Blog Posts Tagged with "Denial of Service"
Senate Testimony: Cyber Security as a Strategic Concern
February 02, 2012 Added by:Headlines
Testimony offered before the Senate Select Committee on Intelligence included threats to cybersecurity, the third item addressed, signifying that intrusions by state-sponsored China and Russia and independent actors like Anonymous and Lulzsec continue to be a concern...
Comments (0)
Looking Back: A Review of Threats Faced in 2011
February 02, 2012 Added by:Simon Heron
There is a great deal that can be gleaned from customer systems. When statistics from many different organizations, of different sizes, from different industries, in different countries are analyzed, they provide a useful insight into the true nature of security threats...
Comments (0)
All Out Cyber War: Analysis of the Middle-Eastern Conflict
January 29, 2012 Added by:Rafal Los
You just can't avoid it, so I had to write it. The escalation of rhetoric has gone past media hype and has spilled over into mainstream politics, and now onto the lips of people who should really know better than to perpetuate some of this madness...
Comments (4)
US-CERT Warns of Denial-of-Service Malware Campaign
January 26, 2012 Added by:Headlines
US-CERT has received reports of attacks using malware-laden email attachments. The advisory comes one week after multiple DDoS attacks were launched against entertainment industry and US government websites by Anonymous supporters in an operation dubbed OpMegaupload...
Comments (0)
ICS-CERT: MICROSYS spol. s r.o. PROMOTIC Vulnerabilities
January 26, 2012 Added by:Headlines
The MICROSYS spol. s r.o. PROMOTIC vulnerabilities include directory traversal, ActiveX heap overflow, and ActiveX stack overflow vulnerabilities. Public exploits are known to target these vulnerabilities which may result in denial of service or data leakage...
Comments (0)
ICS-CERT: Ocean Data Systems Dream Report Vulnerabilities
January 25, 2012 Added by:Headlines
A XSS vulnerability exists in the Ocean Data Dream Report application due to the lack of server-side validation of query string parameter values. An attacker with a low skill level can create the XSS exploit. A write access violation vulnerability also exists in the application...
Comments (0)
Cyber Defense Weekly: Anonymous Attacks, Dutch Cyber Strategy
January 24, 2012 Added by:Cyber Defense Weekly
Each attacker only has so much time and energy. It's like trying to get a crowd at a stadium to do the wave. As soon as the pitcher winds up on the mound the wave peters out. What should you do if you are the target of an Anonymous DDoS attack? Just wait, they will go away...
Comments (0)
The Shifting Digital Sands of Online Jihad
January 21, 2012 Added by:Scot Terban
It seems that Anonymous has potentially sparked these guys to think like them and perhaps even use their tactics instead of continuing just to shake their fingers at us as they yell. This would be an interesting paradigm change in the global Salafi movement as well as the tactics of AQ...
Comments (0)
How to Avoid Being Miscast in a SOPA Opera
January 20, 2012 Added by:Kevin McAleavey
LOIC was originally written in C#, but a later variant was created in Javascript which permits it to be deployed from any internet connected device. LOIC and its JS variant are simple toys, but in the hands of enough people they can create a formidable DDOS attack on a site...
Comments (2)
ICS-CERT: General Electric D20ME PLC Vulnerability
January 20, 2012 Added by:Headlines
The GE D20ME PLC vulnerability is exploitable by utilizing TFTP connections to the controller. The report is based on information presented by Reid Wightman during Digital Bond’s SCADA Security Scientific Symposium without coordination with the vendor or ICS-CERT...
Comments (0)
Take That Israel! All Your SCADA's Are Belong to Us!
January 20, 2012 Added by:Scot Terban
The SCADA were not in default state for passwords, and in general did not seem to be important systems - like government or large power company hardware. Hell, for that matter, none were even water facilities, which I should think in a desert would be kinda important, no?
Comments (2)
DDoS Attacks Against Government and Entertainment Websites Escalate
January 19, 2012 Added by:Headlines
Multiple websites appear to be under DDoS attack, including the DoJ's http://justice.gov, the Recording Industry Association of America's http://riaa.com, and music publisher Universal Music's http://universalmusic.com...
Comments (0)
ICS-CERT: Certec EDV GmbH App DoS Vulnerability
January 19, 2012 Added by:Headlines
Independent researcher Luigi Auriemma has identified a denial of service (DoS) vulnerability in Certec EDV GmbH atvise application. Certec has produced an update that resolves this vulnerability. Mr. Auriemma validated that the update resolves the vulnerability...
Comments (0)
ICS-CERT: Open Automation Software OPC Systems Vulnerability
January 13, 2012 Added by:Headlines
Researcher Luigi Auriemma publicly reported a malformed packet vulnerability in Open Automation Software’s OPC Systems.NET. A malformed packet could be sent remotely to cause a denial of service. Public exploits are known to target this vulnerability...
Comments (0)
Adobe Releases Updates for Critical Vulnerabilities
January 12, 2012 Added by:Headlines
Adobe has released updates to mitigate critical vulnerabilities in the company's Adobe Reader and Acrobat products. The vulnerabilities addressed leave systems open to remote access and control, system crashes, and denial of service exploits...
Comments (0)
FBI Warns: GameOver
January 10, 2012 Added by:Kevin McAleavey
The significant part of the DDOS angle with the GameOver Zeus Trojan attack is that it serves as a diversion while the looting continues, and prevents access to mitigation with the bank until it's too late. That's what motivated the FBI to put out this alert...
Comments (0)
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox