attack

Oracle on Monday announced it is buying Dyn, a Web traffic management firm recently hit with a cyber attack that closed off the internet to millions of users.

Business software and hardware titan Oracle did not disclose financial terms of the deal to acquire US-based Dynamic Network Services Inc, or Dyn.

Oracle planned to enhance its own offerings with Dyn's expertise in monitoring, controlling, and optimizing cloud-based internet applications and managing online traffic.

"Dyn's immensely scalable and global DNS is a critical core component and a natural extension to our cloud computing platform," Oracle product development president Thomas Kurian said in a release.

Dyn was the target of cyber attacks that pounded the underpinnings of the internet in October, crippling Twitter, Netflix and other major websites with the help of once-dumb devices made smart with online connections.

The onslaught incapacitated a crucial piece of internet infrastructure, taking aim at a service entrusted to guide online traffic to the right places by turning website names people know into addresses computers understand.

The hacker was probably a disgruntled gamer, an expert whose company closely monitored the attack said last week.

Dale Drew, chief security officer for Level 3 Communications, which mapped out how the October 21 attack took place, told a Congressional panel that the person had rented time on a botnet -- a network of web-connected machines that can be manipulated with malware -- to level the attack.

Using a powerful malicious program known as Mirai, the attacker harnessed some 150,000 "Internet of Things" (IoT) devices such as cameras, lightbulbs and appliances to overwhelm Dyn systems, according to Drew.

Dyn has more than 3,500 customers including Netflix, Twitter, and CNBC, making tens of billions of online traffic optimizing decisions daily, according to Oracle.

view counter

© AFP 2016

Tags:


