Items Tagged with "Denial of Service"
January 07, 2013 Added by:Dan Dieterle
Denial of Service (DoS) attacks used to be the main tool in the Hacktivists toolbox. For the most part, they are not very hi-tech and anyone can run the software to attack websites to aid in their preferred “cause”. But as the recent hacktivism attacks in Israel (and now Pakistan) have shown, DNS server attacks are now all the rage.
January 03, 2013 Added by:Dan Dieterle
Meet the “Fork Bomb”. Basically all it does is instruct Linux to open processes – over and over again for an almost infinite number of times. Your RAM and CPU usage rises until the system no longer responds to input.
October 31, 2012 Added by:Richard Stiennon
Why not deploy an intelligent appliance behind the router and in front of the firewall? Filter out all the junk before you expend any resources in your firewall, or log all the events with your IDS/SEIM. Reduce your need for multiple servers and load balancers. This is like a reverse osmosis for your network...
October 20, 2012 Added by:Pierluigi Paganini
This is significant because very few companies or organizations have the necessary network infrastructure to deal with such attacks. There might be some companies with popular websites such as Google or Facebook that are able to handle such high-bandwidth floods, but most companies are not...
October 03, 2012 Added by:Stephen Marchewitz
In order to mitigate this threat, ISPs will need to combine their efforts. It would take a global effort on the part of the ISPs. Until then, the capabilities are there to deal with the issue when it arises on a per incident basis...
September 24, 2012 Added by:Pierluigi Paganini
A massive cyber attack could increase hostilities, anticipating a conventional strike, but the Government of Teheran is showing awareness of risks related to a cyber attack and it has started a massive propaganda campaign to show to the western world its cyber capabilities...
September 04, 2012 Added by:Infosec Island Admin
Successful exploitation of this vulnerability could allow escalation of privileges to full administrative access. The privilege escalation could provide the attacker a vector for making changes to settings, or initiating a complete device shutdown causing a denial of service...
August 07, 2012 Added by:Infosec Island Admin
Siemens has reported DoS vulnerabilities in the SIMATIC S7-400 V6 and SIMATIC S7-400 V5 PN CPU products. When specially crafted packets are received on Ethernet interfaces by the SIMATIC S7-400, the device can default into defect mode. A PLC in defect mode needs to be manually reset to return to normal operation...
August 02, 2012
This publication describes the characteristics of IDPS technologies and provides recommendations for designing, implementing, configuring, securing, monitoring, and maintaining them. The types of IDPS technologies are differentiated by the events that they monitor and the ways in which they are deployed...
July 31, 2012 Added by:Don Eijndhoven
What is neutral behavior in the context of cyber warfare? Are you, as a neutral country obliged to drop all traffic between these two waring nations that crosses your networks? And if you’re not, are you obliged to make sure none of the cyber attacks are originating from compromised systems within your borders?
July 18, 2012 Added by:Headlines
“Q2 data showed a return to traditional infrastructure attacks and is likely a reflection of changing tools for launching DDoS attacks. With Layer 7 attacks, the risk of detection and eventual take down by law enforcement increases because these attacks disclose the IP address of the attacking botnet..."
July 09, 2012 Added by:Infosec Island Admin
Researchers have identified multiple vulnerabilities in WellinTech’s KingView and a single vulnerability in WellinTech’s KingHistorian application which are exploitable remotely and could lead to arbitrary code execution, information disclosure, and denial of service...
June 26, 2012 Added by:Mark Baldwin
Being the victim of an attack is not fun and it is easy to understand why businesses would like to take a more active stance against the attackers. Unfortunately, businesses that go down this path are likely to run into technical and legal problems. Let’s examine some of the possible outcomes...
June 22, 2012 Added by:Infosec Island Admin
Independent researcher Luigi Auriemma identified a maliciously crafted Unicode string vulnerability causing a stack-based buffer overflow with proof-of-concept (PoC) exploit code that affects the Invensys Wonderware SuiteLink service (slssvc.exe)...
June 21, 2012 Added by:Infosec Island Admin
The reported vulnerabilities from DSecRG have been coordinated with WAGO. WAGO has determined that the vulnerabilities can be mitigated by adjusting system configurations of services not in use. WAGO has released a customer cybersecurity notification on best security practices its products...
June 18, 2012 Added by:Infosec Island Admin
ICS-CERT is aware of a public report of a buffer overflow vulnerability with proof-of-concept exploit code affecting Sielco Sistemi Winlog. The vulnerability is exploitable by sending specially crafted requests to TCP/46824 which could result in a denial of service and remote code execution...