Items Tagged with "Denial of Service"
Understanding CSRF Attacks on Network Devices
April 19, 2012
Similar to vulnerabilities in applications on websites, there are also vulnerabilities in the admin panels of different network devices, including Cross-Site Request Forgery(CSRF)vulnerabilities where hackers attack users who have access to those network devices...
Comments (0)
Patriot Hackers: GET OFF MY LAWN!
April 18, 2012 Added by:Infosec Island Admin
Do something constructive instead of destructive and inhibiting. You never know what you are stumbling about in. You could be ruining operations that lead to arrests or actionable intelligence. Think about it before you go all Charles Bronson and then a Pastebin dump about it...
Comments (3)
ICS-CERT: Certec WebMI2ADS Multiple Vulnerabilities
April 17, 2012 Added by:Infosec Island Admin
Researcher Luigi Auriemma has identified multiple vulnerabilities in Certec’s WebMI2ADS application. Successful exploitation of these vulnerabilities may allow an attacker to cause a denial of service (DoS) or could lead to data leakage...
Comments (0)
A Detailed Analysis of the DDoS Phenomena
April 16, 2012 Added by:Pierluigi Paganini
The report showed 19.1TB of data and 14 billion packets of malicious traffic were aimed at financial services during Q4 2011, and that the traffic increased during Q1 2012, with 65TB of data and 1.1 trillion packets that were identified and mitigated. The figures are amazing...
Comments (0)
Dirt Jumper DDoS Botnet Variants Continue to Proliferate
April 13, 2012 Added by:Headlines
“Development will continue, and there are increasing trends towards the development of attack techniques that will bypass certain types of anti-DDoS protection measures. The underground economy continues to flourish, and DDoS services are a piece of that rotten pie..."
Comments (0)
ICS-CERT: ABB Multiple Components Buffer Overflow
April 11, 2012 Added by:Infosec Island Admin
Researchers have identified a buffer overflow vulnerability in multiple components of the ABB WebWare Server application which could lead to a denial-of-service for the application and privilege escalation or could allow an attacker to execute arbitrary code...
Comments (0)
ICS-CERT: ABB WebWare Server Buffer Overflow
April 06, 2012 Added by:Infosec Island Admin
Researchers have identified a buffer overflow vulnerability in multiple components of the ABB WebWare Server application which if exploited could lead to a denial-of-service for the application and privilege escalation or could allow an attacker to execute arbitrary code...
Comments (0)
ICS-CERT: Rockwell Automation FactoryTalk Vulnerability
March 29, 2012 Added by:Infosec Island Admin
Researchers have identified two vulnerabilities that may result in a denial-of-service (DoS) condition in the Rockwell Automation FactoryTalk (FT) application which if successfully exploited may result in a Denial of Service condition...
Comments (0)
Can DNS Attacks Threaten the Internet on a Large Scale?
March 27, 2012 Added by:Alan Woodward
This attack is theoretically possible because the DNS is a hierarchy. At the top level are 13 servers. Disrupt them and you could disrupt the entire DNS network. Authorities know this and they put a lot of effort into ensuring that the DNS network can cope with a DOS attack...
Comments (3)
Running Apache? Beware of "Armageddon"...
March 19, 2012 Added by:Kevin McAleavey
"Apache Killer" exploits a vulnerability in the server by sending a specially crafted Range HTTP header to trigger a denial-of-service condition, and a single computer is capable of bringing Apache to its knees. A botnet full of these can result in "tango down"...
Comments (0)
Cisco Releases Multiple Security Advisories
March 15, 2012 Added by:Headlines
The Cisco AnyConnect ActiveX control contains a buffer overflow vulnerability which can allow a remote attacker to convince a user to view a specially crafted HTML document, and the attacker may be able to then execute arbitrary code...
Comments (1)
ICS-CERT: GE Intelligent Platforms Proficy Historian Data Advisory
March 15, 2012 Added by:Infosec Island Admin
ICS-CERT received a report from GE Intelligent Platforms concerning a memory corruption vulnerability in the GE Intelligent Platforms Proficy Historian Data Archiver could allow an attacker to cause the service to crash, and may lead to arbitrary code execution...
Comments (0)
Examining the Top Ten Database Threats
March 14, 2012 Added by:PCI Guru
Most attacks are perpetrated inside the perimeter, so protection from an inside attack is important. Once an attacker is on the inside, it is easy to use SQL injection or other techniques to obtain data. Organizations are just beginning to understand the insider threat...
Comments (0)
Th3J35t3r: Don’t Dox The Man, Dox The Actions
March 14, 2012 Added by:Infosec Island Admin
Jester may just be a person or a small group of people with an agenda that includes a media arm seeking attention from the populace, not motivated by altruism or patriotism. If indeed he/they think that they are doing something greater, then he/they are deluding themselves...
Comments (9)
ICS-CERT: xArrow SCADA HMI Multiple Vulnerabilities
March 07, 2012 Added by:Infosec Island Admin
ICS-CERT is aware of a public report detailing multiple vulnerabilities with proof-of-concept (PoC) exploit code affecting xArrow, a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product that are are remotely exploitable...
Comments (0)
Adobe Releases Critical Updates for Flash Player Vulnerability
March 06, 2012 Added by:Infosec Island Admin
Adobe has released critical updates for Android, Windows, Linux and Solaris operating systems to mitigate vulnerabilities in the company's Flash Player software that may have allowed attackers to inflict a denial of service or take control of a targeted system...