Página 1 de 3 123 ÚltimoÚltimo
Resultados 1 a 10 de 27
  1. #1
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010
    Posts
    18,556

    [EN] Dyn warns of new attack after earlier DDoS

    Many prominent websites including Amazon, Twitter, Spotify and CNBC.com were shut down for two hours Friday morning

    Berkeley Lovelace Jr.
    Oct 21, 2016



    Internet traffic company Dyn on Friday warned of another cyber attack after earlier in the day websites and services across the East Coast were shut down.

    "We have begun monitoring and mitigating a DDoS attack against our Dyn Managed (Domain Name System) infrastructure. Our Engineers are continuing to work on mitigating this issue," Dyn said on its website at 11:52 a.m.

    A Distributed Denial of Service (DDoS) attack is when a web service is intentionally overwhelmed by traffic from many sources. It is a common method for digital assaults.

    Dyn said the attack may also impact "Dyn Managed DNS advanced services with possible delays in monitoring."

    The Department of Homeland Security told CNBC that it is "looking into all potential causes" of the attack.

    The White House said U.S. authorities are monitoring reports of attack on the internet services company and whether it is a "criminal act," according to Reuters.

    Many prominent websites including Amazon, Twitter, Spotify and CNBC.com were shut down for two hours Friday morning by an earlier denial of service attack. Amazon reported later that it was once again having service issues.

    Dyn said the earlier attack started at 7:10 a.m. It affected Dyn's Managed DNS infrastructure, which is the system that directs users to the correct webpage.

    http://www.cnbc.com/2016/10/21/major...os-attack.html

  2. #2
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010
    Posts
    18,556

    Attacks on web provider disrupt sites on U.S. East Coast

    By Jim Finkle and Dustin Volz
    Fri Oct 21, 2016 | 1:07pm EDT


    Cyber attacks targeting the internet infrastructure provider Dyn disrupted service on major sites such as Twitter and Spotify on Friday, mainly affecting users on the U.S. East Coast.

    It was not immediately clear who was responsible and Gillian Christensen of the U.S. Department of Homeland Security said the agency was "investigating all potential causes."

    Dyn said it had resolved one attack, which disrupted operations for about two hours, but disclosed a second attack a few hours later that was causing further disruptions.

    In addition to the social network Twitter and music-streamer Spotify, the discussion site Reddit, hospitality booking service Airbnb and The Verge news site were among the companies whose services were reported to be down.

    Amazon.com Inc's web services division, one of the world's biggest cloud computing companies, also disclosed an outage that lasted several hours on Friday morning. Amazon could not immediately be reached for comment.

    The attacks were the latest in an increasingly menacing string of distributed denial of service, or DDoS, attacks disrupting internet sites by overwhelming servers with web traffic.

    The U.S. Department of Homeland Security warned on Oct. 14 that hackers were using a powerful new approach to launch these campaigns - infecting routers, printers, smart TVs and other connected devices with malware that turns them into "bot" armies that can launch DDoS attacks.

    "We have begun monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure," the company said on its website. "Our engineers are continuing to work on mitigating this issue."

    Doug Madory, director of internet analysis at Dyn, told Reuters he was not sure if the outages at Dyn and Amazon were connected.

    “We provide service to Amazon but theirs is a complex network so it is hard to be definitive about causality at the moment,” he said.

    Dyn is a Manchester, New Hampshire-based provider of services for managing domain name servers (DNS), which act as switchboards connecting internet traffic. Requests to access sites are transmitted through DNS servers that direct them to computers that host websites.

    Dyn's customers include some of the world's biggest corporations and Internet firms, such as Pfizer, Visa, Netflix and Twitter, SoundCloud and BT.

    (Reporting By Jim Finkle in Boston and Dustin Volz in Washington; Additional reporting by Eric Auchard in Frankurt and Malathi Nayak in New York, Jeff Mason in Washington; Editing by Bill Trott)

    http://www.reuters.com/article/us-us...-idUSKCN12L1ME

  3. #3
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010
    Posts
    18,556

    DYN confirms DDOS against its DNS customers which is mainly impacting US East Coast

    DDoS Attack Against Dyn Managed DNS

    Incident Report for Dyn, Inc.
    Subscribe to Updates

    Update
    This DDoS attack may also be impacting Dyn Managed DNS advanced services with possible delays in monitoring. Our Engineers are continuing to work on mitigating this issue.
    Posted 24 minutes ago. Oct 21, 2016 - 16:48 UTC


    Investigating
    As of 15:52 UTC, we have begun monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Our Engineers are continuing to work on mitigating this issue.
    Posted about 1 hour ago. Oct 21, 2016 - 16:06 UTC


    Monitoring
    Services have been restored to normal as of 13:20 UTC.
    Posted about 4 hours ago. Oct 21, 2016 - 13:36 UTC


    Update
    This attack is mainly impacting US East and is impacting Managed DNS customers in this region. Our Engineers are continuing to work on mitigating this issue.
    Posted about 4 hours ago. Oct 21, 2016 - 12:45 UTC


