New cyber security attacks and DDoS threats are lurking in the shadows everyday. Read the latest information and stay head of these vulnerabilities with updated DDoS reports and cyber security threat reports from Radware's Emergency Response Team (ERT).
To receive an email notification when ERT threat alerts are posted, click here.
On May 19, 2020, academics from the Tel Aviv University and The Interdisciplinary Center in Israel discovered a vulnerability in the implementation of DNS recursive resolvers that can be abused to launch disruptive DDoS attacks against any victim.
On May 21, 2020, a new hacktivist group going by the name ‘Hackers of Savior’ launched a defacing campaign targeting thousands of Israeli websites.
Over the last several months, Radware researchers have been monitoring the evolution of the Mirai XTC campaign and the development of the Hoaxcalls Botnet. Hoaxcalls is an IoT variant based off source code from the Tsunami and Gafgyt Botnets. The Hoaxcalls Botnet was first disclosed by Unit 42, Palo Alto Network’s Research Division, on April 3, 2020 and has been seen propagating via CVE-2020-8515 and CVE-2020-5722.
To control the spread of the coronavirus (COVID-19), many organizations are requesting employees to work remotely. Doing so means leveraging enterprise virtual private networks (VPNs) and remote desktop solutions to connect to services.
With over 7.8 million tickets for sale, the 2020 Summer Olympics in Tokyo, Japan will bring even larger crowds than the 2016 Summer Olympics in Rio De Janeiro, Brazil.
Radware’s threat research has surveyed the cybersecurity landscape related to Jenkins Security Advisory 1641, also known as CVE-2020-2100, and confirm that over 12,000 exposed Jenkins’ servers can easily be abused by an attacker to launch distributed reflective denial-of-service (DrDoS) attacks with an average amplification factor of 3.00.
Throughout 2019, Radware’s Threat Research Center (TRC) and Emergency
Response Team (ERT) have been monitoring and defending against an increasing
number of TCP reflection attacks.