SecurityWeek RSS Feed

Vulnerable: Oracle VM VirtualBox 5.0.26
Oracle VM VirtualBox 5.0.22
Oracle VM VirtualBox 5.0.16
Oracle VM VirtualBox 5.0.14
Oracle VM VirtualBox 5.0.13
Oracle VM VirtualBox 5.0.12
Oracle VM VirtualBox 5.0.11
Oracle VM VirtualBox 5.0.10
Oracle VM VirtualBox 5.0.9
Oracle VM VirtualBox 5.0.8
Oracle VM VirtualBox 5.0.18
Oracle VM VirtualBox 5.0
Oracle Mysql 5.7.15
Oracle Mysql 5.7.14
Oracle Mysql 5.7.13
Oracle Mysql 5.7.12
Oracle Mysql 5.7.9
Oracle Mysql 5.7.8
Oracle Mysql 5.7.7
Oracle Mysql 5.7.6
Oracle Mysql 5.7.5
Oracle Mysql 5.7.4
Oracle Mysql 5.7.3
Oracle Mysql 5.7.2
Oracle Mysql 5.6.33
Oracle Mysql 5.6.32
Oracle Mysql 5.6.31
Oracle Mysql 5.6.30
Oracle Mysql 5.6.28
Oracle Mysql 5.6.27
Oracle Mysql 5.6.26
Oracle Mysql 5.6.25
Oracle Mysql 5.6.24
Oracle Mysql 5.6.23
Oracle Mysql 5.6.22
Oracle Mysql 5.6.21
Oracle Mysql 5.6.17
Oracle Mysql 5.6.12
Oracle Mysql 5.6.11
Oracle Mysql 5.6.10
Oracle Mysql 5.6.9
Oracle Mysql 5.6.6
Oracle Mysql 5.6
Oracle Mysql 5.7.11
Oracle Mysql 5.7.10
Oracle Mysql 5.6.8
Oracle Mysql 5.6.7
Oracle Mysql 5.6.5
Oracle Mysql 5.6.4
Oracle Mysql 5.6.29
Oracle Mysql 5.6.20
Oracle Mysql 5.6.2
Oracle Mysql 5.6.19
Oracle Mysql 5.6.18
Oracle Mysql 5.6.16
Oracle Mysql 5.6.15
Oracle Mysql 5.6.14
Oracle Mysql 5.6.13
Oracle Enterprise Linux 5
OpenSSL Project OpenSSL 1.0.0h 0
OpenSSL Project OpenSSL 0.9.8u 0
OpenSSL Project OpenSSL 1.0.11
OpenSSL Project OpenSSL 1.0.2
OpenSSL Project OpenSSL 1.0
OpenSSL Project OpenSSL 0.9.8 k
OpenSSL Project OpenSSL 0.9.8 j
OpenSSL Project OpenSSL 0.9.8 i
OpenSSL Project OpenSSL 0.9.8 h
OpenSSL Project OpenSSL 0.9.8 e
OpenSSL Project OpenSSL 0.9.8 d
OpenSSL Project OpenSSL 0.9.8 c
OpenSSL Project OpenSSL 0.9.8 b
OpenSSL Project OpenSSL 0.9.8 a
OpenSSL Project OpenSSL 0.9.8
+ Gentoo Linux
OpenSSL Project OpenSSL 0.9.7 m
OpenSSL Project OpenSSL 0.9.7 l
OpenSSL Project OpenSSL 0.9.7 k
OpenSSL Project OpenSSL 0.9.7 j
OpenSSL Project OpenSSL 0.9.7 i
OpenSSL Project OpenSSL 0.9.7 h
OpenSSL Project OpenSSL 0.9.7 g
OpenSSL Project OpenSSL 0.9.7 f
OpenSSL Project OpenSSL 0.9.7 e
OpenSSL Project OpenSSL 0.9.7 d
OpenSSL Project OpenSSL 0.9.7 c
OpenSSL Project OpenSSL 0.9.7 b
OpenSSL Project OpenSSL 0.9.7 a
+ OpenPKG OpenPKG Current
OpenSSL Project OpenSSL 0.9.7
OpenSSL Project OpenSSL 0.9.6 m
OpenSSL Project OpenSSL 0.9.6 l
OpenSSL Project OpenSSL 0.9.6 k
OpenSSL Project OpenSSL 0.9.6 j
OpenSSL Project OpenSSL 0.9.6 i
OpenSSL Project OpenSSL 0.9.6 h
OpenSSL Project OpenSSL 0.9.6 g
OpenSSL Project OpenSSL 0.9.6 f
OpenSSL Project OpenSSL 0.9.6 e
OpenSSL Project OpenSSL 0.9.6 d
+ Slackware Linux 8.1
OpenSSL Project OpenSSL 0.9.6 c
OpenSSL Project OpenSSL 0.9.6 b
OpenSSL Project OpenSSL 0.9.6 a
+ NetBSD NetBSD 1.5.3
+ NetBSD NetBSD 1.5.2
+ NetBSD NetBSD 1.5.1
+ NetBSD NetBSD 1.5
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
OpenSSL Project OpenSSL 0.9.6
OpenSSL Project OpenSSL 0.9.5
OpenSSL Project OpenSSL 0.9.4
OpenSSL Project OpenSSL 0.9.3
OpenSSL Project OpenSSL 0.9.2 b
OpenSSL Project OpenSSL 0.9.1 c
OpenSSL Project OpenSSL 1.0.2h
OpenSSL Project OpenSSL 1.0.2g
OpenSSL Project OpenSSL 1.0.2f
OpenSSL Project OpenSSL 1.0.2e
OpenSSL Project OpenSSL 1.0.2d
OpenSSL Project OpenSSL 1.0.2c
OpenSSL Project OpenSSL 1.0.2b
OpenSSL Project OpenSSL 1.0.2a
OpenSSL Project OpenSSL 1.0.1t
OpenSSL Project OpenSSL 1.0.1s
OpenSSL Project OpenSSL 1.0.1r
OpenSSL Project OpenSSL 1.0.1q
OpenSSL Project OpenSSL 1.0.1p
OpenSSL Project OpenSSL 1.0.1o
OpenSSL Project OpenSSL 1.0.1n
OpenSSL Project OpenSSL 1.0.1m
OpenSSL Project OpenSSL 1.0.1l
OpenSSL Project OpenSSL 1.0.1k
OpenSSL Project OpenSSL 1.0.1j
OpenSSL Project OpenSSL 1.0.1i
OpenSSL Project OpenSSL 1.0.1h
OpenSSL Project OpenSSL 1.0.1g
OpenSSL Project OpenSSL 1.0.1f
OpenSSL Project OpenSSL 1.0.1e
OpenSSL Project OpenSSL 1.0.1d
OpenSSL Project OpenSSL 1.0.1c
OpenSSL Project OpenSSL 1.0.1b
OpenSSL Project OpenSSL 1.0.1a
OpenSSL Project OpenSSL 1.0.1
OpenSSL Project OpenSSL 1.0.0x
OpenSSL Project OpenSSL 1.0.0t
OpenSSL Project OpenSSL 1.0.0s
OpenSSL Project OpenSSL 1.0.0r
OpenSSL Project OpenSSL 1.0.0q
OpenSSL Project OpenSSL 1.0.0p
OpenSSL Project OpenSSL 1.0.0o
OpenSSL Project OpenSSL 1.0.0n
OpenSSL Project OpenSSL 1.0.0m
OpenSSL Project OpenSSL 1.0.0L
OpenSSL Project OpenSSL 1.0.0k
OpenSSL Project OpenSSL 1.0.0j
OpenSSL Project OpenSSL 1.0.0i
OpenSSL Project OpenSSL 1.0.0g
OpenSSL Project OpenSSL 1.0.0f
OpenSSL Project OpenSSL 1.0.0e
OpenSSL Project OpenSSL 1.0.0d
OpenSSL Project OpenSSL 1.0.0c
OpenSSL Project OpenSSL 1.0.0b
OpenSSL Project OpenSSL 1.0.0a
OpenSSL Project OpenSSL 0.9.8zh
OpenSSL Project OpenSSL 0.9.8zg
OpenSSL Project OpenSSL 0.9.8zf
OpenSSL Project OpenSSL 0.9.8ze
OpenSSL Project OpenSSL 0.9.8zd
OpenSSL Project OpenSSL 0.9.8zc
OpenSSL Project OpenSSL 0.9.8zb
OpenSSL Project OpenSSL 0.9.8za
OpenSSL Project OpenSSL 0.9.8y
OpenSSL Project OpenSSL 0.9.8X
OpenSSL Project OpenSSL 0.9.8w
OpenSSL Project OpenSSL 0.9.8t
OpenSSL Project OpenSSL 0.9.8s
OpenSSL Project OpenSSL 0.9.8R
OpenSSL Project OpenSSL 0.9.8Q
OpenSSL Project OpenSSL 0.9.8p
OpenSSL Project OpenSSL 0.9.8o
OpenSSL Project OpenSSL 0.9.8n
OpenSSL Project OpenSSL 0.9.8m
OpenSSL Project OpenSSL 0.9.8l
OpenSSL Project OpenSSL 0.9.8g
OpenSSL Project OpenSSL 0.9.8f
OpenSSL Project OpenSSL 0.9.8.
OpenSSL Project OpenSSL 0.9.8 f
OpenSSL Project OpenSSL 0.9.8v
IBM Sterling Connect:Express for UNIX 1.5.0.9
IBM Sterling Connect:Express for UNIX 1.5.0.13
IBM Sterling Connect:Express for UNIX 1.5.0.12
IBM Sterling Connect:Express for UNIX 1.5.0.11
IBM Sterling Connect:Express for UNIX 1.5.0
IBM Sterling Connect:Express for UNIX 1.4.6
IBM Sterling Connect:Express for UNIX 1.4
IBM SDK for Node.js 6.6.0.0
IBM SDK for Node.js 6.2.0.0
IBM SDK for Node.js 6.1.0.0
IBM SDK for Node.js 6.0.0.0
IBM SDK for Node.js 4.5.0.0
IBM SDK for Node.js 4.4.6.0
IBM SDK for Node.js 4.4.5.0
IBM SDK for Node.js 4.4.4.0
IBM SDK for Node.js 4.4.3.0
IBM SDK for Node.js 4.4.2.0
