13.6 C
Tuesday, September 26, 2017
Home Tags DDOS


I don't know which is worse An IoT botnet is making a nuisance of itself online after becoming a conduit for spam distribution.…
Companies both large and small are targets. Never think "I'm not big enough for a hacker's attention."
Denial of service attacks can be reduced by replying to DNS requests with a huge range of nothing, and remembering it.
The malware behind the largest mobile botnet to date has evolved.
F5 Labs has detected a WireX variant capable of launching UDP flood DDoS attacks.
FCC API could be misused to host malware on FCC's domain.
DAILY VIDEO: Google removes malicious WireX DDoS botnet apps from Play Store; Microsoft Surface PCs gain ground in the enterprise; Microsoft promises affordable mixed-reality gear for the holidays; and there's more.
DDoS attacks are no longer something that just big companies in a few industries need to worry about.

They have become a threat to every business.
Google removes over 300 Android apps from the Play Store that were secretly being used to launch WireX DDoS attacks.
Itrsquo;s never good news when your workloads, data, or both get hacked in a public cloud.

Fortunately, itrsquo;s something that rarely occurs.

But as workloads and data sets on the public clouds become more numerous, such a hack could occur.The best way to recover from an attack, aka a hack, is to remain calm and follow these simple rules.[ What is cloud computing? Everything you need to know now. | Also: InfoWorldrsquo;s David Linthicum explains how to move into a cloud career from traditional IT. ]What do if your public cloud is hacked Do shut down the machine instances as quickly as you can. Irsquo;m often taken aback by the number of admins who keep compromised systems up and running.

Chances are that the hackers have not yet culled all your data, so you can stop further damage by taking those systems down quickly. Do contact your provider right away. It typically has automated procedures to lock things down for you, and even locate the source of the attack. Do review your security policies and security tools, at your first opportunity. Something fell through the cracks, and most breaches that I see are due to human error. While itrsquo;s fresh in your mind, itrsquo;s time to do some self-discovery to ensure something like this does not happen again.

Even if this specific breach was the cloud providerrsquo;s fault, the next time it could be your faultmdash;so use the incident to review what you control. Do contact those whose information may have been compromised. The days of keeping breaches to yourself are long over.
If Social Security numbers or credit card data has been compromised, the owners need to be contacted so they can watch for fraud.
If itrsquo;s personally identifiable information (PII) or other protected data, you need to contact your regulatory authority as well. What not to do if your public cloud is hacked Donrsquo;t try to combat the hackers with a counterattack. Shut the systems down first, remove the IP addresses, and then figure out what happened. Retaliation is a macho thing that Irsquo;ve seen occur in the last few yearsmdash;donrsquo;t go there.
Itrsquo;s not a street fight.
Irsquo;ve even seen companies that were attacked launch counter-DDOS attacks at the offending IP addresses. Not smart.
In the long run, yoursquo;ll just waste more time and money, and possibly open yourself to a full-on vendetta attack. Donrsquo;t make rash decisions about rehosting. These days, many companies move to the cloud because their on-premises systems got hacked.
If cloud-based systems are hacked, I suspect wersquo;ll hear a lot of people say, “Wersquo;re heading back to the enterprise data center.” The grass is always greener, and you need to thoroughly think through such a move. Huge and expensive rehosting decisions could turn into huge and expensive mistakes.  Donrsquo;t play the blame game. Although itrsquo;s tempting to call people out who you view as responsible, that almost never delivers the outcome yoursquo;re seeking. Donrsquo;t overexplain. Among the great many mistakes Irsquo;ve seen included a company sending out press releases, where one would have done the trick.

The public will view such overexplaining as a weakness, and many will assume yoursquo;re hiding something in the deluge of explanationsmdash;that yoursquo;re fast-talking. Make your points and be done with it. To read this article in full or to leave a comment, please click here
Starting today, New York banks and insurers must report to authorities within 72 hours on any security event that has a 'reasonable likelihood' of causing material harm to normal operations.
WireX was being used to launch DDoS attacks against targets in multiple industries; Google removes 300 botnet-related apps from Play Store.