tagged w/ DDOS
-
-
Apparently the outage is being caused by a massive DDoS attack. Yay hackers.
Article:
Twitter has been down for about 40 minutes now (since about 6 am California time), and counting. No word on their status blog about the outage at all (Update: they now say “Site is down - We are determining the cause and will provide an update shortly.”). Update 2: It’s a denial of service attack. Twitter’s status update says: “We are defending against a denial-of-service attack, and will update status again shortly.”
Since most of you spend your entire work day screwing around on Twitter (luckily I actually get paid to do this), you may be left wondering what to do now. No worries, we have a list. Meanwhile, I can’t Tweet (TM) that it’s raining here in Palo Alto, or go on a 140 character rage over PG&E shutting off my electricity for no reason at all yesterday, forcing me to come into the office at 4 am this morning.
Twitter declared their scaling problems over in early 2007, well before the serious problems even started. And as much as the Great Twitter Outages of 2007 and 2008 frustrated early adopters (there were so many outages that we just started reporting uptime instead), these outages are much more serious. 45 million people worldwide now rely on Twitter as a communication platform. If they want to be the “Pulse of the Planet,” it’s time to scale.
Of course, even the largest sites still have occasional outages. Yahoo suffered 15 minutes of systemwide downtime yesterday, we’re still trying to get their comment on why that happened.Apparently the outage is being caused by a massive DDoS attack. Yay hackers.... more
-
-
The US Government must get its priorities right. Too often “cybersecurity” is confused with “anti-piracy.” The average Joe or Jane downloading copyrighted content from Youtube is not a cybersecurity issue, whereas organized gangs systematically collecting and exploiting personal data is a cybersecurity issue. One might question if the US government is devoting the proper time and attention to the cybersecurity issues that are truly most in need of national attention.The US Government must get its priorities right. Too often “cybersecurity”... more
-
-
The US Defense Information Systems Agency announced that it is going to released a Request For Information this month. Anyone responding to DISA’s RFI would do well to study the methodology that Barrett Lyon describes using the open source SQUID proxy and caching server. The technique spelled out by Barrett involves putting a bank of high end servers running SQUID in front of the potential targets.The US Defense Information Systems Agency announced that it is going to released a... more
-
-
By Mike Spinney, CIPP, Privacy Analyst, Ponemon Institute - Here’s a brazen bit of breachery from the Miami Herald: It’s a neat little proposition: for a flat monthly fee, a data broker (of sorts) acquires medical records from a hospital employee and passes them through to a personal injury lawyer for a fee plus a percentage of his lawsuit earnings...By Mike Spinney, CIPP, Privacy Analyst, Ponemon Institute - Here’s a brazen bit... more
-
-
Review the state of play of cyber security for the government and the private sector, including recommendations on how to create a more productive public-private partnership. Cyber security policies are rapidly expanding, indicating the critical threat faced by any organization using Internet-based technologies. In 2008, the Bush Administration launched the most comprehensive cyber security policy review in the federal government’s history. Soon after taking office, President Obama tasked the National Security Council to review our nation’s cyber security policy. In April, the first major bill calling for broad federal regulations and unprecedented power over private sector cyber systems was introduced in the Senate.Review the state of play of cyber security for the government and the private sector,... more
-
-
Why cyber defense? How is this different than “security”? The difference is in motivation, purpose, and risks. Announcing the birth of Cyber Defense Weekly, a newsletter created to give participants in this new category a comprehensive summary of the week’s news, product announcements, and escalations in cyber threats.Why cyber defense? How is this different than “security”? The difference... more
-
-
Report: Naked video of ESPN reporter used to spread virus; Cyber expert shortage may hinder government in protecting Web sites, internal systems; Adobe promises patch for seven-month old Flash flaw; Report: federal documents detail iPods overheating, catching fire; Vietnam security firm in trouble after tracking hackers; Adobe investigating zero-day bug in Flash; Blackberry maker questions Etisalat software upgrade; Open-source firmware vulnerability exposes wireless routers; Clever attack exploits fully-patched Linux kernel; Trust but verify: Security risks abound in the IT supply chain…Report: Naked video of ESPN reporter used to spread virus; Cyber expert shortage may... more
-
-
Bruce Schneier points out the attacks against US Federal sites that succeeded in shutting them down or the malware spread by USB thumb drive that infected the US Military Central Command, demonstrate a lack of common sense anti-virus and patch management. But that is a very big deal Bruce…Bruce Schneier points out the attacks against US Federal sites that succeeded in... more
-
-
Twitter suspends accounts of users with infected computers; South Korea blocks sites to help end cyber attacks; Kansas audit raises computer security questions; Apple still mute to iPhone complaints; U.S. State Dept. workers beg Clinton for Firefox; Snooping through the power socket; New York official: Tagged site stole identities; Firefox 3.5 vulnerability rated ‘highly critical; Probe into cyberattacks stretches around the globe; BlackBerry update bursting with spyware; French workers threaten to blow up Nortel factory; FBI charges satellite descramblers…Twitter suspends accounts of users with infected computers; South Korea blocks sites... more
-
-
The U.K. was the likely source of a series of attacks last week that took down popular Web sites in the U.S. and South Korea, according to an analysis performed by a Vietnamese computer security analyst.
