Increase in malicious DNS request traffic
Posted on 24 July 2013.
With regard to the OpUSA hacktivist campaign, Solutionary discovered that attackers responsible for previous DDoS attacks on the financial sector leveraged a variety of techniques to execute the campaign, including SQL Injection and XSS, in addition to DDoS.


73 percent of sites compromised during OpUSA were hosted on Microsoft IIS Web servers and that 17 percent of the platforms in use were running IIS versions 5.0 or 5.1, which are 10 years older than the current version of IIS (7.5) and no longer supported by Microsoft. This oversight left clear and obvious holes for attackers to exploit.

It is noteworthy to point out that while the United States topped the list of countries with affected servers, at 38 percent, only China stood out from the rest as a target of this campaign.

The NSA PRISM project has dominated the news since The Guardian first broke the story. Reaction among security professionals, industry members and the public has been mixed. An NSA statement claims, in part, that PRISM collects data directly from the servers of U.S. service providers, including Microsoft, Yahoo!, Google, Facebook, PalTalk, AOL, Skype, YouTube and Apple, however, at this time while Solutionary has noted concerns about the security and privacy of information, especially from non-US organizations, but has not noted any impact on client operations.

Solutionary also summarized the significant increase in malicious DNS requests and DoS activity. Again, the U.S. and China were the top two countries of origin, registering 57 percent and 30 percent, respectively, followed by France and the Russian Federation. An increase in DDoS attacks is likely, a prediction based on the intelligence gathered from observed reconnaissance and harvesting campaigns targeting private and commercial hosting providers.

"Observations by the Security Engineering Research Team (SERT) over the past several months have led us to conclude that hacktivist attacks are on the rise and that headline-driven security concerns can often take the focus off of fixes that can improve defensive postures," said Rob Kraus, director of research, SERT. "Security and risk professionals reading this report will find that there are several simple steps that can be taken to better defend against the identified attacks."





Spotlight

Internet Explorer vulnerabilities increase 100%

Posted on 23 July 2014.  |  Bromium Labs research determined that Internet Explorer vulnerabilities have increased more than 100 percent since 2013, surpassing Java and Flash vulnerabilities.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Jul 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //