cloudflare (3)

11029414468?profile=RESIZE_400xCloudflare has recently released their Q1 DDoS threat report [5].  Thus, this is a good point for a discussion on DDoS attacks and some of the newer techniques involved with them.  First, we’ll get a little bit of a refresher on what DDoS attacks are, how they manifest and how things look when a service is being attacked, and how they can be detected.  From there, we’ll go into the typical mechanics of how a DDoS attack takes place and what sort of techniques and methods tend to be involved.  Th

10910109861?profile=RESIZE_400xIn November 2022, FortiGuard analysts observed a unique botnet written in the Go language being distributed through IoT vulnerabilities. This botnet, known as Zerobot, contains several modules,  including self-replication,  attacks for different protocols, and self-propagation.  It also communicates with its command-and-control server using the WebSocket protocol.  Based on some IPS signatures trigger count (shown in Figure 1), this campaign started its distribution of the current version someti

10764242687?profile=RESIZE_400xThe threat actor who recently breached Twilio systems also targeted Cloudflare, and a few of the web security company’s employees fell for the phishing messages.   Twilio recently revealed that it became aware of unauthorized access to some of its systems on 04 August 2022.  An investigation showed that the attackers had tricked some of its employees into providing their credentials, which they then used to access internal systems and obtain customer data.[1]   The threat actor sent phishing tex