Alert: OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers

Publicly-accessible Docker Engine API instances are being targeted by threat actors as part of a campaign designed to co-opt the machines into a distributed denial-of-service DDoS botnet dubbed OracleIV. "Attackers are exploiting this misconfiguration to deliver a malicious Docker container, buil...

A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.

...

MOXA Mgate MB3180 资源管理错误漏洞

The MOXA MGate MB3180 is a technology product with a port transfer rate of 0.9216 Mbps. A denial of service exists in MOXA Mgate MB3180 version 2.1 Build 18113012. An attacker can exploit this vulnerability by sending a large number of TCP SYN packets to exhaust the resources of a web service,...

More Insights on The Global DDoS Threat Landscape

Recently, edge services product manager David Elmaleh and Imperva Research Labs’ data scientist Johnathan Azaria shared their DDoS knowledge in a live BrightTalk webinar about the current threat landscape and what you need to do to ensure you are adequately prepared. David and Johnathan not only...

5 Years of Fighting DDoS with the Power of Akamai

Additional analysis and research provided by Principal Architect, Tom Emmons Earlier this year, Akamai celebrated the fifth anniversary of the Prolexic acquisition. The merger was officially completed in February of 2014, and a lot has happened since then. In this post, we want to spend a moment...

NTP Aplification, SYN Floods Drive Up DDoS Attack Volumes

There has been a steady but dramatic increase in the potency of distributed denial of service DDoS attacks from the beginning of 2013 through the first two months of this year. In large part, reason for this rise in volume has to do with the widespread adoption of two attack methods: large...

Automated Toolkits Named in Massive DDoS Attacks Against U.S. Banks

Attackers targeting major U.S. banks with distributed denial of service attacks are using a number of toolkits to automate the job. Prolexic Technologies, a security company specializing in DDoS protection services, identified one toolkit called itsoknoproblembro, a kit that attacks multiple port...

FreeBSD Security Advisory (FreeBSD-SA-02:20.syncache.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-02:20.syncache.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

FreeBSD Security Advisory (FreeBSD-SA-02:20.syncache.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-02:20.syncache.asc ADV FreeBSD-SA-02:20.syncache.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008...