Home Tags Attack victims

Tag: attack victims

DDoS attacks in Q3 2017

In the third quarter of 2017, we registered a considerable increase in the number of both DDoS attacks and their targets.

Traditionally, China is the country with the largest number of attack sources and targets.
It was followed by the United States and South Korea.

The popularity of Windows OS as a basis for creating a botnet has fallen noticeably, while the share of Linux-based botnets increased proportionally.
Tim on the social media team will need a new job You'd have thought that Equifax staff would be on their toes ever since the megahack that exposed the private data of over 143 million Americans but the corporation's social media certainly haven't got the message.…

DDoS attacks in Q2 2017

The second quarter quite clearly showed that the DDoS-attack threat is perceived rather seriously.
Some companies were prepared to pay cybercriminals literally after their first demand without waiting for the attack itself.

This set off a whole new wave of fraud involving money extortion under threat of a DDoS attack, also known as “ransom DDoSrdquo;.
The massive breach at Yahoo means that a treasure trove of stolen data is in the hands of hackers -- putting millions of internet users at risk. At least half a billion Yahoo accounts have been affected in one of the biggest data breaches in history.
Information including names, email addresses, telephone numbers, and hashed passwords may have been stolen. Yahoo has blamed the attack on a "state-sponsored actor," but it's far from clear who hacked the internet company and how the culprits pulled off the attack. Blaming it on a state-sponsored actor, however, indicates that Yahoo may have found evidence that the hackers were targeting the company over a long period of time, said Vitali Kremez, a cybercrime analyst at security firm Flashpoint. Stealing data on 500 million accounts is usually no easy task, he added. "The hackers probably attacked slowly, and quietly, without anyone watching," Kremez said. "They couldn't just come in and take the grand piano." Prior to Thursday's confirmed breach, Yahoo had already been investigating another leak.
In August, an anonymous hacker was found selling a database with login details on 200 million Yahoo accounts. The company hasn't said if the two incidents are connected.
Still, Alex Holden, CIO at security firm Hold Security, wonders how many hackers are in possession of the company's stolen database.  "The Yahoo data breach will have a much bigger impact than almost any other breach that I can speak of," Holden said. "Yahoo was once the number one email provider." According to Yahoo, the breach disclosed on Thursday involved data taken from late 2014 -- meaning hackers had two years to secretly capitalize on what they stole.
Security experts like Holden have noted that some people rely on Yahoo email for work purposes, putting corporate information potentially at risk.    Why it took so long for Yahoo to find out and inform the public wasn't clear from the company's statement on the breach. "This is probably the worst thing that could have happened," said Brad Bussie, director of product management at Stealthbits Technologies. "They (Yahoo) were probably trying to find the best way to break this info to the press." The hack also surprised Verizon, which recently agreed to acquire Yahoo. It said on Thursday that it had only learned about the breach within the last two days. "We will evaluate as the investigation continues through the lens of overall Verizon interests," the company said. Yahoo is already notifying the affected users, and working with law enforcement to investigate the incident.

The company added that most of the passwords stolen were hashed with bcrypt, making them exceptionally difficult to crack. However, the stolen data from Yahoo can be used in other ways to attack victims, Bussie said. The stolen email addresses alone put users at risk of spam attacks and the additional information could be used to trick users into divulging more information about themselves. The stolen data from Yahoo also includes the security questions and answers used to protect their accounts. "Most people use the same questions and answers on multiple sites, even for the corporate ones," Bussie added.  Even though it may be time-consuming, he advises that affected users change their passwords and security questions, not just at Yahoo, but across all their internet accounts. As shocking as the size of the breach is, security experts aren't surprised it happened. Yahoo is just the latest high-profile company to fall victim.

Earlier this year, Dropbox, LinkedIn and Myspace also reported data breaches affecting millions of user accounts. Hackers and data hoarders have been trading the information online.  "When you start combining all these different data dumps, you get some valuable information on internet users," said Jeremiah Grossman, chief of security strategy, at SentinelOne. "It makes it easier for all  kinds of hacks, state-sponsored or cyber crime."
Plaid Parliament of Pwning's IE attack turned into pay-to-p0wn cannon The new wearer of the crown for World's Worst Exploit Kit is compromising users with exploit code for a dangerous new attack published by a white hat researcher. Neutrino is the new king of for-profit p0wnage packages, a market in which criminals create tools to compromise scores of users through the latest vulnerabilities. Neutrino's authors, who have risen to prominence since the likely arrest of the former top dogs behind the Angler exploit kit, were quick to snap up exploit code published to GitHub that allowed attackers to plunder a nasty Microsoft vulnerability (CVE-2016-0189). That code comes from the Plaid Parliament of Pwning, known for dominating the DEF CON capture the flag events, published exploit code for the scripting engine memory corruption vulnerability under their new firm Theori.io. That publication is standard practice throughout significant sections of the information security community which operates on an open disclosure basis and the understanding that security through obscurity is largely a myth. The hacking crew were the first to detail the exploit code, but not the first to abuse it; the vulnerability came to light as a then zero-day flaw being used to attack victims in South Korea with spear phishing emails that launched the exploit and downloaded unknown payloads. FireEye security boffins Kenneth Johnson; Sai Omkar Vashisht; Yasir Khalid, and Dan Caselden detailed Neurtino's use of Theori.io's exploit code using one example in which Neutrino used exploits for five patched vulnerabilities, three for Adobe Flash Player, and two for Internet Explorer. "CVE-2016-0189 is the newest addition to Neutrino’s arsenal," the team says. "The exploit embedded within Neutrino is identical to this researcher’s exploit, except for the code that runs after initial control." Theori.io reverse-engineered Microsoft's May patch for the flaw to cook up their exploit. ® Sponsored: Global DDoS threat landscape report