New cyber security attacks and DDoS threats are lurking in the shadows everyday. Read the latest information and stay head of these vulnerabilities with updated DDoS reports and cyber security threat reports from Radware's Emergency Response Team (ERT).
To receive an email notification when ERT threat alerts are posted, click here.
The recent Israel Defense Forces ‘Operation Pillar of Cloud’ in the Gaza Strip, which was officially launched on 14 November, 2012, has raised strong protests from the Anonymous cyber group, which have in response launched #OpIsrael, a cyber-attack campaign whose main objectives are: Ensure communication channels availability in the Gaza Strip, and provide alternative communication methods in case of an Israeli communication blackout as part of the military operation, Take down Israeli and Israeli related Web sites, Deface Israeli sites and promote anti-Israeli agendas, and Stop the violence.
R.U.D.Y is a slow rate attack tool that (like Slowloris and SOCKSTRESS) is able to exploit design weakness, and with a surprisingly low rate flood can cause DoS. R.U.D.Y can potentially target any web server. It implements a new technique to attack websites known as a slow HTTP POST request.
The customer, a high-profile Government entity, was targeted by a DDoS attack in the context of a wider campaign against Government sites in this country. In the days preceding the attack, Anonymous published warnings and threats of attacks through their usual means of communication (Youtube, Twitter, Facebook). The site was protected by a DefensePro device, just installed and configured few days ago. ERT, which was invoked, logged in on the day of the attack to tune the device which successfully mitigated the attack and the website was available to users.
This attack report describes an attack campaign against a country (Israel) and how several sites in this country were attacked simultaneously over a full week. A Pro Palestinian hackers group, the “Nightmare group” and 0xomar, a Saudi hacker member of the Saudi Arabian Anonymous collective, have disclosed credit card information of thousands of Israeli citizens, later leading to retaliation action by Israeli hackers. Prior to the attack, the media reported that few Israeli websites, both in public and private sectors, were about to be attacked.
An event with the magnitude of the Summer Olympics is a likely target for many attack threats, including IT security attacks. Radware security researchers have found that the Olympic Games website is on the radar of hackers who published an HOIC booster script on pastebin. The time or size of these potential attacks is unknown.
A new group of hacktivists is on the rise with a planned DDoS attack on some of the world’s largest organizations including Apple, Bank of America, British Telecom and Bank of China. The new group, known as TheWikiBoat, is not related to Anonymous, although they might share the same ideas as Anonymous. The hackers’ team is calling for supporters from around the world to join the attack and to support their actions.
Cisco IOS XR Software contains vulnerability when handling crafted packets that may result in a denial of service condition. The vulnerability only exists on Cisco 9000 Series Aggregation Services Routers (ASR) Route Switch Processor (RSP-4G and RSP-8G), Route Switch Processor 440 (RSP440), and Cisco Carrier Routing System (CRS) Performance Route Processor (PRP).