...

Read more

Guilty Pleas for 13 People Involved in a PayPal DDoS Attack, and a (Strange) Call for Leniency from the Founder of PayPal’s Parent Company

On December 6, thirteen defendants pleaded guilty in U.S. federal court to charges related to their involvement in the cyber-attack of PayPal’s website as part of the group Anonymous. In pleading guilty, the defendants admitted to carrying out a Distributed Denial of Service (DDoS) attack against PayPal in December 2010. Ten of the...

Read more

Tech Titans Want Governments to Reform Their Data Surveillance Practices

The data titans of Silicon Valley have said, “Enough is enough!” A coalition of the world’s leading tech companies is asking for the U.S. and other national governments to put a stop to unfettered data collection and surveillance and other practices that inhibit the free movement of lawful data around the globe.

Read more

Attack of the Month Video Blog Series: Pre-Attack Recon Scans

I'm pleased to introduce myself to the Security Bistro community and hope that you welcome this video blog with open arms. The Corero Network Security team and I are excited to introduce a reoccurring  monthly video post that aims to dissect and analyze the various cyber attack types that are infiltrating network environments across the...

Read more

Consumer Electronics Manufacturer LG Has a Reprehensible Privacy Policy

I came across a blog post the other day that really angers me. British IT consultant Jason Huntley wrote the detailed article LG Smart TVs logging USB filenames and viewing info to LG servers in mid November. He outlines how he discovered that his LG brand smart TV was collecting private data about his viewing habits and using it to serve...

Read more

Malware as Performance Art? OpenDNS Shows the Dangerous “Dance” of Cryptolocker

By now practically every information security professional and thousands of unfortunate victims are aware of CryptoLocker, the dangerous malware that encrypts all of a victim’s files and holds them for ransom. Security experts say it’s relatively easy to remove the malware itself but the damage is done when entire file systems cannot...

Read more

Finally, a Detailed Set of Cybersecurity Guidelines for SMBs (But Enterprises Can Use Them Too)

Small and medium businesses (SMBs) often don’t pay enough attention to cybersecurity, but they are no less vulnerable than their enterprise counterparts are to data breaches and attacks. In fact, attackers might consider SMBs to be an easier path into larger enterprises that are the real target. In his blog post “Are Small Business...

Read more

The National Computer Forensics Institute Trains U.S. Law Enforcement Professionals on Digital Evidence

In 2011, young mother Casey Anthony went on trial for the murder of her two year old daughter Caylee. You may recall some of the lurid details from the case. In June 2008, the mother reported her child as missing. Caylee’s skeletal remains were found by a utility worker in December 2008. Prosecutors felt they had enough evidence to charge...

Read more

Nobody Reads Terms and Conditions, Do They? Pay Attention To What You Agree To!

Recently I needed to download some software to my PC and, being the security-conscious person that I am, I made an attempt to read the software provider’s terms and conditions (T’s & C’s). I’ll admit that I got just so far in really reading the script. Then I started skimming the words, and then skipping entire...

Read more

A Lesson in Social Engineering: How a “Security-aware” Organization Was Completely Duped

There is a must-read article published IDG News Service and posted to Network World. (See Fake social media ID duped security-aware IT guys.) This is the story of how security experts conducting penetration tests of an unnamed European organization used a very convincing but very fake social media persona to infiltrate the targeted organization....

Read more

Official Memo Says the Lack of End-To-End Testing Poses “A High Risk” for the Federal Healthcare Exchange

In an earlier post, I speculated that the systems behind the healthcare exchange marketplace known as the Federally Facilitated Marketplace (FFM) and hosted on Healthcare.gov were not tested end-to-end and could not be trusted to ensure data security and privacy. My speculation a few days ago is now totally confirmed by the people in...

Read more

What’s the Word From Healthcare.gov? “Trust Us With Your Most Sensitive Data.”

Healthcare.gov, the website for the Affordable Care Act, has been in the news a lot this month. Ever since it was launched to the public on October 1, it has been riddled with performance problems. Administration officials have stated that the issues stem from the sheer complexity of a system that is being asked to do so much. I’m not...

