When the three U.S. hackers, Paras Jha, Josiah White and Dalton Norman, pled guilty to creating the Mirai botnet last year, it became apparent from a Wired investigation that the three had created the botnet in the first place to create a competitive … [Read more...] about Mirai and Minecraft
botnet
The Last Decade in DDoS
DDoS attacks have seen a huge explosion in size and scale over the last decade. The last three years alone have seen the largest DDoS attack in history milestone be repeatedly knocked down. One of the most interesting of these in terms of politics … [Read more...] about The Last Decade in DDoS
The Men Behind Mirai
Last month, three men pleaded guilty to creating the Mirai botnet, in which hundreds of thousands of connected digital video records, routers and cameras were used to launch a massive DDoS attack against the domain name services company, Dyn for an … [Read more...] about The Men Behind Mirai
IoT Case Study 2: Reaper
The mammoth botnet of 2017 was “Reaper”, also known as “IoT Troop”, which compared to its parallel of 2016, “Mirai”, looks set to have a considerably larger impact and is significantly more complicated. Looking back, the Mirai botnet seems … [Read more...] about IoT Case Study 2: Reaper
What are DDoS Toolkits, and DDoS-for-hire Services?
What are DDoS Toolkits? DDoS toolkits are software packages that infect numerous connected devices, which are then used as botnets in future DDoS attacks. They are typically authored by black hat hackers with professional intent to stress services … [Read more...] about What are DDoS Toolkits, and DDoS-for-hire Services?
What is a NTP Amplification Attack?
An NTP amplification attack is one in which the perpetrator seeks to overwhelm a targeted server and its surrounding infrastructure with UDP traffic by exploiting publicly accessible Network Time Protocol (NTP) servers. This type of DDoS attack is … [Read more...] about What is a NTP Amplification Attack?
What is a Ping Flood?
A Ping Flood is an evolved variant of an ICMP Flood in which attackers use PING, a variant ICMP to send highly-spoofed PING (ICMP) echo requests at a high rate and from large range of random source IPs, or as if they are the IP address of the … [Read more...] about What is a Ping Flood?
What is an HTTP Flood?
In a HTTP Flood, attackers send vast numbers of legitimate HTTP requests to a server. The request can either be “GET” or “POST”. The goal of this kind of DDoS attack is to force the server to allocate so many of its resources to serving the attack … [Read more...] about What is an HTTP Flood?
What is a SYN-ACK Flood?
SYN floods can take various forms, most of which do not seriously affect the attacked system. However, one of the most potentially damaging types of SYN floods is the SYN-ACK flood, in which the client address refers to a system that does not … [Read more...] about What is a SYN-ACK Flood?
What are Zero-Day DDoS Attacks?
Zero-day DDoS attacks are known as such because they take place when a threat actor exploits a zero-day vulnerability. A zero-day vulnerability is an application or system flaw usually within new software that was unknown to the vendor and security … [Read more...] about What are Zero-Day DDoS Attacks?
What is DNS Amplification?
A Domain Name Server (DNS) Amplification Attack is a Distributed Denial of Service (DDoS) attack in which the attacker exploits vulnerabilities in publicly accessible DNS servers to turn initially small queries into much larger payloads, which are … [Read more...] about What is DNS Amplification?
What is a DDoS Attack?
A DDoS (distributed denial-of-service) attack is when someone uses multiple computers to perform a denial-of-service attack (DoS). Both DoS and DDoS attacks work by overwhelming the target or its infrastructure with a large volume or “flood” of … [Read more...] about What is a DDoS Attack?