Blog Posts Tagged with "DoS"
Running Apache? Beware of "Armageddon"...
March 19, 2012 Added by:Kevin McAleavey
"Apache Killer" exploits a vulnerability in the server by sending a specially crafted Range HTTP header to trigger a denial-of-service condition, and a single computer is capable of bringing Apache to its knees. A botnet full of these can result in "tango down"...
Comments (0)
ICS-CERT: Advantech BroadWin WebAccess Vulnerabilities
February 10, 2012 Added by:Headlines
ICS-CERT is aware of a public report about an RPC server vulnerability with proof-of-concept (PoC) exploit code affecting the Advantech BroadWin WebAccess software, a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product...
Comments (0)
ICS-CERT: Punzenberger COPA-DATA HMI Vulnerabilities
February 08, 2012 Added by:Headlines
Researcher Kuang-Chun Hung has identified multiple denial-of-service (DoS) vulnerabilities in the Ing. Punzenberger COPA-DATA GmbH zenon human-machine interface (HMI) system which may allow an attacker to execute a DoS attack and potentially execute arbitrary code...
Comments (0)
US-CERT Warns of Denial-of-Service Malware Campaign
January 26, 2012 Added by:Headlines
US-CERT has received reports of attacks using malware-laden email attachments. The advisory comes one week after multiple DDoS attacks were launched against entertainment industry and US government websites by Anonymous supporters in an operation dubbed OpMegaupload...
Comments (0)
ICS-CERT: General Electric D20ME PLC Vulnerability
January 20, 2012 Added by:Headlines
The GE D20ME PLC vulnerability is exploitable by utilizing TFTP connections to the controller. The report is based on information presented by Reid Wightman during Digital Bond’s SCADA Security Scientific Symposium without coordination with the vendor or ICS-CERT...
Comments (0)
Israeli and Muslim Hackers Bring Knives to Gun Fight
January 19, 2012 Added by:Scot Terban
There was the dropping of the SCADA passwords recently, and that is more along the lines of doing something. As I wrote recently about cyberwar, the real aegis is to damage infrastructure, supply chain failure, and in the end invade or conduct military operations...
Comments (2)
ICS-CERT: Certec EDV GmbH App DoS Vulnerability
January 19, 2012 Added by:Headlines
Independent researcher Luigi Auriemma has identified a denial of service (DoS) vulnerability in Certec EDV GmbH atvise application. Certec has produced an update that resolves this vulnerability. Mr. Auriemma validated that the update resolves the vulnerability...
Comments (0)
Apache Killer DoS Vulnerability Patch Released
August 31, 2011 Added by:Headlines
The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the release of version 2.2.20 of the Apache HTTP Server with a fix for handling of byte-range requests and avoid a denial of service. We consider this release to be the best version of Apache available...
Comments (0)
Mitigating the Apache Range Header DoS Vulnerability
August 28, 2011 Added by:Mark Baldwin
A new Apache DoS vulnerability was reported by security researcher Kingcope on the Seclists.org Full Disclosure mailing list that affects most default installations of Apache 1.3/2.x. Fortunately, there are some configuration settings that can be adjusted to mitigate this vulnerability...
Comments (1)
Protecting Linux Against DoS/DDoS Attacks
June 27, 2011 Added by:Jamie Adams
When I first heard ridiculous-sounding terms like smurf attack, fraggle attack, Tribal Flood Network (TFN), Trinoo, TFN2K, and stacheldraht, I didn't take them too seriously for a couple of reasons — I worked mainly on non-Internet facing systems, and I was never a victim...
Comments (0)
Hacktivist Maintains Attack on Westboro Baptist Church
March 24, 2011 Added by:Headlines
The DoS attacks against WBC sites have now exceeded one month in duration. The Jester uses a DoS tool called XerXeS to perform an application level attack which can be performed by a single low-spec machine with relatively few packets, whereas traditional TCP-based attacks require multiple machines...
Comments (4)
DoS Surpasses SQL Injections as Primary Attack Method
March 16, 2011 Added by:Headlines
"Many of these organizations foolishly think that the network security gear that they have to handle the lower level DoSing floods will take care of this and it won't. The overall amount of traffic that you have to send to take down the Web server is a lot less, and it looks legitimate..."
Comments (0)
Assault on Westboro Baptist Church Website Continues
March 08, 2011 Added by:Headlines
The sustained DoS attack, which began on February 21st, represents a record for the Hactivist who is best known for repeated DoS attacks on militant Jihadi websites, as well as an attack on the WikiLeaks website in late November that forced the organization to shuffle Internet hosting providers...
Comments (1)
Six Hot New Hacks from Black Hat DC 2011
January 25, 2011 Added by:Headlines
Michael Gregg has assembled his picks for the top six hacks revealed at the Black Hat DC 2011 conference. Dozens of innovative threats were revealed at the conference last week, but Gregg describes these particular exploits as being the "six new hacks that will make your CSO cringe"...
Comments (0)
Operation:Tunisia Backfires - Activists Rounded Up
January 07, 2011 Added by:Headlines
The distributed denial of service (DDoS) campaign launched by Anonymous against Tunisian government websites called Operation:Tunisia has completely backfired by putting the lives of the people Anonymous claims to be helping at risk...
Comments (0)
Anonymous Fallacies: To LOIC or Not To LOIC
January 05, 2011 Added by:Scot Terban
What really caught my eye is the section in red, the admonition about “if you get caught” This is the most egregious set of instructions that I have ever seen and will only serve to land those of the “hive mind” in courts across the globe with a fair chance at getting truly buggered...
Comments (3)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)