The results contradict assertions made by some in the U.S. and South Korean governments that North Korea was behind the attack. Security analysts had been skeptical of the claims, which were reportedly made in off-the-record briefings and for which proof was never delivered....
From PC WorldThe U.K. was the likely source of a series of attacks last week that took down popular... more
-
-
pcs007
-
added this
-
2 years ago
- |
-
The guys from the Pirate Bay have a a 30million SEK (about £2.5million) fine which they say they won't pay. However they have come up with a plan where all their users can join in which works like this.
Everyone sends a small amount of money in an electronic transfer to the law firm that represnted the music industry. Suggested amount is 1 SEK (equivalent to 0.13 USD. Apparently the law firm's bank account is only allowed 1000 electronic transactions before it starts to cost them, the account holder money.
The charge per transfer at this point is, wait for it... 2 SEK. Thus after the first 1000 SEK, if people send just 1 SEK it will cost the law firm more than the money they receive to process.The guys from the Pirate Bay have a a 30million SEK (about £2.5million) fine... more
-
-
Weeks before bombs started falling on Georgia, a security researcher in suburban Massachusetts was watching an attack against the country in cyberspace.
Jose Nazario of Arbor Networks in Lexington noticed a stream of data directed at Georgian government sites containing the message: “win+love+in+Rusia.”
Other Internet experts in the United States said the attacks against Georgia’s Internet infrastructure began as early as July 20, with coordinated barrages of millions of requests — known as distributed denial of service, or D.D.O.S., attacks — that overloaded and effectively shut down Georgian servers.
Researchers at Shadowserver, a volunteer group that tracks malicious network activity, reported that the Web site of the Georgian president, Mikheil Saakashvili, had been rendered inoperable for 24 hours by multiple D.D.O.S. attacks. They said the command and control server that directed the attack was based in the United States and had come online several weeks before it began the assault.
As it turns out, the July attack may have been a dress rehearsal for an all-out cyberwar once the shooting started between Georgia and Russia. According to Internet technical experts, it was the first time a known cyberattack had coincided with a shooting war.
...
The phrase “a wilderness of mirrors” usually describes the murky world surrounding opposing intelligence agencies. It also neatly summarizes the array of conflicting facts and accusations encompassing the cyberwar now taking place in tandem with the Russian fighting in Georgia.
In addition to D.D.O.S. attacks that crippled Georgia’s limited Internet infrastructure, researchers said there was evidence of redirection of Internet traffic through Russian telecommunications firms beginning last weekend. The attacks continued on Tuesday, controlled by software programs that were located in hosting centers controlled by a Russian telecommunications firms. A Russian-language Web site, stopgeorgia.ru, also continued to operate and offer software for download used for D.D.O.S. attacks.
...
He noted that in the run-up to the start of the war over the weekend, computer researchers had watched as botnets were “staged” in preparation for the attack, and then activated shortly before Russian air strikes began on Saturday.
...Weeks before bombs started falling on Georgia, a security researcher in suburban... more
-