Read more

Gartner VP Confirms DDoS Attacks Were Used as Smoke Screens to Hide Financial Fraud

In an article posted on BankInfoSecurity.com, Gartner Research vice president Avivah Litan confirms that some of the DDoS attacks that have rippled through the banking industry over the past year have been a cover-up for fraud. While bank cyber security personnel were distracted in combating the denial of service attacks, hackers were busy...

Read more

There’s a Bidding War For People With Good Cyber Security Skills

If you are a cyber security expert – or you are on your way to becoming one – you’d better stock up on Ray-Bans. Your future is so bright, you’re going to need them. According to an article published by NBC News, there is a global shortage of skilled cyber security professionals.     The...

Read more

The Global Industrial Cyber Security Professional Certification (GICSP) is Launching in November

There’s an important new cyber security certification coming to market at the end of November. I recently talked to Mike Assante of SANS Institute and Scott Cassity of Global Information Assurance Certification (GIAC) to get the details because I think there will be tremendous interest worldwide in this certification and the associated...

Read more

New Windows 8.1 Security Improvements Help Protect Against Pass the Hash Attacks

This National Cyber Security Awareness month, we’d like to congratulate and thank Microsoft on their efforts to block Pass the Hash cyber-attacks. Known by Microsoft as “one of the most popular types of credential theft and reuse attacks,” Pass the Hash attacks are known for their ability to infiltrate full networks within...

Read more

National Cybersecurity Awareness Month: The Government Agency Behind it Can’t Participate at This Time

Oh, the irony. I don’t know whether to laugh or cry. October is National Cybersecurity Awareness Month. This is the month that the U.S. federal government wants us all to take responsibility for cyber security. Public companies, private companies, individual consumers, government agencies, institutions of every ilk, hardware and software...

Read more

Cyber criminals increasingly use advanced methods to implement attack vectors

European Union Agency for Network and Information Security (ENSIA) recently launched their Mid-Year 2013 Threat Landscape report, a sneak peek into what’s to come in the full ENISA Threat Landscape report to be published before the end of 2013. The brief summary gives readers a bit of insight into the changes in trends since the 2012...

Read more

PCI-DSS 3.0: Will it Successfully Address Compliant Insecurity?

I and many others have been saying for a long time that being compliant with a regulation or industry mandate does not make a computing environment secure. There are numerous reasons this is true, ranging from “the check list approach” to “not understanding the actual intent of specific compliance controls.”  This is...

Read more

Collateral Damage From the NSA Spying Debacle: Trust in U.S. IT Companies is Shattered

There’s an old proverb that goes something like this: Crap rolls downhill. (Well, the proverb uses an even more crude slang word instead of “crap,” but I’m trying to be polite here.) I think this proverb aptly applies to the fallout from Edward Snowden revealing secret details of government mass surveillance programs...

Read more

Lessons Learned From the Banking Industry DDoS Attacks: Good Advice Worth Heeding

Now that the banking industry has gone through four rounds of very public DDoS attacks, experts are looking at what happened to extract some “lessons learned” to turn this negative into a positive. Even if your business isn’t a financial institution, there’s good advice here that’s certainly worth...

Read more

Store Systems Security: Preparing for the Retail System and Security Paradigm Shift

I was in an Office Depot the other day. There was one person in line at the checkout counter and another customer approaching the line. Then a sales clerk intercepted the person heading toward the line and said, “I can help you right here, sir.” The clerk had a mobile device in her hands. She swiped the customer’s credit card,...

Read more

A Three-pronged Approach to Eliminating Phishing Emails, part 2

In my previous article I outlined the first element of the three-pronged approach to eliminating phishing emails. This involves email service providers screening and rejecting spoofed emails based on explicit policies specified by legitimate email domains. About 85% of all ESPs already observe these policies when they are provided, so now the...

Read more

A Three-pronged Approach to Eliminating Phishing Emails, part 1

According to the Verizon 2012 Data Breach Investigations Report, more than 95% of the breaches Verizon investigated in recent years started with a phishing email. You know how it goes. A worker receives an email that looks perfectly legitimate. Maybe it appears to come from his bank, or from a shipping company he does business with. There’s...

Read more

Sophisticated Attackers Combine E-mails With Phone Calls

Security vendor Symantec has given fresh details of a series of sophisticated cyber attacks targeting mainly French companies in which the criminals combine e-mail with voice calls to steal money. “These tactics, using an email followed up by a phone call using perfect French, are highly unusual and are a sign of aggressive social...

