Most Updated News on How to Protect Against DoS Attacks!

1
Hackers may try to disrupt World IPv6 Day
2
Lockheed Martin Cyber Attack Highlights Cyber-Blame Snags
3
3 Reasons Why Security Appliances are Hot
4
Security industry says utility attacks imminent
5
Malaysia’s Top News Website Hit by DDoS Attack
6
Most IT departments ‘clueless’ over sensitive files
7
ESET Lists the Dominant E-Threats of 2010
8
Securing the cloud
9
2011 Likely to Have Far More Malevolent Threats, Security Experts Warn
10
Floating point DoS attack

Hackers may try to disrupt World IPv6 Day

Hundreds of popular websites — including Google, Facebook, Yahoo and Bing — are participating in a 24-hour trial of a new Internet standard called IPv6 on June 8, prompting worries that hackers will exploit weaknesses in this emerging technology to launch attacks.

Dubbed World IPv6 Day, the IPv6 trial runs from 8 p.m. EST on Tuesday until 7:59 p.m. EST on Wednesday.

Security experts are concerned that the 400-plus corporate, government and university websites that are participating in World IPv6 Day could be hit with distributed denial of service (DDoS) or other hacking attacks during the 24-hour trial.

“In the last five months, there has been a huge increase in DDoS attacks,” says Ron Meyran, director of product marketing and security at Radware, a network device company that is participating in World IPv6 Day. “IPv6 is going to be even easier for attackers … because IPv6 traffic will go through your deep packet inspection systems uninspected.”

Meyran says another concern is that IPv6 packet headers are four times larger than IPv4 headers. This means routers, firewalls and other network devices must process more data, which makes it easier to overwhelm them in a DDoS attack.

“With a DDoS attack, you need to reach 100% utilization of the networking and security devices to saturate the services,” Meyran says. The longer headers in IPv6 “must be processed completely to make routing decisions.”

“I wonder if there’s going to be any sort of DDoS type of things going on … or hackers probing servers that are dual-stack enabled [running IPv6 and IPv4 at the same time],” says Jean McManus, executive director of Verizon’s Corporate Technology Organization, which is participating in World IPv6 Day. “Content providers need to be careful and watch to make sure that everything is appropriately locked down.”

Many security threats related to IPv6 stem from the fact that the technology is new, so it hasn’t been as well-tested or de-bugged as IPv4. Also, fewer network managers have experience with IPv6 so they aren’t as familiar with writing IPv6-related rules for their firewalls or other security devices.

“We know from security breaches that the security rules that allow you to see the network and applications better … is where there is a lack of training and expertise with IPv6,” Meyran

World IPv6 Day participants say the event was advertized to everybody in the Internet engineering community, including hackers, and they are beefing up the security measures on their sites accordingly.

“This is a well-publicized event,” says John Brzozowski, distinguished engineer and chief architect for IPv6 at Comcast, which is participating in World IPv6 Day both as a provider of IPv6-based cable modem services and as an operator of seven IPv6-enabled websites. “Anything can happen. IPv6 is no different than any other new technology. The potential [for attacks] is there. Protecting the network is key to us.”

Lockheed Martin Cyber Attack Highlights Cyber-Blame Snags

WASHINGTON | Mon May 30, 2011 6:48pm EDT
(Reuters) – Past patterns may point to China, but top investigators say they will never know for sure who mounted a “significant” cyberattack against Lockheed Martin Corp, the Pentagon’s No. 1 arms supplier.
Lockheed, which is also the government’s top information technology provider, said on Sunday it was a “frequent target of adversaries around the world.”

The company has not disclosed which of its business units was targeted, but people with experience plugging holes after such strikes said that cyberspies likely sought trade secrets or weapons-related data.

The Bethesda, Maryland-based company did not respond to a request to clarify whom it deemed adversaries, and whether it suspected a foreign state in the digital assault it said it had detected “almost immediately” on May 21.

Lockheed said it had countered with stepped-up security measures and that no customer, program or employee personal data has been compromised in the “significant and tenacious attack” on its information systems network.

