Blog Posts Tagged with "DoS"
Thoughts on DoS Attack on US Electric Utility
June 04, 2019 Added by:Phil Neray
The recent DoS incident affecting power grid control systems in Utah, Wyoming and California was interesting for several reasons.
Comments (0)
Winter Is Coming: Forget the Firewall and Layer Up
October 25, 2016 Added by:Myk Konrad
With the holidays around the corner, bundling up on security is the best thing you can do to protect your revenue from the cold realities of cybercrime.
Comments (0)
SAP Security Notes April 2016 - DoS Vulnerabilities on the Rise
April 14, 2016 Added by:Alexander Polyakov
SAP's April security patches resolve 26 vulnerabilities in SAP products, including 19 SAP Security Patch Day Notes and 7 Support Package Notes.
Comments (0)
Running Apache? Beware of "Armageddon"...
March 19, 2012 Added by:Kevin McAleavey
"Apache Killer" exploits a vulnerability in the server by sending a specially crafted Range HTTP header to trigger a denial-of-service condition, and a single computer is capable of bringing Apache to its knees. A botnet full of these can result in "tango down"...
Comments (0)
ICS-CERT: Advantech BroadWin WebAccess Vulnerabilities
February 10, 2012 Added by:Headlines
ICS-CERT is aware of a public report about an RPC server vulnerability with proof-of-concept (PoC) exploit code affecting the Advantech BroadWin WebAccess software, a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product...
Comments (0)
ICS-CERT: Punzenberger COPA-DATA HMI Vulnerabilities
February 08, 2012 Added by:Headlines
Researcher Kuang-Chun Hung has identified multiple denial-of-service (DoS) vulnerabilities in the Ing. Punzenberger COPA-DATA GmbH zenon human-machine interface (HMI) system which may allow an attacker to execute a DoS attack and potentially execute arbitrary code...
Comments (0)
US-CERT Warns of Denial-of-Service Malware Campaign
January 26, 2012 Added by:Headlines
US-CERT has received reports of attacks using malware-laden email attachments. The advisory comes one week after multiple DDoS attacks were launched against entertainment industry and US government websites by Anonymous supporters in an operation dubbed OpMegaupload...
Comments (0)
ICS-CERT: General Electric D20ME PLC Vulnerability
January 20, 2012 Added by:Headlines
The GE D20ME PLC vulnerability is exploitable by utilizing TFTP connections to the controller. The report is based on information presented by Reid Wightman during Digital Bond’s SCADA Security Scientific Symposium without coordination with the vendor or ICS-CERT...
Comments (0)
Israeli and Muslim Hackers Bring Knives to Gun Fight
January 19, 2012 Added by:Infosec Island Admin
There was the dropping of the SCADA passwords recently, and that is more along the lines of doing something. As I wrote recently about cyberwar, the real aegis is to damage infrastructure, supply chain failure, and in the end invade or conduct military operations...
Comments (2)
ICS-CERT: Certec EDV GmbH App DoS Vulnerability
January 19, 2012 Added by:Headlines
Independent researcher Luigi Auriemma has identified a denial of service (DoS) vulnerability in Certec EDV GmbH atvise application. Certec has produced an update that resolves this vulnerability. Mr. Auriemma validated that the update resolves the vulnerability...
Comments (0)
Apache Killer DoS Vulnerability Patch Released
August 31, 2011 Added by:Headlines
The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the release of version 2.2.20 of the Apache HTTP Server with a fix for handling of byte-range requests and avoid a denial of service. We consider this release to be the best version of Apache available...
Comments (0)
Mitigating the Apache Range Header DoS Vulnerability
August 28, 2011 Added by:Mark Baldwin
A new Apache DoS vulnerability was reported by security researcher Kingcope on the Seclists.org Full Disclosure mailing list that affects most default installations of Apache 1.3/2.x. Fortunately, there are some configuration settings that can be adjusted to mitigate this vulnerability...
Comments (1)
Protecting Linux Against DoS/DDoS Attacks
June 27, 2011 Added by:Jamie Adams
When I first heard ridiculous-sounding terms like smurf attack, fraggle attack, Tribal Flood Network (TFN), Trinoo, TFN2K, and stacheldraht, I didn't take them too seriously for a couple of reasons — I worked mainly on non-Internet facing systems, and I was never a victim...
Comments (0)
Hacktivist Maintains Attack on Westboro Baptist Church
March 24, 2011 Added by:Headlines
The DoS attacks against WBC sites have now exceeded one month in duration. The Jester uses a DoS tool called XerXeS to perform an application level attack which can be performed by a single low-spec machine with relatively few packets, whereas traditional TCP-based attacks require multiple machines...
Comments (4)
DoS Surpasses SQL Injections as Primary Attack Method
March 16, 2011 Added by:Headlines
"Many of these organizations foolishly think that the network security gear that they have to handle the lower level DoSing floods will take care of this and it won't. The overall amount of traffic that you have to send to take down the Web server is a lot less, and it looks legitimate..."
Comments (0)
Assault on Westboro Baptist Church Website Continues
March 08, 2011 Added by:Headlines
The sustained DoS attack, which began on February 21st, represents a record for the Hactivist who is best known for repeated DoS attacks on militant Jihadi websites, as well as an attack on the WikiLeaks website in late November that forced the organization to shuffle Internet hosting providers...
Comments (1)
- Reddit Names Allison Miller as Chief Information Security Officer (CISO)
- SecurityWeek Names Ryan Naraine as Editor-at-Large
- Why Cyber Security Should Be at the Top of Your Christmas List
- United States Federal Government’s Shift to Identity-Centric Security
- How Extreme Weather Will Create Chaos on Infrastructure
- BSIMM11 Observes the Cutting Edge of Software Security Initiatives
- Sustaining Video Collaboration Through End-to-End Encryption
- Will Robo-Helpers Help Themselves to Your Data?
- Securing the Hybrid Workforce Begins with Three Crucial Steps
- A New Strategy for DDoS Protection: Log Analysis on Steroids