Read more

Here we go again. Another stolen laptop puts patient information at risk

It happened again—another doctor’s office, another stolen laptop laden with patient records. The Houston Chronicle is reporting that a laptop computer containing unencrypted information pertaining to nearly 600 patients has been stolen from the University of Texas Health Science Center at Houston. Sigh. When will they ever...

Read more

A new generation of IT security solutions for an evolving threat landscape

I recently had a chat with Manish Gupta, senior vice president of products at security vendor FireEye. Gupta described how the IT threat landscape has changed dramatically over the last three or four years, and how this has rendered legacy security solutions rather weak. This means that a new generation of IT security solutions has to be developed...

Read more

Chrome Has a Better Bug Catcher Than Mozilla

A study comparing two leading vulnerability rewards programs (VRPs) has found that the one offered by Google Chrome is working better than that run by Mozilla. The study, by Matthew Finifter, Devdatta Akhawe and David Wagner of the University of California, Berkeley, was presented this month at the USENIX Security Symposium in Washington,...

Read more

A must-read report for everyone involved in software development: “The State of Application Security"

If you have any role at all regarding security in the application development process – especially a leadership role that oversees development – you simply must read a new report by the Ponemon Institute and the application security company Security Innovation. You’ll find “The State of Application Security” here....

Read more

“Jekyll App” Beats IOS Security Measures

Researchers at Georgia Institute of Technology say they have developed what they call a “Jekyll app” for iOS devices that bypasses Apple’s security measures and can be used for a range of malicious purposes from sending tweets and dialing numbers to operating the camera. In a paper presented this month at the USENIX...

Read more

Google Encrypts All Data In Cloud Storage

Google Cloud Platform announced this week that it is now automatically encrypting all data before it is written to disk – but many users were skeptical about the security advantages. Dave Barth, Google Cloud product manager, said in a blog post the goal was to make it as painless as possible for users to secure their...

Read more

Dalai Lama’s Website Hacked

The Chinese-language website of Tibet’s exiled leader, the Dalai Lama, has been compromised in a “precisely targeted” watering-hole attack, a Kaspersky Labs researcher reported. Senior security researcher Kurt Baumgartner described the attack in his blog. “A snippet of code on the Central Tibetan Administration...

Read more

Gartner Sees Security Opportunity in Expanding Mobile Market

The proliferation of mobile devices is opening new opportunities for security vendors, but innovative approaches to the market are needed, Gartner Inc says in a new report. Ruggero Contu, research director at Gartner, says one of the challenges facing vendors is that consumer adoption and willingness to pay for antivirus software on mobile...

Read more

Lavabit, Silent Mail Close Down

Two secure e-mail services, Lavabit and Silent Mail, were closed down this week in what many observers called fall-out from the Edward Snowden leaks about NSA spying on communications. “I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard...

Read more

Thinking About How to Secure the Internet of Things (IoT)

Michael Cooney of Network World published a semi-silly article about malware affecting smart toilets that run the Android operating system. (See Just when you thought it was safe to go to the bathroom – toilet malware strikes.) The article reports that TrustWave SpiderLads issued a security bulletin to warn users of the...

Read more

Windows 8.1 Upgrades Security Measures

Software giant Microsoft has unveiled the new security measures in Windows 8.1, including fingerprint biometrics, multifactor authentication for BYODs and enhanced malware resistance. Dustin Ingalls, Group Program Manager for Windows Security & Identity, in a blog this week, listed the major features as trusted hardware, modern access...

Read more

Industrial Plants Can Be Disrupted With a Remote

The wireless control systems used at many major infrastructure facilities have vulnerabilities which could allow a hacker with a radio frequency (RF) transceiver to close down a plant from up to 40 miles away; two security researchers told the Black Hat convention in Las Vegas.

Read more

Don’t Believe Everything You Read

Lies, damned lies, and statistics – it’s a phrase that has been attributed to Mark Twain and former British Prime Minister Benjamin Disraeli, among others. Whoever it was that said it first, he could have been talking about vulnerability statistics.

