RHCOS 4 : OpenShift Container Platform 4.2 (RHSA-2019:3245)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3245 advisory. - HTTP/2: flood using PING frames results in unbounded memory growth CVE-2019-9512 - HTTP/2: flood using HEADERS frames results in...

CVE-2026-36958

CVE-2026-36958 affects the U-SPEED N300 router (firmware V1.0.0). The embedded Boa HTTP server is vulnerable to a denial-of-service when a large number of concurrent HTTP requests target random/non-existent web-management endpoints, exhausting resources and rendering the web interface unresponsiv...

SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits

SafeLine is a self-hosted WAFWeb Application Firewall to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL...

Microsoft Blames Massive DDoS Attack for Azure, Outlook, and OneDrive Disruptions

Microsoft on Friday attributed a string of service outages aimed at Azure, Outlook, and OneDrive earlier this month to an uncategorized cluster it tracks under the name Storm-1359. "These attacks likely rely on access to multiple virtual private servers VPS in conjunction with rented cloud...

Microsoft Blames Massive DDoS Attack for Azure, Outlook, and OneDrive Disruptions

Microsoft on Friday attributed a string of service outages aimed at Azure, Outlook, and OneDrive earlier this month to an uncategorized cluster it tracks under the name Storm-1359. "These attacks likely rely on access to multiple virtual private servers VPS in conjunction with rented cloud...

New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks

A new Golang-based botnet dubbed HinataBot has been observed to leverage known flaws to compromise routers and servers and use them to stage distributed denial-of-service DDoS attacks. "The malware binaries appear to have been named by the malware author after a character from the popular anime...

CVE-2022-23142

ZXEN CG200 has a DoS vulnerability. An attacker could construct and send a large number of HTTP GET requests in a short time, which can make the product management websites not accessible...

Impulse - Impulse Denial-of-service ToolKit

Modern Denial-of-service ToolKit Main window Methods: Method | Target | Description ---|---|--- SMS | +PHONE | SMS & CALL FLOOD NTP | IP:PORT | NTP amplification is a type of Distributed Denial of Service DDoS attack in which the attacker exploits publically-accessible Network Time Protocol NTP...

ThreatList: Latest DDoS Trends by the Numbers

Fresh statistics reveal a mix bag of good news and bad when it comes to distributed denial-of-service attacks in Q4 2018. According to the latest numbers available, the sheer number of attacks are down, but the length of time those attacks last have reached record lengths. The numbers come from...

Wreckuests - Tool to run DDoS atacks with HTTP-flood

Wreckuests is a script, which allows you to run DDoS attacks with HTTP-floodGET/POST. It's written in pure Python and uses proxy-servers as "bots". OF COURSE, this script is not universal and you can't just drop Pentagon/NSA/whatever website with one mouse click. Each attack is unique, and for ea...

Run HTTP Flood DDoS Attacks: Wreckuests

Stress Testing: Run HTTP Flood DDoS Attacks Wreckuests is a script, which allows you to run DDoS attacks with HTTP-floodGET/POST. It’s written in pure Python and uses proxy-servers as “bots”. This script is published for educational purposes only! Features Cache bypass with random ?abcd=efg...

WarChild - Denial of Service Testing Suite

Warchild is a denial of service testing suite made for analysing the strength of your website against different kinds of denial of service attacks you will be facing which are mainly organised by crooks to cause damage to your website. Installation For Installing the required modules just run the...

New IoT Botnet Malware Borrows From Mirai

Researchers have thrown back the covers on more malware infecting IoT devices for the purposes of building a botnet that carries out DDoS attacks. This sample has its roots in other IoT botnets such as Aidra, Bashlite and Mirai in that it attacks weak telnet credentials guarding devices and it’s...

Mirai Botnet Itself is Flawed; Hacking Back IoTs Could Mitigate DDoS Attacks

The infamous botnet that was used in the recent massive distributed denial of service DDoS attacks against the popular DNS provider Dyn, causing vast internet outage last Friday, itself is flawed. Yes, Mirai malware, which has already enslaved millions of Internet of Things IoT devices across 164...

Mirai Vulnerability Disclosed, But Exploits May Constitute Hacking Back

The Mirai botnet apparently has a weakness that could shut down its ability to flood targets with HTTP requests. But exploiting that vulnerability puts defenders in a gray area with regard to hacking back. Researchers at Invincea Labs discovered three vulnerabilities in Mirai, one of which is the...

LizardStresser IoT Botnets Part of 400Gbps DDoS Attacks

LizardStresser, a distributed denial of service botnet, has found new life leveraging hundreds of internet-based webcams in attacks against Brazilian-based banks, government agencies as well as a handful of U.S.-based gaming companies. Researchers at the Arbor’s Security Engineering and Response...

Botnet Powered by 25,000 CCTV Devices Uncovered

A botnet comprised entirely of internet-enabled closed circuit TV devices used a barrage of HTTP requests to knock a small jewelry store offline for days. Researchers who came across the botnet recently said they weren’t surprised that IoT devices were being used to carry out a distributed denial...

162,000 WordPress Sites Used in DDoS Attack

More than 162,000 “popular and clean” WordPress sites were recently used in a large-scale distributed denial of service attack DDoS that exploited the content management system’s pingback feature. While the WordPress team is aware of the issue it’s not expected to be patched as it’s a default...

Zemra Botnet Leaked, Cyber Criminals performing DDoS Attacks

Zemra Botnet Leaked, Cyber Criminals performing DDoS Attacks The Zemra DDoS Bot is currently sold in various forums for about 100 € and detected by Symantec as Backdoor.Zemra. Zemra first appeared on underground forums in May 2012. This crimeware pack is similar to other crime packs, such as Zeus...

New Crimeware Bot Zemra behind DDoS Attacks

Zemra, a new crimeware bot that shares traits with the banking Trojans Zeus and SpyEye has been making the rounds lately, according to a recent post on Symantec’s Security Response blog. In the post, Symantec’s Alan Neville claims Zemra has been seen executing distributed denial of service attack...