New SLP Vulnerability Could Let Attackers Launch 2200x Powerful DDoS Attacks

Details have emerged about a high-severity security vulnerability impacting Service Location Protocol SLP that could be weaponized to launch volumetric denial-of-service attacks against targets. "Attackers exploiting this vulnerability could leverage vulnerable instances to launch massive...

CVE-2021-36630

DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone controller that allows remote attackers to perform DOS attacks via crafted request...

CVE-2021-36630

DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone controller that allows remote attackers to perform DOS attacks via crafted request...

CVE-2021-36630

DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone controller that allows remote attackers to perform DOS attacks via crafted request...

Record breaking HTTPS DDoS attack

Last week, Cloudflare blocked the largest HTTPS DDoS attack on record. The attack amassed some 26 million requests per second rps. The previous record for a HTTPS DDoS attack was 15.3 million rps. The attack targeted an unnamed Cloudflare customer and originated mostly from Cloud Service Provider...

CVE-2022-26143: TP240PhoneHome Reflection/Amplification DDoS Attack Vector

A new reflection/amplification distributed denial of service DDoS vector with a record-breaking potential amplification ratio of 4,294,967,296:1 has been abused by attackers in the wild to launch multiple high-impact DDoS attacks...

Forcepoint NGFW Engine 安全漏洞

Forcepoint NGFW Engine is a next-generation firewall solution from Forcepoint Corporation. A security vulnerability exists in Forcepoint NGFW Engine that originates from a TCP reflection amplification vulnerability in the affected software if the user configures HTTP User Response...

Web Censorship Systems Can Facilitate Massive DDoS Attacks

Researchers are warning internet censorship systems are ripe for abuse by a new type of distributed denial of service DDoS attack. The potential for abuse is concerning, researchers say, because attacks would take advantage of a type of reflection and amplification, which would be “extremely...

“Huge upsurge” in DDoS attacks during pandemic

Researchers at Netscout have released a report analyzing the malicious internet traffic of 2020 and comparing it to the years before. Some of the results were as expected: Brute-forcing credentials and more targeting towards internet-connected devices were foreseeable and have been discussed at...

Cybercriminals Now Using Plex Media Servers to Amplify DDoS Attacks

A new distributed denial-of-service attack DDoS vector has ensnared Plex Media Server systems to amplify malicious traffic against targets to take them offline. "Plex's startup processes unintentionally expose a Plex UPnP-enabled service registration responder to the general Internet, where it ca...

ALPINE-CVE-2020-8616

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral...

Misconfigured Memcached Servers Abused to Amplify DDoS Attacks

Cybercriminals behind distributed denial of service attacks have added a new and highly effective technique to their arsenal to amplify attacks by as much as 51,200x by using misconfigured memcached servers accessible via the public internet. The technique was reported by Akamai, Arbor Networks a...