Read more

Android Master Key Malware Surfaces in China

The first known malware to exploit the Android master key vulnerability described by BlueBox Security has been found in an application market based in China, a McAfee researcher reported this week. Mobile malware researcher Daisuke Nakajima said the app used the vulnerability to hide the malicious classes.dex from Android’s package...

Read more

Stock Exchanges Fear Cyber Threat is Growing

Researchers working in the securities sector have warned that stock exchanges around the world have become the targets of cyber-criminals and that the potential exists for attacks that would close down financial markets. The warning was made in a report issued this month (July 2013) by the International Organization of Securities Commissions...

Read more

I Spy With My Little Eye…A Scam!

If someone offered you the opportunity to secretly read your friends’ instant messages without being detected, would you want to do that? You could spy on your significant other, or your friends and coworkers—and no one would be the wiser. All you have to do is go to a discreet website and provide your cell phone number so you can...

Read more

What To Do When Ransomware Holds a PC Hostage

In my previous post, I talked about ransomware locking a user out from his PC. This article is geared toward the IT professional who may be called upon to attempt to unlock the PC and clean up the mess the malware leaves behind. For the advice below, I consulted with John Harrison, Group Manager at Symantec Security Response. His team is in the...

Read more

Your Computer Has Been Locked! Pay Money Now if You Ever Want to Use Your PC Again!

Recently I got a phone call from a friend who told me her PC had popped up a big bold warning message that told her that a virus had been detected on her computer. She couldn't get the message to clear off of her PC—the computer seemed to be frozen. The message said that she could pay $39 to load software that would completely remove the...

Read more

FBI Ransomware Could Be Generating Big Income

A new type of ransomeware that tries to fool victims using Macs or Windows into paying fines of $300 could be making its authors hundreds of thousands of dollars a day, according to a senior security researcher at Malwarebytes. Jerome Segura wrote in a blog that the scam displays a message purportedly from the FBI telling the user that his or...

Read more

Privacy Double Standard: You Can Track Online But Not On Foot

There’s an article in the New York Times about how retail stores are increasingly using technology to track customers’ movements and interests when they are physically in the stores. (Check out the article’s video to see some of this technology in action.) Stores use Wi-Fi signals from customers’ mobile phones to track...

Read more

Study Finds “Surprises” in Browser Warning Effectiveness

Computer users generally take note of browser warnings about unsafe websites, but up to 70 percent of Google Chrome’s SSL (secure socket layer) warnings fail to dissuade users from visiting a site, according to a recent study. The research on Chrome and Mozilla Firefox was conducted in May and June this year by Devdatta Akhawe of the...

Read more

Data encryption in the cloud is not enough to keep the feds from eying your data if they want to

The New York Times reported that Microsoft has collaborated with the National Security Agency (NSA)more extensively than it previously acknowledged. According to classified internal NSA newsletters that were disclosed by the former NSA contractor Edward Snowden, Microsoft has helped the NSA find ways to circumvent its encryption on its Outlook.com...

Read more

EDA Overreacts to Malware Scare

The Economic Development Administration (EDA) in Washington, D.C. physically destroyed computers and other IT equipment worth $170,000 in a comedy of errors sparked by a relatively harmless malware incident, according to an audit report. The report by the inspector general’s office in the Department of Commerce, released late last month,...

Read more

Def Con Asks Feds to Stay Away

In further fall-out from the Edward Snowden spying revelations, the organizers of the hacker's convention Def Con this week asked officials of the federal government to stay away from the event. In a post on the Def Con website, the founder of the event Jeff Moss said: “When it comes to sharing and socializing with feds, recent...

Read more

Don’t Write Your BYOD Policy from Scratch – Check Out These Samples to Jumpstart Your Own Policy

Whether or not your organization allows employees to use their personally owned devices to access corporate resources, you need to have a written policy that covers the acceptable use of mobile devices. This policy should clearly communicate to all employees what is, and is not, acceptable use of their smartphones, tablets and other mobile devices...

Read more

McAfee Says South Korea Is Cyber Espionage Target

The cyber attack on South Korean banks and media outlets in March was part of a wider four-year military espionage operation against the Seoul government, McAfee Labs said this week. In an analysis of a series of hacking attacks on South Korea since 2009, the security software company said the attackers used a remote-access Trojan to compromise...