China has generally emerged as a prime suspect when it comes to keyboard-launched espionage against U.S. interests, although the Pentagon says more than 100 foreign intelligence groups have been trying to pierce U.S. networks.

“China’s government, the Chinese Communist Party, and Chinese individuals and organizations continue to hack into American computer systems and networks as well as those of foreign entities and governments,” the bipartisan U.S.-China Economic and Security Review Commission said in its 2010 annual report to Congress.

The body was created by the Congress in 2000 to advise it on implications of trade with China. It said in its report the methods used in suspected Chinese-launched attacks were growing more sophisticated and increasingly piggy-backing on social networking tools.

BEIJING DISMISSES CHARGES

Beijing, at odds with the United States over Taiwan and other issues, has “laced U.S. infrastructure with logic bombs,” a cyberweapon, former U.S. National Security Council official Richard Clarke wrote in his 2010 book “Cyber War.”

Beijing steadfastly dismisses such charges.

“I’d say it’s just irresponsible to arbitrarily link China to such cyber hacking activities in each and every turn,” Wang Baodong, the Chinese Embassy spokesman in Washington, said in an email to Reuters. “As a victim itself, China is firmly against hacking activities and strongly for international cooperation on this front”.

Pinning down responsibility for an attack like that reported by Lockheed is “incredibly difficult” given the sophisticated ways that an attacker may misdirect, said Anup Ghosh, a former senior scientist at the Pentagon’s Defense Advanced Research Projects Agency, or DARPA.

Encoded clues in the Stuxnet virus that may have slowed progress on Iran’s nuclear program, for instance, seemed designed to point to Israel.

But “it is impossible to know if these are red herrings or genuine,” said Ghosh, who worked on securing military networks for DARPA from 2002 to 2006 and who now runs Invincea, a software security company.

Eugene Spafford, who heads the CERIAS cybersecurity research facility at Purdue University in Indiana, said the digital residue of an attack would not suffice to lead to a person or place.

“Records may show a network address where those bits came from, and that network address may tie to a machine in a country, but that is only the address of the most recent ‘hop’,” he said in an email interview.

“It is always possible that it is a system that itself was compromised, by another system that was compromised,” and so on and so on, Spafford said. In addition, one could never rule out the possibility that a given cyberstrike might be launched by someone in the pay of yet a third party, no matter where it originated.

Spafford, whose CERIAS lab has partnered with a dozen major companies and national laboratories, including defense contractors and Fortune 500 companies, said the bottom line is that “we likely never really will know who did it.”

Investigators first look for hard evidence — searching for stolen data that may be traveling across the Internet or seeking out people looking to sell information culled in a cyber attack. They typically rely heavily on circumstantial evidence, including whether the attack details match known methods from a suspect and if the targets are consistent with a group’s perceived interest.

It is also possible that the U.S. intelligence community, using its vast electronic eavesdropping and other spying capabilities, may make a judgment about the origin independent of forensic analysis, but that too would be subject to doubt.

3 Reasons Why Security Appliances are Hot

For many SMBs, security appliances are the best solution to their security needs as they are very affordable, offer excellent protection, and require little or no technical expertise to install or maintain. For those same reasons, valued-added resellers (VARs) find appliances to be a relatively easy sell.

 

Among the easiest appliances for VARs to sell are functional, manageable and upgradeable devices, notably unified threat management (UTM) appliances, which are available from many vendors such as Cisco, Fortinet, SonicWall and WatchGuard. The UTM concept is based on the assumption that a combination of security solutions bundled in the same appliance creates a better security umbrella for organizations, said Ariel Avitan, an analyst at Frost & Sullivan.

“Another main advantage of UTM solutions is their low cost in comparison to purchasing many different security solutions,” said Avitan. “These two advantages are driving the rapid adoption of UTM solutions by SMB customers.”

Typical UTM solutions include a firewall, intrusion prevention system/intrusion detection system (IPS/IDS), an AV (Antivirus), an AS (Anti-Spam) component and a virtual private network (VPN).

The shift in business to the Web has exposed small businesses to multiple security risks, which they often struggle to counteract due to limited IT and financial resources.

“The solution for many SMBs is a security appliance, because it is easy to manage, affordable and doesn’t require them to be security experts,” said John Keenan, VP of Distribution, Americas for SonicWALL, a security vendor. Keenan said three factors are driving appliance sales in the SMB market: the proliferation of broadband; intelligent controls on the boxes; and SMBs’ appetite for enhanced security.

 

Security appliances are very affordable

Products range in price from a hundred dollars to several thousand dollars.

A low-end offering such as the ZyWALL 2 Plus costs a little more than $100 but delivers quite a bit. It supports IPSec VPN, which makes it suitable for remote site to central server deployment and home to office or office to home deployments. Data encryption over the Internet ensures secure transmission between two sites, eliminating the need for expensive leased lines, and enabling global interconnectivity at a minimal expense.

The ZyWALL 2 Plus provides robust firewall protection, based on stateful packet inspection (SPI) and denial of service (DoS) technology. The ZyWALL 2 Plus provides the first line of defense against hackers, and other malicious threats.

If you choose to go up a notch, a Cisco ASA 5500 will set you back anywhere from $700 to $5000 dollars. A low-end Cisco ASA 5500 is an easy to deploy solution that integrates world class firewall, unified communications (voice/video) security, SSL and IPsec VPN, intrusion prevention (IPS), and content security services in a flexible, modular product family.

Designed as a key component of the Cisco Self-Defending Network, the ASA 5500 provides intelligent threat defense and secure communications services that stop attacks before they impact business continuity.

A high-end appliance can cost several thousand dollars. For example, the Blue Coat ProxyOne, a new device aimed at SMBs, starts at $8,999 for 100 users. The price includes the appliance, software licenses, automatic security updates and 24X7 support. The appliance can scale to support up to 2,000 users.

For your money, you get Web filtering, inline malware and anti-virus scanning, as well as on-box reporting (reports generated by the product; no add-ons needed) to enable safer use of Web 2.0 applications. A ProxyOne box delivers real-time Web defense, using the cloud-based Blue Coat WebPulse service. Additionally, Blue Coat security experts continually update the WebPulse defenses to protect against new threats.

 

Excellent protection

A security appliance, such as a UTM solution, provides comprehensive protection to customers as it has tightly integrated security features that work together on a single appliance, said Keenan. This class of appliance makes it easy for SMBs to manage their security because they only have to deal with one box and one source of support. Such an appliance solution is highly cost-effective as it offers a centralized console that enables monitoring of network security at remote locations.

Besides UTMs, the security appliance market includes standalone appliances (which deliver a single security application), blade appliances (a hybrid between UTMs and standalone devices) and software appliances.

All-in-one security appliances require little or no user technical expertise to install or maintain. This makes them appealing to SMBs and VARs. SMBs like these boxes because of their simplicity and practicality, while VARs like them because they are generally bullet proof in their reliability, and provide the proverbial foot-in-the-door to sell services.

“Some SMBs still need our expertise, whether it’s assessing their securing vulnerabilities, configuring the products, or providing remote monitoring through a managed service,” said Alvin Myers, president of United Systems, a VAR in Oklahoma City.

Security industry says utility attacks imminent

An attack on utilities and infrastructure “is imminent”, various security experts have told TechEye.

Sony, as we reported earlier, is struggling to prevent concerted attacks by a dedicated group of disgruntled hackers. But the threat doesn’t stop there.

Elsewhere, alarm bells rang as McAfee and the Centre for Strategic and International Studies (CSIS) launched a report called ‘In the Dark: Crucial Industries Confront Cyber-attacks’. It found that 40 percent of 200 IT security executives surveyed were worried that a major cyber-attack on critical infrastructures would occur within a year. The problem is, according to some, they are already happening.

Forty percent of the execs, from critical electricity infrastructure enterprises in 14 countries, also said the industry’s vulnerability had increased almost 30 percent. They believe that their companies are not ready for cyber-attacks. 90 to 95 percent of the people working on the smart grid were not concerned about security and only saw it as a last box they had to check.

One security professional, who wished to remain anonymous, said it’s another case of people “sticking their heads in the sand.”

Our source tells TechEye: “There’s already been attacks and threats to hospital infrastructure and financial institutions, while there’s been numerous security warnings of cyber attacks from China on utilities and infrastructure.

“Although it may be controversial to say, there’s no better way to attack a country then hit its power grids and overall infrastructure. That said, and as this report seems to show, no-one is really doing anything about it.

“They aren’t tightening their security around this, instead taking a head in the sand approach. If they don’t buck up their ideas soon, attacking countries will take advantage of this and I’m afraid I’ll take an “I told you so” approach.”

Another told us that he was surprised that this threat has taken so long to come to light.

“Of course, hackers are bright enough to move away from businesses and set their sites on the more important things such as utilities. After all, if they can take down a website, think what they can do to a power grid when they team up and put their clever minds together.

“Is there anything we can do?

“Sure, make sure utility companies keep up to date with their security, but that’s a lot easier said than done. After all, many are still burying their heads in the sand. Until a major threat occurs and hackers show their collective almighty strength, utility companies will continue to plod along as they already are.”

Other security experts are cautiously claiming that, as more DDoS attacks occur from people joining forces to bring down companies who have done something to annoy them, the threat could turn more sinister. A recent example is  Sony, which was seen the PSN totally brought to its knees.

The attack is thought to be a thoroughly annoyed group of people who are upset about how Sony has handled the legal case it made against George Hotz, who posted the PS3’s root keys to get the system running on an alternative OS. Anonymous denies it is involved.

It’s no surprise, Professor Les Hatton at Kingston University tells TechEye: “The Sony attack wasn’t anything new, it just came to light as the company is high profile. The more high profile the attack, the higher and more qualified the hacker.

“It happens all the time.

“Most of the time servers are being attacked, it’s something we’ve come to expect from the internet. There’s obviously various types of attack from DDoS to breaking down passwords of government and business machines and installing software on them.

“Government sites and power grids are also being attacked.

“There will be more serious threats in the future as there is lots of money to be made. This will involve espionage as well as more serious attacks on utilities.”

Meanwhile, Graham Cluley at Sophos agrees: “We have seen attacks like this in the past. On the internet groups have formed to launch DDoS attacks, which have been very detrimental to companies with just a web presence. This is something groups will continue to do.

“On the other hand hackers going after a company which doesn’t depend on the internet will usually go it alone because this type of attack is far more malicious and not for notoriety meaning they don’t want to get caught.

“As more people however see they can join the net and form bonds with members to attack companies, this will become more and more popular,” he added.

Malaysia’s Top News Website Hit by DDoS Attack

Malaysia’s top news website, Malaysiakini.com, was the victim of a distributed denial-of-service (DDoS) attack yesterday which rendered it unreachable.

It’s unclear who instrumented the attack or what was their intention, but it coincided with the start of elections in Sarawak, the largest Malaysian state located on the island of Borneo.

Malaysiakini provides news in English, Malay, Chinese and Tamil and has over 1.6 million monthly unique visitors. Since mid-2008, the website is the most popular online news source in the Asian country.

The attack was so powerful that both data centers housing the site’s servers were affected. JARING, one of Malaysia’s top ISPs that operates one of the centers also reported service disruptions across several regions at around the same time.

A cyber attack beginning at 11am today shut down Malaysiakiniservers simultaneously, making the website inaccessible to readers.

The Malaysiakini technical team has determined it to be a denial-of-service attack, where an attacker uses computers in different parts of the world to swarm Malaysiakini servers to the point that they are unable to cope with the massive traffic.

Both our servers, which are hosted at two data centres – TM Brickfields and Jaring – have been affected by the attack,” Malaysiakini’s official announcement reads.

The website has remained offline since the attacks, but new Malaysiakini content has been made available through other means, including Facebook and a blog hosted at wordpress.com.

The company plans to achieve some redundancy by cross-publishing on multiple platforms, including WordPress.com, Facebook, Blogger and others, which are better equipped to fend of powerful DDoS attacks.

Malaysiakini readers have been largely supportive, some even accusing the government of involvement and trying to censor the Sarawak elections.

There are various ways to mitigate DDoS attacks, but ultimately the only true protection is to have better bandwidth than what attackers have at their disposal.

Most IT departments ‘clueless’ over sensitive files

Sensitive files don’t appear to mean much to security pros, an Imperva survey suggests.

The majority of IT departments have little idea about how many sensitive files they have or where they are stored, research has revealed.

Two-fifths of respondents to an Imperva survey carried out at this year’s RSA Conference said they were completely clueless about the volume of sensitive files in their organisation.

Furthermore, almost two-thirds of the security professionals quizzed said they weren’t even aware of who had access to such files.

Nearly a third said their company had lost data due to employees abusing access rights, on purpose or by accident.

“With so many respondents unsure of how many sensitive files they have and how accessible they are, it indicates a general lack of control over sensitive data, which increases the likelihood of an insider breach,” said Amichai Shulman, chief technology officer (CTO) of Imperva.

“The first step to a solid data security plan is taking inventory of your sensitive files and knowing where they are and who has access to them at all times. Only with this complete picture will you be able to guard against insider threat by detecting when sensitive data is being added or removed, or when an employee is improperly accessing files.”

In more positive findings, 82 per cent of respondents said breaches such as WikiLeaks inspired them to reconsider security policies.

However, 57 per cent said they would not be investing more money into data security following the WikiLeaks saga

ESET Lists the Dominant E-Threats of 2010

According to its “End of 2010 Report’ that ESET the Slovakian security company released recently, the firm has detected Conficker, INF/Autorun and Win32/PSLOnlineGames as the three most prevalent malicious e-threats that respectively contributed a share of 8.45%, 6.76% and 3.59% to the total malware during 2010.

Moreover, ESET discloses that over 3 consecutive months, the malicious program Bflient.k has remained within the company’s Top Ten Threats List that ESET prepares every month.

Elaborate the security researchers that Bflient, which’s traded among cyber-criminals, is a toolkit with which botnets can be built and preserved. Moreover, the toolkit is customized for each client so that a distinction is maintained from customer to customer.

Notes the report that after a purchase takes place, the client is equipped with instructing his botnet for carrying out the typical operations viz. executing a DDoS (distributed denial-of-service) assault, contaminating other PCs, as well as downloading and planting suspicious programs whenever wished. Infosecurity-magazine.com reported this on February 1, 2011.

Furthermore, there’s a special risk from Facebook to users visiting the website in that they could contract malware as well as other assaults based on social engineering. Facebook, in its attempt at eliminating the symptom instead of the malaise, may keep on offering the privacy-infiltration factor which typically associates social media, since users want just that, in order that they (users) themselves have the onus of making sure that their databases aren’t given out in manners disagreeable to them. A few websites like Bebo have in fact switched to the “deny some things” option from “deny nothing” despite the fact that sharing the maximum of user database is basic so far as the website’s commercial model is concerned.

Additionally, aside the aforementioned issues, ESET in its report discusses the Wikileaks story as well which was dominant between July and December 2010. First, several attempts were made, though unsuccessful, for closing stable door via disabling Wikileaks servers first and subsequently with prominent online players’ coordinated corporate exertion for stopping funding and obstructing any more dissemination of the hacked database. Indeed, consequent of the Wikileaks episode, many DDoS and spam attacks took place worldwide.

Source: http://www.spamfighter.com/ESET-Lists-the-Dominant-E-Threats-of-2010-15768-News.htm

Securing the cloud

The future of the Internet could look like this: The bulk of the world’s computing is outsourced to “the cloud”─to massive data centers that house tens or even hundreds of thousands of computers. Rather than doing most of the heavy lifting themselves, our PCs, laptops, tablets and smart phones act like terminals, remotely accessing data centers through the Internet while conserving their processing juice for tasks like rendering HD video and generating concert-quality sound.

What needs to be figured out for this cloud-based future to emerge are three big things. One is how the computers within these data centers should talk to each other. Another is how the data centers should talk to each other within a super-secure cloud core. The third is how the cloud should talk to everyone else, including the big Internet service providers, the local ISPs and the end-of-the-line users (i.e. us).

This last channel, in particular, interests Michael Walfish, an assistant professor of computer science and one of the principal investigators of the NEBULA Project, which was awarded $7.5 million by the National Science Foundation to develop an architecture for making the Internet more cloud-friendly. If we’re going to be trusting so much of our computing lives to the cloud, he believes, we need to develop a more secure model for how information travels.

“A sender should be able to determine the path that information packets should take,” says Walfish. “A receiver should not have to accept traffic that she does not want. An intermediate provider should be able to know where the packet’s been and should be able to exercise its policies about the downstream provider that’s going to handle the flow next.”

Walfish’s system for providing such capacities, which he’s developing with colleagues at Stanford, the Stevens Institute of Technology, and University of California-Berkeley, is called ICING. It’s a set of protocols that allow every packet of information not only to plot out a path from beginning to end, choosing every provider along the way, but also to establish a chain of provenance as it goes that proves, to both the intermediaries and the final recipients, that it came from where it said it was coming from.

“What we do is take a packet, a unit of data, and we add some fields to the head of the packet,” says Walfish, who in 2009 won an Air Force Young Investigator Award for work related to ICING.

“These fields contain enough cryptographic information to be able to communicate to every realm along the way, and back to the sender, where the packet’s been. So when a packet shows up, I know where it’s been. I know whether it obeys the policies of everyone along the path. That property does not exist today.”

The advantages of such knowledge, says Walfish, should be considerable. Senders, for instance, could contract with intermediate providers for a kind of expressway through the Internet. Recipients would have an easier time sorting their incoming traffic into different levels of priority depending on the routes the packets took.

Michael Walfish, assistant professor of computer science, is working to secure the future of cloud computing.

Perhaps the greatest advantage of adopting a system like ICING, says Walfish, would come in the area of security. Targets of various kinds of Internet attacks, like denial-of-service attacks, would be able to sever traffic from their attackers faster and with much greater precision. Governments would be able to set up channels of communication that pass through only well-vetted and highly-trusted service providers. Internet security companies could, from anywhere in the world, inspect your traffic for viruses.

“Right now,” says Walfish, “there are ways to deal with attackers, but they’re crude, and they’re reactive. Once the traffic enters the victim’s network link, you’re hosed. All you can do is shut it all down. It would be like if you had a huge line of people coming into your office, not letting you get work done. You could kick them all out, but you still wouldn’t get any work done because you’d spend all your time kicking them out. What you really need is for them to not show up in the first place.”

ICING, says Walfish, would also prevent “IP hijacking,” a kind of attack in which a network provider redirects net traffic by falsely “advertising” to hold a given IP address or by claiming to offer a more direct route to that address. Such IP hijackings can be globally disruptive. In 2008, for instance, the Pakistani government sought to block videos containing the controversial Danish cartoons that depicted Mohammed. The result was a global shutdown of Youtube for more than an hour. Last year, it’s believed, China Telecom was able to capture 15% of the world’s Internet traffic, for 18 minutes, by falsely claiming to be the source of more than 30,000 IP addresses.

“There are multiple reasons why this wouldn’t happen in ICING,” says Walfish. “First, in ICING, the contents of the advertisement and the name of the advertised destination are tightly bound; lie about one, and the other looks invalid. Second, because packets must respect policy, a packet taking an aberrant path will be detected as such.”

ICING, and its parent project NEBULA, are one of four multi-institutional projects being funded by the National Science Foundation’s Future Internet Architecture (FIA) program. The point of the FIA program, and of the efforts of Walfish and his colleagues, is to step back from the day-to-day challenges of managing the flow of information on the ‘net, and think more fundamentally about what kind of architecture the Internet should have going forward.

