Security Alerts & News
by Tymoteusz A. Góral

History
#1178 Attackers launch multi-vector DDoS attacks that use DNSSEC amplification
Almost 60 percent of all DDoS attacks observed during the first quarter of this year were multi-vector attacks, Akamai said in a report released last month. The majority of them used two vectors, and only 2 percent used five or more techniques.

The DNS (Domain Name System) reflection technique used in this large attack was also interesting, because attackers abused DNSSEC-enabled domains in order to generate larger responses.

DNS reflection involves abusing misconfigured DNS resolvers that respond to spoofed requests. Attackers can send DNS queries to these servers on the Internet by specifying the target's Internet Protocol (IP) address as the request's source address. This causes the server to direct its response to the victim instead of the real source of the DNS query.
Read more
#1183 Internet of Things security is dreadful: Here's what to do to protect yourself
#1182 ARM, Symantec build security standard for Internet of Things
#1181 Oracle patches record 276 vulnerabilities with July critical patch update
#1180 SoakSoak botnet pushing neutrino exploit kit and CryptXXX ransomware
#1179 Firefox to block non-essential Flash content In August 2016, require click-to-activate In 2017
#1178 Attackers launch multi-vector DDoS attacks that use DNSSEC amplification
#1177 Wave of business websites hijacked to deliver crypto-ransomware
#1176 Library of Congress hit with a denial-of-service attack
#1175 Software flaw puts mobile phones and networks at risk of complete takeover
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12