IBM SDK for Node.js 4.4.1.0
IBM SDK for Node.js 4.4.0.0
IBM SDK for Node.js 4.3.2.0
IBM SDK for Node.js 4.3.1.0
IBM SDK for Node.js 1.2.0.9
IBM SDK for Node.js 1.2.0.8
IBM SDK for Node.js 1.2.0.4
IBM SDK for Node.js 1.2.0.3
IBM SDK for Node.js 1.2.0.2
IBM SDK for Node.js 1.2.0.14
IBM SDK for Node.js 1.2.0.13
IBM SDK for Node.js 1.2.0.12
IBM SDK for Node.js 1.2.0.11
IBM SDK for Node.js 1.2.0.10
IBM SDK for Node.js 1.2.0.1
IBM SDK for Node.js 1.1.1.3
IBM SDK for Node.js 1.1.1.2
IBM SDK for Node.js 1.1.1.1
IBM SDK for Node.js 1.1.1.0
IBM SDK for Node.js 1.1.0.9
IBM SDK for Node.js 1.1.0.7
IBM SDK for Node.js 1.1.0.6
IBM SDK for Node.js 1.1.0.5
IBM SDK for Node.js 1.1.0.3
IBM SDK for Node.js 1.1.0.21
IBM SDK for Node.js 1.1.0.20
IBM SDK for Node.js 1.1.0.2
IBM SDK for Node.js 1.1.0.19
IBM SDK for Node.js 1.1.0.18
IBM SDK for Node.js 1.1.0.15
IBM SDK for Node.js 1.1.0.14
IBM SDK for Node.js 1.1.0.13
IBM SDK for Node.js 1.1.0.12
IBM SDK for Node.js 1.1
IBM Rational Application Developer for WebSphere Software 9.5
IBM Rational Application Developer for WebSphere Software 9.1
IBM i 7.3
IBM i 7.2
IBM i 7.1
IBM BigFix Remote Control 9.1.2
Cisco Wide Area Application Services (WAAS) 0
Cisco WebEx Node for MCS 0
Cisco WebEx Meetings Server - SSL Gateway 0
Cisco WebEx Meetings Server - Multimedia Platform (MMP) 0
Cisco WebEx Meetings Server 2.0
Cisco WebEx Meetings Server 1.0
Cisco WebEx Meetings for Windows Phone 8 0
Cisco WebEx Meetings for BlackBerry 0
Cisco WebEx Meetings for Android 0
Cisco WebEx Meetings Client - On-Premises 0
Cisco WebEx Meetings Client - Hosted 0
Cisco WebEx Meeting Center 0
Cisco WebEx Business Suite 0
Cisco Web Security Appliance (WSA) 0
Cisco Visual Quality Experience Tools Server 0
Cisco Visual Quality Experience Server 0
Cisco Virtualization Experience Media Edition 0
Cisco Virtual Security Gateway for Microsoft Hyper-V 0
Cisco Virtual Security Gateway 0
Cisco Videoscape Control Suite 0
Cisco Videoscape AnyRes Live 0
Cisco Video Surveillance PTZ IP Cameras 0
Cisco Video Surveillance Media Server 0
Cisco Video Surveillance 7000 Series IP Cameras 0
Cisco Video Surveillance 6000 Series IP Cameras 0
Cisco Video Surveillance 4300E and 4500E High-Definition IP Cameras 0
Cisco Video Surveillance 4000 Series High-Definition IP Cameras 0
Cisco Video Surveillance 3000 Series IP Cameras 0
Cisco Video Distribution Suite for Internet Streaming (VDS-IS/CDS-IS) 0
Cisco Universal Small Cell Iuh 0
Cisco Universal Small Cell CloudBase Factory Recovery Root Filesystem 2.99.4
Cisco Universal Small Cell CloudBase Factory Recovery Root Filesystem 0
Cisco Universal Small Cell 7000 Series 3.4.2.0
Cisco Universal Small Cell 5000 Series 3.4.2.0
Cisco Universal Small Cell 5000 Series 0
Cisco Unity Express 0
Cisco Unity Connection 0
Cisco Unified Workforce Optimization - Quality Management Solution 0
Cisco Unified Workforce Optimization 0
Cisco Unified Wireless IP Phone 0
Cisco Unified SIP Proxy Software 0
Cisco Unified SIP Proxy 0
Cisco Unified MeetingPlace 0
Cisco Unified IP 9971 Phone 0
Cisco Unified IP 9951 Phone 0
Cisco Unified IP 8961 Phone 0
Cisco Unified IP 8945 Phone 0
Cisco Unified IP 8831 Conference Phone for Third-Party Call Control 0
Cisco Unified IP 8831 Conference Phone 0
Cisco Unified IP 7900 Series Phones 0
Cisco Unified IP 6945 Phone 0
Cisco Unified IP 6901 Phone 0
Cisco Unified Intelligent Contact Management Enterprise 0
Cisco Unified Intelligence Center 0
Cisco Unified Contact Center Express 0
Cisco Unified Contact Center Enterprise - Live Data server 0
Cisco Unified Contact Center Enterprise 0
Cisco Unified Communications Manager Session Management Edition 0
Cisco Unified Communications Manager IM & Presence Service (formerly C 0
Cisco Unified Communications Manager (CUCM) 0
Cisco Unified Communications Domain Manager 0
Cisco Unified Attendant Console Standard 0
Cisco Unified Attendant Console Premium Edition 0
Cisco Unified Attendant Console Enterprise Edition 0
Cisco Unified Attendant Console Department Edition 0
Cisco Unified Attendant Console Business Edition 0
Cisco Unified Attendant Console Advanced 0
Cisco Unified Attendant Console 0
Cisco UCS Standalone C-Series Rack Server - Integrated Management Cont 0
Cisco UCS Manager 0
Cisco UCS Director 0
Cisco UCS Central Software 0
Cisco UCS B-Series Blade Servers 0
Cisco UCS 6200 Series and 6300 Series Fabric Interconnects 0
Cisco UC Integration for Microsoft Lync 0
Cisco TelePresence Video Communication Server (VCS) 0
Cisco TelePresence TX9000 Series 0
Cisco TelePresence System TX1310 0
Cisco TelePresence System EX Series 0
Cisco TelePresence System 500-37 0
Cisco TelePresence System 500-32 0
Cisco TelePresence System 3000 Series 0
Cisco Telepresence System 3000 0
Cisco TelePresence System 1300 0
Cisco TelePresence System 1100 0
Cisco TelePresence System 1000 0
Cisco TelePresence System TX9000
Cisco TelePresence System 500-37
Cisco TelePresence System 500-32
Cisco TelePresence System 1100
Cisco TelePresence SX Series 0
Cisco TelePresence Supervisor MSE 8050 0
Cisco TelePresence Server on Virtual Machine 0
Cisco TelePresence Server on Multiparty Media 820 0
Cisco TelePresence Server on Multiparty Media 310 and 320 0
Cisco TelePresence Server 7010 and MSE 8710 0
Cisco TelePresence Serial Gateway Series 0
Cisco TelePresence Profile Series 0
Cisco TelePresence MX Series 0
Cisco TelePresence MCU 0
Cisco TelePresence ISDN Link 0
Cisco TelePresence ISDN Gateway MSE 8321 0
Cisco TelePresence ISDN Gateway 3241 0
Cisco TelePresence Integrator C Series 0
Cisco TelePresence Content Server 0
Cisco TelePresence Conductor 0
Cisco TAPI Service Provider (TSP) 0
Cisco Tandberg Codian MSE 8320 0
Cisco Tandberg Codian ISDN Gateway 0
Cisco StealthWatch UDP Director (formerly Flow Replicator) 0
Cisco StealthWatch UDP Director 0
Cisco StealthWatch Management Console (SMC) 0
Cisco StealthWatch IDentity 0
Cisco StealthWatch FlowCollector sFlow 0
