What ISPs Need To Know About CLDAP DDoS Attack Vectors

| May 11, 2017

article image
In October of 2016, around the time of the Internet shattering DDoS attack against DNS provider, DYN, Corero disclosed a significant zero-day DDoS attack vector. The newly discovered attack utilized an amplification technique, which takes advantage of the Connectionless Lightweight Directory Access Protocol (CLDAP): LDAP is one of the most widely used protocols for accessing username and password information in databases like Active Directory.

Spotlight

Retain International

Retain International is a leader in resource planning software for businesses of all sizes. Improving efficiency with cost-effective and flexible solutions to allow firms to effectively manage their resources. With a complete overview of current clients, projects and staff, organisations can ensure they are operating at optimum efficiency and improve profitability. Retain International works with customers in over 65 countries, and has experience in providing solutions to the consultancy, accounting, banking and legal sectors, including PwC, BDO, Shell, Zurich Insurance and Cap Gemini.

OTHER ARTICLES

Wormable, Unpatched Microsoft Bug Threatens Corporate LANs

Article | March 11, 2020

Microsoft is warning on a wormable, unpatched remote code-execution vulnerability in the Microsoft Server Message Block protocol – the same protocol that was targeted by the infamous WannaCry ransomware in 2017.The critical bug (CVE-2020-0796) affects Windows 10 and Windows Server 2019, and was not included in Microsoft’s Patch Tuesday release this week. The bug can be found in version 3.1.1 of Microsoft’s SMB file-sharing system. SMB allows multiple clients to access shared folders and can provide a rich playground for malware when it comes to lateral movement and client-to-client infection. This was played out in version 1 of SMB back in 2017, when the WannaCry ransomware used the NSA-developed EternalBlue SMB exploit to self-propagate rapidly around the world.

Read More

How much do behavioural biometrics improve cyber security?

Article | February 19, 2020

Experts often consider biometrics security the next big thing in cyber security. It encompasses a broad category that includes verifying a person's fingerprint, iris, gait and other factors that should be unique to the person checked. However, various tests proved that some biometric-based security has substantial room for improvement For example, researchers have hacked into smartphones that have fingerprint scanners by pressing the print of the rightful owner into a piece of Play-Doh and holding that impression against the reader. What those results indicate is that people should not assume that biometrics options are a foolproof choice for cyber security needs.

Read More

Coronavirus and the Cybersecurity Threat Landscape

Article | March 4, 2020

Cybersecurity professionals are always interested in understanding how evolving events shape the threat landscape. Events such as WannaCry and NotPetya may have temporarily crippled technology environments that were running with third-rate security*, but the repercussions from the coronavirus will hit every organization, no matter how resilient they thought they were. No single event to date has changed the tech threat landscape more than the consequences and impacts developing around the Coronavirus (aka SARS-CoV-2 and the disease CoViD-19). Then there are the business consequences, such as the sudden changes in consumer patterns and steep loss of income. The coronavirus is unmistakably a black swan event. It falls outside of the outliers. It creates a situation that many security professionals are familiar with: The Medusa Effect.

Read More

EMAIL SECURITY CONCEPTS THAT NEED TO BE IN YOUR EMAIL INFOSEC POLICY

Article | June 16, 2021

Compliance requirements have become more complex because of the continual evolution of security threats and vulnerabilities. Many organizations fail to create an extensive security program to cover their challenges. Emails are one of the most susceptible channels for cyber-criminals to operate. This is why every organization must pay keen attention to email security policies in cybersecurity. Because emails are prone to cyberattacks, enterprises and individuals must take critical measures to secure their email accounts against unauthorized access. Malicious actors use phishing to trick recipients into sharing sensitive information, either by impersonating trusted contacts or legitimate business owners. Email is still one of the most vulnerable avenues for hackers and cyber crooks. Here are the critical email security concepts that need inclusion into your information security policy.

Read More

Spotlight

Retain International

Retain International is a leader in resource planning software for businesses of all sizes. Improving efficiency with cost-effective and flexible solutions to allow firms to effectively manage their resources. With a complete overview of current clients, projects and staff, organisations can ensure they are operating at optimum efficiency and improve profitability. Retain International works with customers in over 65 countries, and has experience in providing solutions to the consultancy, accounting, banking and legal sectors, including PwC, BDO, Shell, Zurich Insurance and Cap Gemini.

Events