Category Archives: Cyber Attacks

High bandwidth DDoS attacks are now common, researcher says

Distributed denial-of-service (DDoS) attacks with an average bandwidth of over 20Gbps have become commonplace this year, according to researchers from from DDoS mitigation vendor Prolexic.

Last year such high-bandwidth attacks were isolated incidents, but attacks that exceed 20Gbps in bandwidth occur frequently now, Prolexic’s president Stuart Scholly said Tuesday. Continue reading High bandwidth DDoS attacks are now common, researcher says

Are you are a world class cryptographer? Kaspersky Looks for Help Deciphering Gauss Malware

Gauss PayloadResearchers at Kaspersky Lab are asking for help peeling back the layers covering a mysterious payload of the Gauss malware.

Speculated to be linked to Flame, Gauss was revealed last week to be the latest piece of cyber-espionage malware targeting the Middle East. Primarily hitting users in Lebanon, Gauss steals data about the infected machine as well as information from browsers, such as the history of visited websites and user passwords. In addition, it targets financial information from clients of several Lebanese banks, as well as Citibank and PayPal – possibly making it the first publicly known state-sponsored banking Trojan, Kaspersky has said.  Continue reading Are you are a world class cryptographer? Kaspersky Looks for Help Deciphering Gauss Malware

Mass SQL Injections Spike Again

Security researchers have reported spikes in mass SQL injection attacks of late that take advantage of very common vulnerabilities in the way that Web applications interact with back-end databases. Particularly targeting ASP, ASP.Net, and MS-SQL sites, these mass SQL injection campaigns have been linked to black hat efforts to redirect victims to browser exploit kits like Blackhole or Phoenix. Continue reading Mass SQL Injections Spike Again

20 Critical Security Controls

Twenty Critical Security Controls for Effective Cyber Defense: Consensus Audit Guidelines

The Twenty Critical Security Controls have already begun to transform security in government agencies and other large enterprises by focusing their spending on the key controls that block known attacks and find the ones that get through. With the change in FISMA reporting implemented on June 1, the 20 Critical Controls become the centerpiece of effective security programs across government These controls allow those responsible for compliance and those responsible for security to agree, for the first time, on what needs to be done to make systems safer. No development in security is having a more profound and far reaching impact. Continue reading 20 Critical Security Controls

Slowing time as a way to counter cyberattacks

Researchers offer a new way to deal with cyberattacks on critical infrastructure like power and water utilities and banking networks: slow down Internet traffic, including the malicious code, when an attack is suspected; this would allow networks time to deal with the attacks

One of the striking special effects in the film The Matrix occurs during the scene in which Keanu Reeves’ character Neo, sways and bends to dodge bullets as time appears to slow to a crawl. Now, that scene has inspired researchers to develop a way to deal with cyberattacks on critical infrastructure, like power and water utilities and banking networks. Continue reading Slowing time as a way to counter cyberattacks

New anti-bot code of conduct approved by FCC

An industry advisory group wants U.S.-based internet service providers (ISPs) to adopt a “code of conduct” for weeding out botnet infections.

Made up of more than 50 experts, the Communications, Security, Reliability and Interoperability Council (CSRIC), which reports to the Federal Communications Commission, drafted the code that gives ISPs a voluntarily blueprint to follow to address compromised computers belonging to their customers. Continue reading New anti-bot code of conduct approved by FCC