Blog Posts Tagged with "Denial of Service"
Hacktivists Targeting DNS Servers & an Effective DNS Offensive Counter-Measure
January 07, 2013 Added by:Dan Dieterle
Denial of Service (DoS) attacks used to be the main tool in the Hacktivists toolbox. For the most part, they are not very hi-tech and anyone can run the software to attack websites to aid in their preferred “cause”. But as the recent hacktivism attacks in Israel (and now Pakistan) have shown, DNS server attacks are now all the rage.
Comments (0)
An Eleven Character Linux Denial of Service Attack & How to Defend Against it
January 03, 2013 Added by:Dan Dieterle
Meet the “Fork Bomb”. Basically all it does is instruct Linux to open processes – over and over again for an almost infinite number of times. Your RAM and CPU usage rises until the system no longer responds to input.
Comments (0)
Clean That Network Traffic
October 31, 2012 Added by:Richard Stiennon
Why not deploy an intelligent appliance behind the router and in front of the firewall? Filter out all the junk before you expend any resources in your firewall, or log all the events with your IDS/SEIM. Reduce your need for multiple servers and load balancers. This is like a reverse osmosis for your network...
Comments (0)
Prolexic Q3 2012 ... a new generation of DDoS attacks
October 20, 2012 Added by:Pierluigi Paganini
This is significant because very few companies or organizations have the necessary network infrastructure to deal with such attacks. There might be some companies with popular websites such as Google or Facebook that are able to handle such high-bandwidth floods, but most companies are not...
Comments (0)
How to Protect against Denial of Service Attacks: Refresher
October 03, 2012 Added by:Stephen Marchewitz
In order to mitigate this threat, ISPs will need to combine their efforts. It would take a global effort on the part of the ISPs. Until then, the capabilities are there to deal with the issue when it arises on a per incident basis...
Comments (3)
Iran Increasing Tensions: Cyber Perspective
September 24, 2012 Added by:Pierluigi Paganini
A massive cyber attack could increase hostilities, anticipating a conventional strike, but the Government of Teheran is showing awareness of risks related to a cyber attack and it has started a massive propaganda campaign to show to the western world its cyber capabilities...
Comments (4)
ICS-CERT: GarrettCom Magnum Privilege Escalation
September 04, 2012 Added by:Infosec Island Admin
Successful exploitation of this vulnerability could allow escalation of privileges to full administrative access. The privilege escalation could provide the attacker a vector for making changes to settings, or initiating a complete device shutdown causing a denial of service...
Comments (0)
ICS-CERT: SIMATIC S7-400 Denial of Service Vulnerabilities
August 07, 2012 Added by:Infosec Island Admin
Siemens has reported DoS vulnerabilities in the SIMATIC S7-400 V6 and SIMATIC S7-400 V5 PN CPU products. When specially crafted packets are received on Ethernet interfaces by the SIMATIC S7-400, the device can default into defect mode. A PLC in defect mode needs to be manually reset to return to normal operation...
Comments (0)
Cyber: Boundless Nonsense
July 31, 2012 Added by:Don Eijndhoven
What is neutral behavior in the context of cyber warfare? Are you, as a neutral country obliged to drop all traffic between these two waring nations that crosses your networks? And if you’re not, are you obliged to make sure none of the cyber attacks are originating from compromised systems within your borders?
Comments (8)
Application Layer DDoS Attacks Decline in Q2 2012
July 18, 2012 Added by:Headlines
“Q2 data showed a return to traditional infrastructure attacks and is likely a reflection of changing tools for launching DDoS attacks. With Layer 7 attacks, the risk of detection and eventual take down by law enforcement increases because these attacks disclose the IP address of the attacking botnet..."
Comments (0)
ICS-CERT: WellinTech KingView and KingHistorian Vulnerabilities
July 09, 2012 Added by:Infosec Island Admin
Researchers have identified multiple vulnerabilities in WellinTech’s KingView and a single vulnerability in WellinTech’s KingHistorian application which are exploitable remotely and could lead to arbitrary code execution, information disclosure, and denial of service...
Comments (0)
Companies Go on the Offensive
June 26, 2012 Added by:Mark Baldwin
Being the victim of an attack is not fun and it is easy to understand why businesses would like to take a more active stance against the attackers. Unfortunately, businesses that go down this path are likely to run into technical and legal problems. Let’s examine some of the possible outcomes...
Comments (0)
ICS-CERT: Wonderware SuiteLink Unallocated Unicode String
June 22, 2012 Added by:Infosec Island Admin
Independent researcher Luigi Auriemma identified a maliciously crafted Unicode string vulnerability causing a stack-based buffer overflow with proof-of-concept (PoC) exploit code that affects the Invensys Wonderware SuiteLink service (slssvc.exe)...
Comments (2)
ICS-CERT: WAGO I/O 750 Multiple Vulnerabilities
June 21, 2012 Added by:Infosec Island Admin
The reported vulnerabilities from DSecRG have been coordinated with WAGO. WAGO has determined that the vulnerabilities can be mitigated by adjusting system configurations of services not in use. WAGO has released a customer cybersecurity notification on best security practices its products...
Comments (0)
ICS-CERT: Sielco Sistemi Winlog Buffer Overflow
June 18, 2012 Added by:Infosec Island Admin
ICS-CERT is aware of a public report of a buffer overflow vulnerability with proof-of-concept exploit code affecting Sielco Sistemi Winlog. The vulnerability is exploitable by sending specially crafted requests to TCP/46824 which could result in a denial of service and remote code execution...
Comments (0)
LulzSec Hacker Indicted for Conspiracy to Conduct Cyber Attacks
June 14, 2012 Added by:Headlines
The indictment alleges that Ryan Cleary controlled a large botnet of potentially hundreds of thousands of units to conduct DDoS attacks and would rent out his botnet for certain time periods in exchange for money from individuals interested in conducting DDoS attacks targeting specific victims...
Comments (0)
- If You Don’t Have Visibility, You Don’t Have Security
- Ransomware: Why Hackers Have Taken Aim at City Governments
- 5 Limitations of Network-Centric Security in the Cloud
- 1 Million South Korean Credit Card Records Found Online
- Top Three Cross-Site Scripting Attacks You Need to Know Now
- Arkose Labs Launches Private Bug Bounty Program
- Eight Steps to Migrate Your SIEM
- What Call Center Fraud Can Teach Us about Insider Threats
- Best Practices for Remote Workers’ Endpoint Security
- Cisco Patches Critical Flaw in Vision Dynamic Signage Director