DDoS attacks are easy to launch yet difficult to defend against. Margee Abrams of Neustar discusses the state of DDoS and how organizations can best defend against today's potentially damaging attacks.
Security experts advise banking institutions to take several steps, including enhancing authentication and ramping up commercial customer education, as a result of an increase in sophisticated online banking attacks involving a new variant of Dyre malware.
DDoS attackers have been targeting the popular code-sharing website GitHub. Security experts say the massive attacks appear to have originated from China and been designed to disrupt access to GitHub-hosted anti-censorship tools.
Attacks are larger, adversaries more diverse, and damage is broader. These are characteristics of today's DDoS attacks, and organizations need a new approach to protection, says Verisign's Ramakant Pandrangi.
ENISA - the EU agency responsible for bolstering European cybersecurity practices - is calling on Internet infrastructure providers to adopt best practices for combatting routing threats, DNS spoofing and poisoning attacks, as well as DDoS disruptions.
Nobody wants to be a cyber-attacker's first victim. But there are benefits to being second or third, says Akamai's Mike Smith. Then you get to enjoy the true benefits of the oft-discussed information sharing.
Police in Finland are investigating a series of DDoS attacks against the country's OP Pohjola financial services group that have intermittently shut down online banking and direct debit services. The hacking group "CoreSec" has claimed credit.
Distributed-denial-of-service attacks, fueled by the interconnected nature of smart devices, will only continue to increase, says Matt Moynahan, president of Arbor Networks. "The infrastructure itself is insecure," he says.
Once a file enters the network, we often lack the tools to monitor the file's behavior. In essence, using the point-in-time model, the security professional cannot retry the file for guilt or innocence.
The hacking gang Lizard Squad has claimed credit for knocking Sony's PlayStation Network offline. Meanwhile, investigators continue to suspect North Korea may have launched the recent, "unprecedented" hack of Sony Pictures Entertainment.
European police have announced the arrests of 15 alleged users of remote-access Trojans, which can be employed by attackers to spy on webcams, launch DDoS attacks, steal financial details and launch extortion campaigns.
Automated attacks have potentially compromised the majority of websites that run the Drupal content management system, giving attackers platforms for launching malware, DDoS attacks and spam, according to the Drupal security team.
As researchers scramble to learn more about Shellshock and the risks it poses to operating systems, servers and devices, Michael Smith of Akamai explains why not all patches are actually fixing the problem.