Cisco StealthWatch FlowCollector NetFlow 0
Cisco SPA525G 5-Line IP Phone 0
Cisco SPA51x IP Phones 0
Cisco SPA232D Multi-Line DECT Analog Telephone Adapter (ATA) 0
Cisco SPA122 Analog Telephone Adapter (ATA) with Router 0
Cisco SPA112 2-Port Phone Adapter 0
Cisco SocialMiner 0
Cisco Smart Net Total Care - Local Collector appliance 0
Cisco Smart Care 0
Cisco Small Business SPA500 Series IP Phones 0
Cisco Small Business SPA300 Series IP Phones 0
Cisco Small Business 300 Series (Sx300) Managed Switches 0
Cisco Small Business 300 Series 0
Cisco Show and Share 0
Cisco Services Provisioning Platform 0
Cisco Security Manager 0
Cisco Secure Access Control System (ACS) 0
Cisco Registered Envelope Service 0
Cisco Proactive Network Operations Center 0
Cisco Prime Performance Manager 0
Cisco Prime Optical for Service Providers 0
Cisco Prime Optical 0
Cisco Prime Network Services Controller 0
Cisco Prime Network 0
Cisco Prime License Manager 0
Cisco Prime LAN Management Solution 0
Cisco Prime IP Express 0
Cisco Prime Infrastructure Plug and Play Standalone Gateway 0
Cisco Prime Data Center Network Manager -
Cisco Prime Collaboration Provisioning 0
Cisco Prime Collaboration Deployment 0
Cisco Prime Collaboration Assurance 0
Cisco Prime Access Registrar 0
Cisco Physical Access Gateways 0
Cisco Partner Support Service 1.0
Cisco Paging Server (Informacast) 0
Cisco Paging Server 0
Cisco Packaged Contact Center Enterprise 0
Cisco ONS 15454 Series Multiservice Provisioning Platforms 0
Cisco OnePK All-in-One VM 0
Cisco onePK All-in-One Virtual Machine 0
Cisco One Portal 0
Cisco Nexus 9000 Series Switches - Standalone NX-OS mode 0
Cisco Nexus 9000 Series Fabric Switches - ACI mode 0
Cisco Nexus 7000 Series Switches 0
Cisco Nexus 6000 Series Switches 0
Cisco Nexus 5000 Series Switches 0
Cisco Nexus 4000 Series Blade Switches 0
Cisco Nexus 3000 Series Switches 0
Cisco Nexus 1000V Series Switches 0
Cisco Nexus 1000V InterCloud for VMware 0
Cisco Nexus 1000V InterCloud 0
Cisco Network Performance Analysis 0
Cisco Network Analysis Module 0
Cisco NetFlow Generation Appliance 0
Cisco NAC Guest Server 0
Cisco NAC Appliance - Clean Access Server 0
Cisco NAC Appliance - Clean Access Manager 0
Cisco MXE 3500 Series Media Experience Engines 0
Cisco Multicast Manager 0
Cisco Mobility Services Engine 0
Cisco MediaSense 0
Cisco Media Services Interface 0
Cisco MDS 9000 Series Multilayer Switches 0
Cisco Management Appliance 0
Cisco Lancope Stealthwatch FlowCollector sFlow 0
Cisco Lancope Stealthwatch FlowCollector NetFlow 0
Cisco Jabber Software Development Kit 0
Cisco Jabber Guest 0
Cisco Jabber for Windows 0
Cisco Jabber for Mac 0
Cisco Jabber for iPhone and iPad 0
Cisco Jabber for Android 0
Cisco Jabber Client Framework (JCF) Components 0
Cisco Jabber 0
Cisco IronPort Email Security Appliance 0
Cisco IP Interoperability and Collaboration System (IPICS) 0
Cisco IP 8800 Series Phones - VPN feature 0
Cisco IP 7800 Series Phones 0
Cisco IOS XR Software 0
Cisco Intrusion Prevention System (IPS) Solutions 0
Cisco InTracer 0
Cisco Intelligent Automation for Cloud 0
Cisco Identity Services Engine 0
Cisco Hosted Collaboration Mediation Fulfillment 0
Cisco FireSIGHT System Software 0
Cisco Expressway series 0
Cisco Enterprise Content Delivery System (ECDS) 0
Cisco Emergency Responder 0
Cisco Emergency Responder
Cisco Email Security Appliance (ESA) 0
Cisco Edge 340 Digital Media Player 0
Cisco Edge 300 Digital Media Player 0
Cisco DX Series IP Phones 0
Cisco Content Security Management Appliance (SMA) 0
Cisco Content Security Management Appliance 0
Cisco Content Security Appliance Update Servers 0
Cisco Connected Grid Routers 0
Cisco Connected Analytics For Collaboration 0
Cisco Configuration Professional 0
Cisco Computer Telephony Integration Object Server (CTIOS) 0
Cisco Common Services Platform Collector 0
Cisco Cloupia Unified Infrastructure Controller 0
Cisco Cloud Web Security (CWS) 0
Cisco Cloud Web Security 0
Cisco Cloud Object Storage 0
Cisco Clean Access Manager 0
Cisco Broadband Access Center Telco and Wireless 0
Cisco ATA 190 Series Analog Terminal Adaptors 0
Cisco ATA 187 Analog Telephone Adaptor 0
Cisco ASR 5000 Series 0
Cisco ASA Next-Generation Firewall Services 0
Cisco Application Policy Infrastructure Controller (APIC) 0
Cisco Application Networking Manager (ANM) 0
Cisco Application and Content Networking System (ACNS) 0
Cisco AnyConnect Secure Mobility Client for Windows 0
Cisco AnyConnect Secure Mobility Client for Mac OS X 0
Cisco AnyConnect Secure Mobility Client for Linux 0
Cisco AnyConnect Secure Mobility Client for iOS 0
Cisco AnyConnect Secure Mobility Client for desktop platforms 0
Cisco AnyConnect Secure Mobility Client for Android 0
Cisco AnyConnect Secure Mobility Client 0
Cisco Aironet 2700 Series Access Points 0
Cisco Agent for OpenFlow 0
Cisco Agent Desktop for Cisco Unified Contact Center Express 0
Cisco Agent Desktop
Cisco Adaptive Security Appliance (ASA) 0
Cisco ACE30 Application Control Engine Module 0
Cisco ACE 4710 Application Control Engine 0
Cisco 910 Industrial Router 0
Cisco 500 Series Stackable (Sx500) Managed Switches 0
Cisco 500 Series Stackable 0
Cisco 4400 Series Digital Media Players 0
Cisco 4300 Series Digital Media Players 0
Cisco 220 Series Smart Plus (Sx220) Switches 0
CentOS CentOS 7
Bluecoat X-Series XOS 9.7
Bluecoat X-Series XOS 11.0
Bluecoat X-Series XOS 10.0
Bluecoat SSL Visibility 3.9
Bluecoat SSL Visibility 3.8.4FC
Bluecoat PolicyCenter S-Series 1.1
Bluecoat PolicyCenter 9.2
Bluecoat PacketShaper S-Series 11.6
Bluecoat PacketShaper S-Series 11.5
Bluecoat PacketShaper S-Series 11.4
Bluecoat PacketShaper S-Series 11.3
Bluecoat PacketShaper S-Series 11.2
Bluecoat PacketShaper 9.2
Bluecoat Norman Shark SCADA Protection 5.3
Bluecoat Norman Shark Network Protection 5.3
Bluecoat Norman Shark Industrial Control System Protection 5.3
Bluecoat Management Center 1.7
Bluecoat Malware Analysis Appliance 4.2


