X-Industry

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint distributed denial-of-service (DDoS) attack guidance for federal, state, local, tribal, and territorial government entities to serve as a comprehensive resource to address the specific needs and challenges faced by government agencies in defending against DDoS attacks.

Distributed denial-of-service a

Cyber-attacks cost the world economy a huge $8 trillion USD in 2023 and are expected to rise to an incredible $18 trillion by 2030.  Technology has advanced so rapidly that most devices in a 2024 household are always online smart devices perpetually connected to the cloud.  Beyond this, no workforce, industry, or government agency exists without a complex and interconnected web of users, systems, and online technologies.  Is it any wonder that cyber-attacks are on the rise and have cost the worl

As anyone who regularly games online can attest, DDoS (dedicated denial of service) attacks are an irritatingly common occurrence on the internet.  Drawing on the combined digital might of a geographically diffuse legion of zombified PCs, hackers can swamp game servers and prevent players from logging on for hours or days at a time.  The problem has metastasized in recent years as enterprising hackers have begun to package their botnets and spamming tools into commercial offerings, allowing any

Several Polish media and news websites were hit by distributed denial-of-service (DDoS) attacks that the government said could be the action of Russian hacking groups, the digitalization minister was quoted as saying on 18 May.  Warsaw has positioned itself as one of Ukraine's staunchest allies since Russia invaded the country, and Poland says it frequently faces Russian attempts to destabilize the situation in the country.  Moscow has consistently denied that it carries out hacking operations.

Cloudflare has recently released their Q1 DDoS threat report [5].  Thus, this is a good point for a discussion on DDoS attacks and some of the newer techniques involved with them.  First, we’ll get a little bit of a refresher on what DDoS attacks are, how they manifest and how things look when a service is being attacked, and how they can be detected.  From there, we’ll go into the typical mechanics of how a DDoS attack takes place and what sort of techniques and methods tend to be involved.  Th

There seems to be a current trend of attacking the airline industry.  In Germany, seven airports were hit by a suspected cyber-attack on 16 February.  Düsseldorf, Nuremberg, and Dortmund airports were among those impacted, but the websites for Germany’s three busiest airports: Frankfurt, Munich, and Berlin—were all functioning normally.  These airports were victim to large-scale DDoS attacks.  Currently, other airport systems were not affected.  From Reuters, the chief executive also added that

With many countries assisting Turkey and Syria in earthquake response, hackers are in the process of trying to disrupt the communication processes.  The Russian hacktivist collective Killnet has carried out a series of distributed denial of service (DDoS) attacks against NATO, causing temporary disruption to some of the military alliance’s public-facing websites.  The Killnet operation had previously said through its closed channel on the encrypted Telegram service that it was initiating attacks

Some of the largest airports in the US have been targeted for cyber-attacks; as recent as 10 October, by an attacker group within the Russian Federation.  It’s important to note that the airport operations IT systems targeted did not handle air traffic control, internal airline communications and coordination or transportation security.  "It's an inconvenience," the source said. The attacks have resulted in targeted "denial of public access" to public-facing web domains that report airport wait

Agent 007 would never put up with this type of attack.  MI5’s website was down for part of 30 September after a possible cyber-attack.  The UK’s security service public site was briefly unavailable for intermittent periods in the morning but is now back online, with the incident resolved.[1]  Quick action by the new cyber “agents.”

Pro-Russian hackers allegedly attacked MI5’s public website, briefly causing it to go offline as the Ukrainian conflict continued to escalate.  A group called Anonymo

Finland’s parliament website was temporarily shut down on Tuesday, 9 August, following a cyber-attack that coincided with the US’s move to admit the Nordic country to the North Atlantic Treaty Organization (NATO).  The Finnish parliament said in a statement on Twitter that a denial-of-service attack hit the parliament’s external websites at around 2:30 pm local time.  “The Parliament takes steps to limit the attack together with service providers and the Cybersecurity Center,” the statement said

A suspected cyber-attack on 7-Eleven stores, pervasive in large towns and at rail stations across Denmark, is reporting that “we cannot use cash registers and/or receive payments.”  This the company wrote on its Facebook page.  “We are therefore closed until we know the extent [of the attack].  We hope to be able to open stores again soon,” it wrote.

