Tag: App Infrastructure Attacks
By looking at the table of supported IP protocols, we see that the bot creates raw packets of IGMP, ICMP and TCP protocols. Those packets are just being marked with those protocol numbers, however other fields and headers are not actually set. The packet is filled with “A” characters according to the size specified by…
Read MoreAuthor update: July 2016 — My lifelong fascination with cryptography inspired this story, which I had the pleasure of writing two years ago. That’s a long time in “Internet” years, yet the story is still as relevant today as it was then. The data I’ve continued to collect since 2014 indicates a strong preference for…
Read MoreThe encapsulated IP packet header uses the same parameters as the encapsulating IP header. The Transport Layer protocol for the encapsulated IP packet is UDP. Most public routers will pass along the GRE packet because it’s a widely used protocol for generating VPN connections. We speculate that GRE might be the protocol of choice due to…
Read MoreThe latest evolution of cyber weaponry is brought to you by the default passwords in Internet of Things (IoT) devices. That includes just about every conceivable modern electronic device—from home thermostats, lighting systems, refrigerators, cars, and water meters, to personal fitness devices, toasters, bicycle helmets, toys, and even shoes and clothing. Today, the number…
Read MoreAccording to the Defense Advanced Research Projects Agency (DARPA), it takes an average of 312 days for security pros to discover software vulnerabilities such as viruses, malware, and other attacks. In hacker time, that’s a virtual eternity in which bad actors can wreak havoc within infected systems and steal information, all without being noticed. DARPA…
Read MoreSo far, we’ve seen IoT Distributed Denial-of-Service (DDoS) attacks on a Death Star scale. Even if your organization wasn’t a direct target of these giant barrages, many others were caught up as collateral damage because they had services adjacent or dependent on the direct target. Because of this, many organizations are preparing or strengthening their…
Read MoreIn just four short years, a healthy dose of paranoia about individual privacy as well as emerging support for encryption by browsers, social media sites, webmail, and SaaS applications have pushed encryption estimates from almost non-existent (in the low single digits before 2013) to just over 50% by the end of 2016. That’s quite a…
Read MoreThe essence of this attack is van Beek’s Microsoft Exchange Autodiscover vulnerability. In a September 2016 interview with The Register, van Beek said, “I recently discovered that most, if not all, Microsoft Exchange clients (eg, Outlook, iPhone mail app, Android mail app, Blackberry Mail App) are more than happy to provide a user’s password in plain…
Read MoreBut that’s not the worst news coming out of this survey. No, not by any stretch of the imagination is that the bad news. Sit down and strap in, because it gets much worse. In spite of pushing vulnerable applications into production (and into the hands of consumers), a staggering 44% admitted they aren’t doing anything to…
Read MoreA DNS amplification attack floods the victim’s server with a tsunami of fake requests. DNS Hijacking Who owns what domain name and what DNS servers are designated to answer queries are managed by Domain Registrars8. These are commercial services, such as GoDaddy, eNom, and Network Solutions Inc., where there are registered accounts storing this information.…
Read More