SecurityFocus Vulnerabilities

blog-prevent-ddos-attack_sqConsidering the magnitude of the recent DDoS attack on Dyn, that almost brought down the internet, all sysadmins must take action to prevent their devices from taking part in future attacks.

As many of you might have noticed, at least from the news headlines, a few weeks ago there was a huge internet outage that impacted availability of dozens of major sites, including popular ones like Twitter, Reddit, CNN, the Guardian, and many others. This was a result from a devastatingly simple attack on one of the main providers of core services underpinning of the Internet.

Dyn, one of the major providers of DNS services on the Internet, with customers ranging from end users to some of the most recognizable names on the web, experienced what may prove to be the largest Distributed Denial of Service (DDoS) attack in history, with a reported attack strength of 1.2Tbps. While Dyn was the target, potentially millions of people were victims. Unfortunately, many of those victims were also unwitting accomplices in the attack.

I called the attack simple, because at its heart, a DDoS attack is simple. To execute such a Denial of Service attack, you simply need to overwhelm the target with so many requests that it is unable to service valid ones. When the target has more computing resources than you can attack with, you need to leverage others in a distributed fashion, causing a DDoS. DDoS attacks are nothing new, but this particular one has several features that make it an historic event.

We all know how critical a high performing and responsive DNS is for all users of the Internet. By attacking one of the core providers of DNS services, the attack rendered dozens of marquee brands inaccessible, including Amazon, Netflix, PayPal, Spotify, and more, with an untold number of smaller sites. Odds are pretty good that many you use at least one of those companies on a regular basis, and if you are on the East Coast of the United States, you probably felt the impact of the first wave. There were as many as three coordinated attacks, with the second having more global impact and the third being successfully defended against.

Several different groups have either claimed responsibility, been accused, or at least didn’t deny allegations for responsibility, but we want to look at the participating nodes in the attack, rather than the mastermind who coordinated them. Because not only was the target new and high impact, but the method of attack was too. DDoS attacks are nothing new, but this attack leveraged the Mirai botnet, one of the many pieces of malware out there infecting untold numbers of systems. But in this case, based on the logs Dyn collected, we can tell that the number is at least 100,000 malicious nodes. The attack was compounded by legitimate DNS clients retrying their queries, and that number rose into the tens of millions.

What makes Mirai particularly unique is that it can compromise any number of devices, typically associated with the Internet of Things, to make them unwitting zombies and participants in a DDoS attack. Whether these are webcams, DVRs, programmable thermostats, temperature or light sensors, or any other IoT devices, they are all running a stripped down and optimized version of Linux which is built for simplicity of setup, not security. And when a user downloads an infected file and the Mirai malware executes, it scans the local network for devices it can recognize and attack, using known vulnerabilities and default passwords. Once it is in, that cool IoT device is now a zombie just waiting for orders to attack.

The scale of this attack, and the fact that it used devices we’re normally not taking care of, makes it a real wake-up call for IT administrators, but also for various IoT device users in general. Think not only about the flaws in your patch management strategy at work, but more about the complete lack of patch management strategies that exist at the homes of most, if not all your coworkers, friends, and family.

Do they run vulnerability scans regularly? Manage and deploy patches to all nodes under their control? Run web filtering software or setup home firewalls so compromised devices cannot hit the Internet directly? Of course not! And that’s why Mirai was able to leverage so many hosts in its DDoS. It grabbed the low hanging fruit that we have all ignored, and we’ve only seen the tip of the iceberg here.

While defending against a DDoS may be beyond the capabilities and capacities of many of us, we can at least ensure that we are not contributing to the problem, so here’s a list of things all of us can do to help.

Everyone, even at home, can do these first two:

  • Ensure we keep all our devices; computers, mobile devices, tablets, network hardware, IoT devices, and anything else that is network capable, patched and up to date;
  • ALWAYS change the default passwords on EVERY device that has a network connection, even when it is a home use device on an internal network;

And at work, you can do even more:

  • Set up outbound egress filters at work to ensure that only devices which need to directly connect to the Internet can do so;
  • If you provide DNS services internally, then no other devices but your DNS servers should need to directly make DNS queries to external servers;
  • Web filtering is great way to protect users from downloading malware or executing malicious scripts, which is how Mirai started, and keeping an eye on your web traffic with tools such as GFI WebMonitor is also a good way to make sure your network is not taking part in anything shady;
  • End users don’t need to ping external hosts, but make sure your admins can, and that you allow ICMP internally;
  • Consider whether your end users really do need admin rights on their workstations, since there’s very little malware can do executing with regular user privileges;
  • Use vulnerability scanning software such as GFI LanGuard on all your systems regularly, to ensure you don’t have any vulnerable devices in the network you’re managing;
  • I mentioned it above, but for companies this is much more important: use patch management software to keep all your systems are up to date, for both operating system and third party application needs.

Keep in mind that while Mirai took out Dyn for hours by leveraging vulnerable devices with default configurations, it first got to those devices as malware executed on unguarded and unpatched workstations. With hundreds of thousands of systems hammering Dyn, most of us probably felt the impact of that attack, but never thought that we could be a part of the attack.

So, it’s in all of our best interests to help make sure we’re not a part of the problem, by patching everything that needs to be patched, and by preventing our devices from becoming an integral part of such attacks. Next time you angrily dismiss a Windows Update notification, remember these words.

You may also like:

  • IT automation comes to the rescue for sysadmins
  • Microsoft Patch Tuesday has changed and now all patches are…
  • Ransomware FUD strikes again, this time against Office 365


GFI Blog

A new Bitglass report on insider threats in the enterprise found that, in a third of organizations surveyed, careless or malicious user behavior resulted in data leakage, up slightly from a year ago. 56 percent of respondents believe insider leaks have become more frequent in the last year.

insider attack

“Adoption of cloud and BYOD are positive developments, but organizations that have limited cross-app visibility will struggle to detect anomalous behavior and need to rethink their approach to data security,” said Nat Kausik, CEO, Bitglass. “The reality is that cloud apps have made data more readily accessible and insider threats more likely – it’s up to the enterprise to put adequate data controls and policies in place to secure vital data.”

