junho 23, 2021
Key Findings – 4 DDoS Protection Techniques Need to Continue to Evolve with Emergence of New Attack Vectors NXNSAttack, a new vulnerability in DNS, can be exploited to launch massive DDoS attacks In May 2020, Israeli researchers reported a new DNS server vulnerability and dubbed it NXNSAttack. This vulnerability exists in DNS’s recursive resolution process. […]
junho 18, 2021
Written By: Bruno CarvalhoSystem Engineer UK & Western Europe Firstly, to become this information clearer is interesting to answer the question…What is GPRS Tunneling Protocol (GTP)? GPRS Tunneling Protocol (GTP) is a 2.5G technology that provides interconnection between various network interfaces, enabling mobile users to roam seamlessly between networks of different generations. The GTP protocol […]
junho 11, 2021
ABOUT CUSTOMER Based in APAC, company A provides comprehensive IDC services for the world’s top 500 as well as many small and medium enterprises. Other than server rental and hosting, company A also cooperates with NSFOCUS to provide server rental service with advanced protection against DDoS attacks. The investment in DDoS protection not only protects […]
janeiro 1, 2021
Attackers are targeting Citrix ADC (Application Delivery Controller) and utilize it to launch amplification attacks. However, no official patch has been released yet.(mais…)
novembro 24, 2020
Recently, GitHub’s Security Incident Response Team (SIRT) published an article saying that a set of Github code repositories were serving open-source projects that were infected with malicious code (https://securitylab.github.com/research/octopus-scanner-malware-open-source-supply-chain). According to the article, attackers submitted malicious code to the open-source projects, which were referenced by other open-source projects. After being used by developers, these open-source projects with malicious code will search the developers’ machines for NetBeans IDE. If the IDE is found, all Java Archive (JAR) files created by NetBeans will be infected and loaders of malware will be implanted to ensure that the projects can release a remote administration tool (RAT).(mais…)
setembro 1, 2020
At 17:00 of May 20, NSFOCUS SOC detected an abnormal traffic alert in the global monitoring center, the IP addresses of a customer from Hong Kong were under attack and the maximum attack peak reached 634.6 Gbps. This had been the largest of all attacks targeting NSFOCUS’s customers by the
time this report was written. According to IP gang intelligence from the NSFOCUS Threat Intelligence (“NTI”), large quantities of source IP addresses involved in the attack were controlled by the IP gang IPGang01 we have continuously monitored. We will elaborate on it in the following “attack gangs” chapter.
agosto 29, 2020
From January to May 2020, except in April when the number of DDoS attacks was on a par with that a year earlier, the other months experienced a year-on-year decrease in the number. However, attack traffic in each month in the first half of 2020 increased year on year.(mais…)
agosto 18, 2020
- Global distribution of DDoS attacks: U.S. suffered the most DDoS attacks, and Japan received the largest volume of DDoS traffic.
- DDoS attack trend: March and April witnessed the most frequent DDoS attacks, and May saw the peak of attack traffic.
- DDoS attacks and COVID-19 pandemic: DDoS attacks fluctuated noticebly with the worldwide outbreak of the COVID-19 pandemic. Germany and the U.S. were two typical examples.
- Attack lethality: Compared with the first half of 2019, the first half of 2020 experienced a decline in the number of attacks withincreasing magnitute.
- Attack types: SYN flood and UDP flood remained dominant DDoS attacks.
- Attack duration: Short-duration and effective attacks were the norm, with 68% of the attacks lasting less than 5 minutes.
- Attack peak: May was exposed to the strongest attack, with the peak reaching 634.6 Gbps.
- Attack gangs: Among the 15 IP gangs under our continuous monitoring in the first half of 2020, the largest attack utilized 217,000 attack sources.
maio 22, 2020
NSFOCUS cloud scrubbing center witnessed a torrent of DDoS attack traffic, with peak volume up to 634.8 Gbps.
At 5 p.m. of May 20th, 2020, NSFOCUS SOC team detected an enormous DDoS attack – three IPs of a Hong Kong customer were hit by DDoS attacks and inbound traffic kept increasing sharply. As DDoS attack traffic constantly gushing into the scrubbing center, the peak attack traffic reached 634.8 Gbps, a new height encountered by NSFOCUS’s customers in the year of 2020. When NSFOCUS reported this event to the customer after the attack mitigation, they extended their grateful thanks to NSFOCUS and said selecting NSFOCUS Anti-DDoS solution was their best choice they made because they were well protected even when they were not aware of being targeted by DDoS attacks.(mais…)