Distributed denial-of-service (DDoS) attacks designed to silence end users and sideline Web sites grew with alarming frequency and size last year, according to new data released this week. Those findings dovetail quite closely with the attack patterns seen against this Web site over the past year.
Arbor Networks, a major provider of services to help block DDoS assaults, surveyed nearly 300 companies and found that 38% of respondents saw more than 21 DDoS attacks per month. That’s up from a quarter of all respondents reporting 21 or more DDoS attacks the year prior.
After six months of silence, the ZeroAccess botnet -- aka Sirefet -- is back in action. Fortunately, it's operating at a smaller scale than it was a couple years ago.
Researchers at Dell SecureWorks Counter Threat Unit have discovered new activity by the once-disrupted botnet. ZeroAccess is actually two peer-to-peer botnets -- one for 32-bit Windows, one for 64-bit -- that both manipulate all major search engines and web browsers. Historically, it hijacked search results, directing users to malicious sites or fraudulently charging businesses for extra clicks on their ads.
At least one and likely more D-Link routers as well as those of other manufacturers using the same firmware are vulnerable to remote changing of DNS settings and, effectively, traffic hijacking, a Bulgarian security researcher has discovered.
Todor Donev, a member of the Ethical Hacker research team, says that the vulnerability is found in the ZynOS firmware of the device, D-Link's DSL-2740R ADSL modem/wireless router.
The firmware in question is implemented in many networking equipment manufactured by D-Link, TP-Link Technologies and ZTE, he noted for Computerworld.
Singapore's government will set up a new agency to strengthen cyber security, Prime Minister Lee Hsien Loong's office said Tuesday, amid more reports of high-profile hacking incidents worldwide.
The Cyber Security Agency of Singapore, to be established on April 1, "will provide dedicated and centralized oversight of national cyber security functions," Lee's office said in a statement.
A recently fixed vulnerability in the BlackPhone instant messaging application gave attackers the ability to decrypt messages, steal contacts, and control vital functions of the device, which is marketed as a more secure way to protect communications from government and criminal snoops.