Bitglass found that 64 percent of enterprises can detect a breach within a week, up significantly from 42 percent a year ago. Only 23 percent take a month or longer to identify insider breaches, which indicates growing use of cloud-based audit and security tools. Respondents identified analytics as critical in detecting anomalous behavior.

Employee training (57 percent) and identity management solutions (52 percent) topped the list of best means for preventing insider attacks. Data leakage prevention was also included among the most effective tools in 49 percent of organizations.

insider attack

Key findings

  • One in three organizations surveyed have experienced an insider attack in the last year, while 74 percent feel vulnerable to insider threats.
  • Seventy-one percent of cybersecurity professionals are most concerned with inadvertent leaks that are the result of risky unsanctioned app usage, unintended external sharing and unsecured mobile devices. Negligence (68 percent) and malicious insiders (61 percent) were also of concern to respondents.
  • Privileged users, more than any other user group, were seen as posing the greatest security risk by 60 percent of organizations.
  • Cloud and mobile are forcing IT to rethink detection and prevention. Cybersecurity professionals agree that lack of employee training (62 percent), insufficient data protection solutions (57 percent), more devices with access to sensitive data (54 percent) and more data leaving the network perimeter (48 percent) are at the core of many insider leaks.
  • A third of organizations do not have any analytics solutions in place to detect insider threats. Fifty-six percent use some kind of analytics solution to address anomalous behavior, but only 15 percent have user behavior analytics in place.
  • Collaboration tools (44 percent) and cloud storage apps (39 percent) were perceived to be most vulnerable to insider threats, as careless users are easily able to share data externally or lose a mobile device that contains sensitive information.


Help Net Security

Security blogger Krebs says IoT DDoS attack was payback for a blog Credit: Thinkstock/Stephen Sauer

Security blogger Brian Krebs says a massive distributed denial-of-service attack that took down his website last week was likely the consequences for his outing of two Israelis who ran a DDoS-for-hire business.

The pair, whom he identifies as Itay Huri and Yarden Bidani, both 18, were arrested in Israel at the request of the FBI six days after Krebs posted his blog and are now under house arrest.

[ An InfoWorld exclusive: Go inside a security operations center. | Discover how to secure your systems with InfoWorld's Security newsletter. ]

He thinks this blog posted Sept. 16 irked them or their confederates to retaliate with the attack against Krebs' site using a botnet of hundreds of thousands or perhaps a million hijacked internet of things devices, mainly cameras, routers, and DVRs.

He says the attack include the text string "freeapplej4ck," an apparent reference to one of the two arrested Israelis who goes by the hacker name Applej4ck.

Huri and Bidani ran vDOS, a business that sold subscriptions to a DDoS attack platform for between $ 20 and $ 200 per month.

If Krebs' suspicions are true, it means that malicious actors with relatively modest means can summon up giant botnets comprised of IoT devices and deliver unheard of volumes of DDoS traffic.

+More on Network World: The IoT is uranium+

A similar attack against the French hosting provider OVH topped out at 1.5TBps using an army of bots. "This botnet with 145607 cameras/dvr (1-30Mbps per IP) is able to send >1.5Tbps DDoS," according to a tweet by Octave Klaba, the founder of OVH.

The attacks are apparently continuing, Klaba tweeted today: "+6857 new cameras participated in the DDoS last 48H."

bruce schneierWikipedia

Bruce Schneier

Earlier this month, security expert Bruce Schneier warned in a blog that unknown parties seem to be systematically testing how resilient key internet infrastructure is to DDoS attacks. He says his information comes from companies that provide the infrastructure, but that he couldn't name because they spoke to him under conditions of anonymity.

The attacks seem carefully measured to reach a certain volume of traffic, then stop. Later, they resume at the same level of intensity and gradually increase, which is indicative of attempts to quantify just what it would take to break each victim's network, Schneier says.

The unknown attackers throw different types of attacks against the networks they are testing, he says, to evaluate what tools the victims have and how effective they are.

He says he doesn't know who is behind these probing attacks, but speculates it is a nation and a large one at that, but probably not an activist or researcher or even criminals. He mentions Russia and China.

"It feels like a nation's military cybercommand trying to calibrate its weaponry in the case of cyberwar. It reminds me of the US's Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities," Schneier writes.

This story, "Security blogger Krebs says IoT DDoS attack was payback for a blog" was originally published by Network World.

Securing the internet of things should become a major priority now that an army of compromised devices – perhaps 1 million strong - has swamped one of the industry’s top distributed denial-of-service protection services.

A giant botnet made up of hijacked internet-connected things like cameras, lightbulbs, and thermostats has launched the largest DDoS attack ever against a top security blogger, an attack so big Akamai had to cancel his account because defending it ate up too many resources.

[ An InfoWorld exclusive: Go inside a security operations center. | Discover how to secure your systems with InfoWorld's Security newsletter. ]

It wasn’t that Akamai couldn’t mitigate the attack – it did so for three days – but doing so became too costly, so the company made a business decision to cut the affected customer loose, says Andy Ellis the company’s chief security officer.

+ MORE: Homeland Security issues call to action on Internet of Things security +

The delivery network has dropped protection for the Krebs on Security blog written by Brian Krebs after an attack delivering 665Gbps of traffic overwhelmed his site Tuesday. The size of the attack was nearly double that of any Akamai had seen before.

An IoT botnet generating this much traffic is a bellwether event that Ellis says will take some time to analyze to come up with more efficient mitigation tools.

Its impact is similar to the 2010 attacks by Anonymous using the open source, low-orbit ion cannon tool, or the 2014 DDoS attacks launched from compromised Joomla and WordPress servers, he says.

The lesson for enterprises is that the DDoS protections they have in place need to be tweaked to handle higher attack volumes, he says.

IoT exploited

The massive Krebs on Security assault is the work of a botnet made up primarily of internet of things devices, according to Akamai. So many devices were used, in fact, that the attacker didn’t have to employ common tactics that amplify the impact of individual devices, Ellis says.

The number of machines in the latest botnet is still unknown, and could be as large as a million. “We’re still trying to size it,” he says. “We think that might be an overestimate but it’s also possible that will be a real estimate once we get into the numbers.”

With estimates of 21 billion IoT devices by 2020, the scale of botnets that might be created by these relatively unprotected machines could be enormous, says Dave Lewis, a global security advocate for Akamai who spoke Thursday at the Security of Things Forum in Cambridge, Mass.