“Where ICING was born, I think,” says Walfish,  “was in the realization my teammates and I had that while there was a consensus about what kinds of things needed to change, and there were  a lot of proposals to make those changes, all the proposals seemed to be mutually exclusive. They all required the same space in packets. It would be like if your bike was out-of-date and someone said, oh, you can get this really cool feature if you just replace your front wheel with this wheel, and then someone else came along said, oh, you can get this other really cool feature, but you have to replace your front wheel with this wheel. Well, you can only have one front wheel. So what we set out to do was to design a much more general-purpose mechanism where you could get all these properties without their conflicting with each other, and that’s what I think we’ve done.”

Source: http://web5.cns.utexas.edu/news/2011/01/securing-the-cloud/

2011 Likely to Have Far More Malevolent Threats, Security Experts Warn

According to a warning by IT security experts, 2011 could be more challenging with respect to malware threats compared to the current year (2010). The Hindu Business Line published this on December 27, 2010. Also, according to the experts, they anticipate a huge change within the threat scenario as fresh types of organizers emerge having increasingly effective objectives for their Internet assaults.

Additionally, they state that during 2011, viruses will appear more-and-more similar to those we see in science fiction films. Together with this, the realm of cyber-crime will consolidate just like corporations merge. Viruses won’t simply attack individuals, but target corporations and installations more-and-more. There will be no sparing of anti-virus agencies too.

According to Vice-President Shantanu Ghosh for Symantec’s India operations, in 2011, there will be increasing attacks against industrial organizations and crucial infrastructures and while there’ll be responses from ISPs, the governments will take counter actions only slowly. The Economic Times published this on December 28, 2010.

Furthermore, mid-sized businesses will be targeted with cyber-spying. Both critical infrastructures and highly reputed brands will keep on getting attacked with more-and-more localized and targeted assaults. Besides, most assaults will take place through Web-browsers, while Distributed Denial-of-Service (DDoS) attacks will continue to inflict the Internet in a massive way.

According to The Hindu Business Line dated December 27, 2010, security specialists think there’ll be a completely fresh group of more dangerous authors of malicious software as well as malware attacks that will seek private data and monetary gains. Also, Spyware 2.0 will emerge which is a fresh breed of malicious program for capturing users’ private information.

Additionally, there will be more of cyber-criminals’ attacks against users in big companies, while direct assaults against daily end-users will slowly decline.

Hence it’s vital for comprehending that for executing an online assault, the technique utilized won’t rely on the entity organizing it alternatively the objective(s) it has rather it’ll be reliant on the services of the Internet, the technical abilities of modern operating systems, and of course the gadgets the general public utilize during work as well as during their day to day living.

SPAMfighter News – 05-01-2011

Source: http://www.spamfighter.com/News-15601-2011-Likely-to-Have-Far-More-Malevolent-Threats-Security-Experts-Warn.htm

Floating point DoS attack

A bug in the way the PHP scripting language converts certain numbers may cause it to tie up all system resources. For example, on 32-bit systems, converting the string “2.2250738585072011e-308″ into a floating point number using the function zend_strtod results in an infinite loop and consequent full utilisation of CPU resources.

PHP 5.2 and 5.3 are affected, but apparently only on Intel CPUs which use x87 instructions to process floating point numbers. The x87 design has long been known to contains a bug which triggers just this problemPDF when computing approximations to 64-bit floating point numbers. By default, 64-bit systems instead use the SSE instruction set extension, under which the error does not occur. Processing the numbers 0.22250738585072011e-307, 22.250738585072011e-309 and 22250738585072011e-324 also triggers an infinite loop.

It may also be possible to remotely disable some server systems merely by sending this value as a parameter in a GET request. The PHP development team has fixed this in the forthcoming version 5.3.5. A patch for version 5.2.16 is available from the repository.

Source: http://www.h-online.com/security/news/item/Floating-point-DoS-attack-1163838.html

Copyright © 2014. DoS Protection UK. All Rights Reserved. Website Developed by: 6folds Marketing Inc. | Demo Test