There are 176 7-Eleven stores in Denmark.  The company’s CEO told a Danish broadcaster that cash registers “suddenly” began to malfunction in store

The international Anonymous hacktivists group has targeted the Russian Ministry of Culture and leaked 446 GB worth of data online.  The cyberattack was carried out as part of their collective’s ongoing operation OpRussia against the country’s invasion of Ukraine.

Anonymous is a group of hacktivists that publicly announced a cyberwar against Russia after the country invaded Ukraine in late February 2022.  The latest to suffer a data leak is Russia’s Ministry of Culture.  As seen by Hackread.com,

Since declaring cyberwar on Russia through the #OpRussia campaign, the hacktivist group Anonymous has been busy.  It has been three weeks since the Anonymous collective tweeted their declaration of war, and in that time the decentralized group has been a mainstay of news headlines.   

Since Russia invaded Ukraine the Anonymous twitter account, @YourAnonNews has gained close to 500,000 followers.  In the hybrid war format where both acts of kinetic war and cyber war have been documented many hack

A provocative piece from Vox, explains the current state of the Russian Cyber War.   After three weeks of fighting, Russia is beginning to deploy increasingly brutal tactics in Ukraine, including indiscriminate shelling of cities and “medieval” siege warfare. Other elements of its military strategy, however, are conspicuously absent in cyberwarfare.  Russia has a history of employing cyberwarfare tactics, which some experts believed could feature prominently in its invasion of Ukraine. The cyber

A new reflection/amplification DDoS method is being used in attacks that provides a record-breaking amplification ratio of almost 4.3 billion to 1.  Distributed Denial of Service (DDoS) attacks target servers or networks with many requests and high volumes of data, aiming to deplete their available resources and cause a service outage.  The amplification ratio is critical when conducting attacks, as the higher the number, the easier it is for threat actors to overwhelm well-protected endpoints w

Activity Summary - Week Ending on 11 March 2022:

• Red Sky Alliance identified 20,047 connections from new IP’s checking in with our Sinkholes
• Malicious Keylogger data is back with 22 Keylogged emails
• Analysts identified 3,431 new IP addresses participating in various Botnets
• Remote Utilities Software
• Stone Panda
• Slug & the Daxin Backdoor
• Mitre ATT&CK - Sightings Ecosystem
• Nvidia Attack
• DDoS Annoyance?
• Oil & Gas Saudi Arabia - Formbook Malware
• DarkNet City

Full report: IR-22-070-001_weekly070.

The common definition of Guerrilla Warfare is a form of ‘irregular’ warfare in which small groups of combatants, such as paramilitary personnel, armed civilians, or irregulars, use military tactics including ambushes, sabotage, raids, petty warfare, hit-and-run tactics, and mobility, to fight a larger and less-mobile traditional military.  Now enter cyber guerrilla warfare.  A Ukrainian cyber guerrilla warfare group is in the process of launching digital sabotage attacks against critical Russian

Welcome to the new normal, the cybersecurity threat landscape has gotten progressively more complex and dangerous.  The online world is full of data thieves, extortionists, and even state actors looking to exploit vulnerabilities in businesses' digital defenses.  The cyber threat actors have the upper hand at the moment. Part of the reason for that is the fallout from the rapid digitization made necessary by the COVID-19 pandemic.  According to research on the subject, more than half of business

It is estimated that North Korea (KP) is continuing to steal hundreds of millions of dollars from financial institutions and cryptocurrency firms and exchanges.  This stolen currency is an important source of funding for its nuclear and missile programs, UN experts said in a report quoting cyber specialists.  The panel of experts said that according to an unnamed government, North Korean “cyber-actors stole more than $50 million between 2020 and mid-2021 from at least three cryptocurrency exchan

Considering the sensitive information it holds, it is no wonder that the financial services industry continues to be one of the most targeted critical infrastructure sectors by current cyber-criminals.  Recent societal and technological changes during 2021 have made matters worse.

The ongoing COVID-19 pandemic has created a ripe target field for cyberthreats as industries and individuals alike became vulnerable as they wrestled with remote working practices, mass digital disruption, and widening