INSIDER: 5 ways to prepare for Internet of Things security threats

“What if an attacker injects code into devices to create a Fitbit botnet?” he says. Researchers have already shown it’s possible to wirelessly load malware onto a Fitbit in less than 10 seconds, he says, so the possibility isn’t fantastic.

Some of the attacking machines are running clients known to run on cameras, he says. “It’s possible they are faking it or it’s possible it’s a camera that was doing these attacks,” he says. “There are indicators that there are IoT devices here, at scale”

The attack didn’t use reflection or amplification, so all the traffic consisted of legitimate http requests to overwhelm Krebs’s site, Ellis says. “It’s not junk traffic.”

A lot of things about the attack are still unknown such as who’s behind it and what method the botmasters used to infect the individual bots.

Ellis says some other providers Akamai had contacted report similar but smaller attacks likely from the same botnet. Many of them were aimed toward gaming sites, and Krebs has written about such attacks, so there may be a connection there, he says.

krebsTwitter

Akamai will analyze the attack and devise tools to fight similar attacks, Ellis says.

Krebs has tweeted about the attack after Akamai stopped protecting his site. “I can't really fault Akamai for their decision. I likely cost them a ton of money today,” he wrote. “So long everyone. It's been real.”

This story, "Largest DDoS attack ever delivered by botnet of hijacked IoT devices " was originally published by Network World.


InfoWorld Security

Pokémon GO Spam, Ransomware, On the Rise

August 17, 2016 , 12:58 pm

500 Million Yahoo Accounts Stolen By State-Sponsored Hackers

September 22, 2016 , 3:47 pm

Yahoo Reportedly to Confirm Breach of Hundreds of Millions of Credentials

September 22, 2016 , 12:31 pm

Experts Want Transparency From Government’s Vulnerabilities Equities Process

September 20, 2016 , 2:41 pm

Bruce Schneier on Probing Attacks Testing Core Internet Infrastructure

September 15, 2016 , 11:15 am

Generic OS X Malware Detection Method Explained

September 13, 2016 , 9:14 am

Patched Android Libutils Vulnerability Harkens Back to Stagefright

September 9, 2016 , 2:06 pm

Chrome to Label Some HTTP Sites ‘Not Secure’ in 2017

September 8, 2016 , 3:43 pm

Threatpost News Wrap, September 2, 2016

September 2, 2016 , 9:00 am

Insecure Redis Instances at Core of Attacks Against Linux Servers

September 1, 2016 , 1:08 pm

Dropbox Forces Password Reset for Older Users

August 29, 2016 , 9:58 am

Cisco Begins Patching Equation Group ASA Zero Day

August 24, 2016 , 5:53 pm

New Collision Attacks Against 3DES, Blowfish Allow for Cookie Decryption

August 24, 2016 , 8:00 am

Cisco Acknowledges ASA Zero Day Exposed by ShadowBrokers

August 17, 2016 , 4:06 pm

ProjectSauron APT On Par With Equation, Flame, Duqu

August 8, 2016 , 1:40 pm

Miller, Valasek Deliver Final Car Hacking Talk

August 4, 2016 , 3:26 pm

Researchers Go Inside a Business Email Compromise Scam

August 4, 2016 , 10:00 am

Export-Grade Crypto Patching Improves

August 3, 2016 , 10:00 am

Kaspersky Lab Launches Bug Bounty Program

August 2, 2016 , 9:00 am

Threatpost News Wrap, July 29, 2016

July 29, 2016 , 10:45 am

KeySniffer Vulnerability Opens Wireless Keyboards to Snooping

July 26, 2016 , 9:30 am

Upcoming Tor Design Battles Hidden Services Snooping

July 25, 2016 , 3:51 pm

EFF Files Lawsuit Challenging DMCA’s Restrictions on Security Researchers

July 21, 2016 , 1:18 pm

Oracle Patches Record 276 Vulnerabilities with July Critical Patch Update

July 20, 2016 , 9:21 am

Threatpost News Wrap, July 15, 2016

July 15, 2016 , 11:00 am

Academics Build Early-Warning Ransomware Detection System

July 14, 2016 , 1:05 pm

xDedic Hacked Server Market Resurfaces on Tor Domain

July 12, 2016 , 11:40 am

Conficker Used in New Wave of Hospital IoT Device Attacks

June 30, 2016 , 11:48 am

655,000 Healthcare Records Being Sold on Dark Web

June 28, 2016 , 10:00 am

Windows Zero Day Selling for $ 90,000

May 31, 2016 , 5:44 pm

Millions of Stolen MySpace, Tumblr Credentials Being Sold Online

May 31, 2016 , 1:37 pm

OTR Protocol Patched Against Remote Code Execution Flaw

March 10, 2016 , 10:23 am

New Gmail Alerts Warn of Unauthenticated Senders

August 11, 2016 , 2:10 pm

New Trojan SpyNote Installs Backdoor on Android Devices

July 29, 2016 , 12:21 pm

Keystroke Recognition Uses Wi-Fi Signals To Snoop

August 25, 2016 , 2:19 pm

Critical MySQL Vulnerability Disclosed

September 12, 2016 , 11:00 am

PLC-Blaster Worm Targets Industrial Control Systems

August 5, 2016 , 4:49 pm

Android Patch Fixes Nexus 5X Critical Vulnerability

September 2, 2016 , 12:49 pm

Browser Address Bar Spoofing Vulnerability Disclosed

August 17, 2016 , 12:54 pm


Threatpost | The first stop for security news

OVH, one of the world’s largest hosting companies, reported on Thursday that its systems were hit by distributed denial-of-service (DDoS) attacks that reached nearly one terabit per second (Tbps).

Octave Klaba, the founder and CTO of OVH, revealed on Twitter that the company detected a “lot of huge DDoS” in the past days. A screenshot posted by Klaba shows multiple attacks that exceed 100 Gbps, including simultaneous attacks that totaled nearly 1 Tbps. The largest single attack recorded by OVH peaked at 799 Gbps and 93 MMps.

This is not the only major DDoS attack reported in recent days. Earlier this week, investigative cybercrime journalist Brian Krebs said his blog, KrebsOnSecurity.com, had been targeted in an attack that peaked at 665 Gbps. While it hasn’t been confirmed, some evidence suggests that the attack was carried out in retaliation to a recent blog post exposing the operators of a booter service called vDOS.

The attack was mitigated by Akamai, but the attackers did not give up and Krebs said the company decided to stop providing DDoS protection services. As a result, the journalist has taken his website offline until he finds a new provider.

He pointed out that Akamai had been providing service at no cost. Before this attack, the largest DDoS attack mitigated by the company measured only 336 Gbps.

