FlagThis

Cloudflare mitigated a record-breaking 5.6 Tbps DDoS attack, the largest ever reported. The attack, based on the Mirai botnet, involved over 13,000 IoT devices and targeted an unnamed internet service provider customer. This highlights the growing threat of hyper-volumetric assaults and the need for robust DDoS mitigation strategies.

The Mirai botnet, known for exploiting vulnerabilities in IoT devices, continues to evolve and pose a significant threat to internet infrastructure. The attack underscores the importance of securing IoT devices and implementing comprehensive DDoS protection measures to safeguard against increasingly sophisticated and large-scale attacks.

Cloudflare mitigated a massive 5.6 Tbps DDoS attack, showcasing the increasing threat of hyper-volumetric assaults. This record-breaking attack was a Mirai-variant DDoS, which highlights the importance of robust security measures against evolving DDoS attack techniques. In addition, a vulnerability was discovered in Cloudflare’s CDN that could expose a person’s general location by sending an image on platforms like Signal and Discord. Cloudflare conducts media caching at the data center closest to its users. The location information is exposed due to the delivery of a unique image through Cloudflare’s CDN. This could reveal private information.

Multiple unauthenticated tunneling protocols expose over 4.2 million hosts, including VPNs and routers, to spoofing and DDoS attacks. These protocols lack authentication or encryption, making them vulnerable to hijacking for anonymous attacks and network access, as well as enabling new amplification DDoS attacks.

A new version of the Banshee macOS stealer has been identified by Check Point Research. This malware, linked to Russian-speaking cyber criminals, employs a string encryption algorithm identical to that used by Apple’s XProtect antivirus engine. The stealer, which operates as a ‘stealer-as-a-service’, targets macOS users, stealing browser and login credentials, cryptocurrency wallets, and other sensitive information. Its distribution methods include malicious GitHub repositories and phishing websites. This incident highlights the increasing sophistication of macOS malware and the use of legitimate security algorithms for malicious purposes.

A massive distributed denial-of-service (DDoS) attack campaign, launched by the threat actor known as Matrix, compromised over 35 million internet-connected devices globally. The majority of affected devices were located in China and Japan. This attack highlights the vulnerability of IoT devices and the potential for large-scale disruptions.