Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
DDoS Attack Bandwidth Jumps 718%
Newest First  |  Oldest First  |  Threaded View
Guest
50%
50%
Guest,
User Rank: Apprentice
5/2/2013 | 9:23:10 PM
re: DDoS Attack Bandwidth Jumps 718%
Covering another press release like it's news. FUD.
Andrew Hornback
50%
50%
Andrew Hornback,
User Rank: Apprentice
4/18/2013 | 2:05:59 AM
re: DDoS Attack Bandwidth Jumps 718%
What about companies that do business with China? There are a few out there known to exist...

Andrew Hornback
InformationWeek Contributor
Andrew Hornback
50%
50%
Andrew Hornback,
User Rank: Apprentice
4/18/2013 | 2:05:24 AM
re: DDoS Attack Bandwidth Jumps 718%
48 Gbps on average? Wow, that's a lot of junk traffic.

It's interesting to see the attack vector changing though, from the end user with a badly configured PC getting infected by something nasty to going for systems that are sitting in data centers, presumably on large pipes.

That strategy makes alot of sense though, instead of an occasionally on Vista box that Aunt Flo uses to swap recipes with her cat lovers club on Facebook to a system that's always on, always available and most likely very loosely (if at all) monitored for performance.

Sounds like it's time to step up the traffic analysis here and possibly integrate a few feedback loops to keep the junk traffic from getting sent down the pipe in the first place.

Andrew Hornback
InformationWeek Contributor
DDURBIN1
50%
50%
DDURBIN1,
User Rank: Apprentice
4/17/2013 | 4:57:52 PM
re: DDoS Attack Bandwidth Jumps 718%
Time maybe to block China's access to USA internet but I'm sure US corporations will cry foul and get their way to keep it open.


5 Ways to Up Your Threat Management Game
Wayne Reynolds, Advisory CISO, Kudelski Security,  2/26/2020
Google Adds More Security Features Via Chronicle Division
Robert Lemos, Contributing Writer,  2/25/2020
Cybersecurity Industry: It's Time to Stop the Victim Blame Game
Jessica Smith, Senior Vice President, The Crypsis Group,  2/25/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9463
PUBLISHED: 2020-02-28
Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the server_ip field in JSON data in an api/internal.php?object=centreon_configuration_remote request.
CVE-2020-5247
PUBLISHED: 2020-02-28
In Puma (RubyGem) before 4.3.2 and 3.12.2, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This...
CVE-2020-9447
PUBLISHED: 2020-02-28
The file-upload feature in GwtUpload 1.0.3 allows XSS via a crafted filename.
CVE-2019-10064
PUBLISHED: 2020-02-28
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
CVE-2019-8741
PUBLISHED: 2020-02-28
A denial of service issue was addressed with improved input validation.