CloudFlare is confident it can help and it has already offered its services to Krebs. The company’s founder and CEO, Matthew Prince, said they had seen this type of attack before.

Krebs said the attack on his website appears to have been powered almost exclusively by a very large botnet of compromised IoT devices, such as webcams and routers, and no amplification has been used. The expert suggested the same “cannon” has also been tested against OVH and other organizations.

Before the attack that hit Krebs’ website, the largest reported attack, launched by anti-ISIS hackers against BBC websites, peaked at 600 Gbps. However, the magnitude of the attack could not be confirmed.

The largest DDoS attacks recently confirmed by security firms reached 500 Gbps (Arbor Networks) and 470 Gbps (Imperva Incapsula).

Related Reading: "Armada Collective" DDoS Threats Strike Again

Related Reading: Record Number of 100+ Gbps DDoS Attacks Hit in Q1 2016

view counter

Previous Columns by Eduard Kovacs:

Tags:


SecurityWeek RSS Feed

Investigative cybercrime journalist Brian Krebs reported on Tuesday that his website, KrebsOnSecurity.com, was hit by a massive distributed denial-of-service (DDoS) attack that could be the largest in history.

According to Krebs, his site was targeted with various types of DDoS attacks, including SYN and HTTP floods. The attack peaked at 665 Gbps and 143 Mpps (million packets per second), but it was successfully mitigated by Akamai, the company that provides DDoS protection services for KrebsOnSecurity.

Krebs believes that the botnet used to target his blog mostly consists of Internet of Things (IoT) devices, such as webcams and routers, that have default or weak credentials.

Akamai told Krebs that this attack was nearly twice the size of the largest attack they had previously encountered. It’s worth noting that Arbor Networks reported in January that some of its customers had been hit by attacks that peaked at 500, 450 and 425 Gbps.

In January, a group of anti-ISIS hackers claimed to have launched DDoS attacks on BBC websites that peaked at 600 Gbps, but some experts questioned their claims.

As for Brian Krebs, it’s not unusual for the journalist to be targeted by the cybercriminals he is trying to expose. Earlier this month, he reported being hit by a 140 Gbps DDoS attack after exposing two Israeli individuals allegedly responsible for operating a booter service called vDOS.

Just before the latest attack, Krebs detailed the activities of a DDoS mitigation firm called BackConnect, which he discovered has a history of BGP hijacks and ties to questionable individuals.

DDoS attacks are the least of Krebs’ worries. In the past, he was a victim of swatting and had drugs sent to his home by the individuals he had been investigating. On Wednesday, in addition to DDoS attacks, the blogger said the attackers had been trying to flood his Skype account with requests and his email inbox with subscriptions.

Related Reading: "Armada Collective" DDoS Threats Strike Again

Related Reading: Record Number of 100+ Gbps DDoS Attacks Hit in Q1 2016

view counter

Previous Columns by Eduard Kovacs:

Tags:


SecurityWeek RSS Feed

Pokémon GO Spam, Ransomware, On the Rise

August 17, 2016 , 12:58 pm

Bruce Schneier on Probing Attacks Testing Core Internet Infrastructure

September 15, 2016 , 11:15 am

Generic OS X Malware Detection Method Explained

September 13, 2016 , 9:14 am

Patched Android Libutils Vulnerability Harkens Back to Stagefright

September 9, 2016 , 2:06 pm

Chrome to Label Some HTTP Sites ‘Not Secure’ in 2017

September 8, 2016 , 3:43 pm

Threatpost News Wrap, September 2, 2016

September 2, 2016 , 9:00 am

Insecure Redis Instances at Core of Attacks Against Linux Servers

September 1, 2016 , 1:08 pm

Dropbox Forces Password Reset for Older Users

August 29, 2016 , 9:58 am

Cisco Begins Patching Equation Group ASA Zero Day

August 24, 2016 , 5:53 pm

New Collision Attacks Against 3DES, Blowfish Allow for Cookie Decryption

August 24, 2016 , 8:00 am

Cisco Acknowledges ASA Zero Day Exposed by ShadowBrokers

August 17, 2016 , 4:06 pm

ProjectSauron APT On Par With Equation, Flame, Duqu

August 8, 2016 , 1:40 pm

Miller, Valasek Deliver Final Car Hacking Talk

August 4, 2016 , 3:26 pm

Researchers Go Inside a Business Email Compromise Scam

August 4, 2016 , 10:00 am

Export-Grade Crypto Patching Improves

August 3, 2016 , 10:00 am

Kaspersky Lab Launches Bug Bounty Program

August 2, 2016 , 9:00 am

Threatpost News Wrap, July 29, 2016

July 29, 2016 , 10:45 am

KeySniffer Vulnerability Opens Wireless Keyboards to Snooping

July 26, 2016 , 9:30 am

Upcoming Tor Design Battles Hidden Services Snooping

July 25, 2016 , 3:51 pm

EFF Files Lawsuit Challenging DMCA’s Restrictions on Security Researchers

July 21, 2016 , 1:18 pm

Oracle Patches Record 276 Vulnerabilities with July Critical Patch Update

July 20, 2016 , 9:21 am

Threatpost News Wrap, July 15, 2016

July 15, 2016 , 11:00 am

Academics Build Early-Warning Ransomware Detection System

July 14, 2016 , 1:05 pm

xDedic Hacked Server Market Resurfaces on Tor Domain

July 12, 2016 , 11:40 am

Conficker Used in New Wave of Hospital IoT Device Attacks

June 30, 2016 , 11:48 am

655,000 Healthcare Records Being Sold on Dark Web

June 28, 2016 , 10:00 am

Windows Zero Day Selling for $ 90,000

May 31, 2016 , 5:44 pm

Millions of Stolen MySpace, Tumblr Credentials Being Sold Online

May 31, 2016 , 1:37 pm

OTR Protocol Patched Against Remote Code Execution Flaw

March 10, 2016 , 10:23 am

IoT Insecurity: Pinpointing the Problems

July 21, 2016 , 7:00 am

BASHLITE Family Of Malware Infects 1 Million IoT Devices

August 30, 2016 , 3:29 pm

New Gmail Alerts Warn of Unauthenticated Senders

August 11, 2016 , 2:10 pm

New Trojan SpyNote Installs Backdoor on Android Devices

July 29, 2016 , 12:21 pm

Keystroke Recognition Uses Wi-Fi Signals To Snoop

August 25, 2016 , 2:19 pm

PLC-Blaster Worm Targets Industrial Control Systems

August 5, 2016 , 4:49 pm

Android Patch Fixes Nexus 5X Critical Vulnerability

September 2, 2016 , 12:49 pm


Threatpost | The first stop for security news