    Investigating
    Starting at 11:10 UTC on October 21st-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available.
    Customers with questions or concerns are encouraged to reach out to our Technical Support Team.
    Posted about 6 hours ago. Oct 21, 2016 - 11:10 UTC

    https://www.dynstatus.com/incidents

  4. #4
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010
    Posts
    18,556

    Massive Dyn DNS outage

    Sites down:

    - DYN

    - Twitter

    - Etsy

    - Github

    - soundcloud

    - spotify

    - heroku

    - pagerduty

    - shopify

    - intercom (app, not landing page)

    PornHub has better DNS redundancy than Github and Twitter.
    A sudden outage of popular sites and services, including Twitter, SoundCloud, Spotify, and Shopify, for many users, is causing uproar online. It's because of a DDoS attack against the popular Domain Name System (DNS) service provider Dyn, according to a post on Ycombinator.

    DNS act as the authoritative reference for mapping domain names to IP addresses. In other words, DNS is simply an Internet's phone book that resolves human-readable web addresses, like thehackernews.com, against IP addresses.

    Dyn DNS is used by many websites and services as their upstream DNS provider, including Twitter, Spotify, SaneBox, Reddit, Box, Github, Zoho CRM, PayPal, Airbnb, Freshbooks, Wired.com, Pinterest, Heroku and Vox Media properties.

    All of these sites and services are reportedly experiencing outages and downtime, either completely or partially.

    Here's an internet outage map from Level3:



    http://thehackernews.com/2016/10/dyn-dns-ddos.html

    https://news.ycombinator.com/item?id=12759520

  5. #5
    Louco pelo WHT Brasil
    Data de Ingresso
    Feb 2014
    Posts
    170
    DDoS on Dyn Impacts Twitter, Spotify, Reddit

    Criminals this morning massively attacked Dyn, a company that provides core Internet services for Twitter, SoundCloud, Spotify, Reddit and a host of other sites, causing outages and slowness for many of Dyn’s customers.

    “DNS traffic resolved from east coast name server locations are experiencing a service interruption during this time. Updates will be posted as information becomes available,” the company wrote.

    DYN encouraged customers with concerns to check the company’s status page for updates and to reach out to its technical support team.

    A DDoS is when crooks use a large number of hacked or ill-configured systems to flood a target site with so much junk traffic that it can no longer serve legitimate visitors.

    DNS refers to Domain Name System services. DNS is an essential component of all Web sites, responsible for translating human-friendly Web site names like “example.com” into numeric, machine-readable Internet addresses. Anytime you send an e-mail or browse a Web site, your machine is sending a DNS look-up request to your Internet service provider to help route the traffic.

    ANALYSIS

    The attack on DYN comes just hours after DYN researcher Doug Madory presented a talk on DDoS attacks in Dallas, Texas at a meeting of the North American Network Operators Group (NANOG). Madory’s talk — available here on Youtube.com — delved deeper into research that he and I teamed up on to produce the data behind the story DDoS Mitigation Firm Has History of Hijacks.

    That story (as well as one published earlier this week, Spreading the DDoS Disease and Selling the Cure) examined the sometimes blurry lines between certain DDoS mitigation firms and the cybercriminals apparently involved in launching some of the largest DDoS attacks the Internet has ever seen. Indeed, the record 620 Gbps DDoS against KrebsOnSecurity.com came just hours after I published the story on which Madory and I collaborated.

    The record-sized attack that hit my site last month was quickly superseded by a DDoS against OVH, a French hosting firm that reported being targeted by a DDoS that was roughly twice the size of the assault on KrebsOnSecurity. As I noted in The Democratization of Censorship — the first story published after bringing my site back up under the protection of Google’s Project Shield — DDoS mitigation firms simply did not count on the size of these attacks increasing so quickly overnight, and are now scrambling to secure far greater capacity to handle much larger attacks concurrently.

    The size of these DDoS attacks has increased so much lately thanks largely to the broad availability of tools for compromising and leveraging the collective firepower of so-called Internet of Things devices — poorly secured Internet-based security cameras, digital video recorders (DVRs) and Internet routers. Last month, a hacker by the name of Anna_Senpai released the source code for Mirai, a crime machine that enslaves IoT devices for use in large DDoS attacks. The 620 Gbps attack that hit my site last month was launched by a botnet built on Mirai, for example.

    Interestingly, someone is now targeting infrastructure providers with extortion attacks and invoking the name Anna_senpai. According to a discussion thread started Wednesday on Web Hosting Talk, criminals are now invoking the Mirai author’s nickname in a bid to extort Bitcoins from targeted hosting providers.

    “If you will not pay in time, DDoS attack will start, your web-services will
    go down permanently. After that, price to stop will be increased to 5 BTC
    with further increment of 5 BTC for every day of attack.

    NOTE, i?m not joking.

    My attack are extremely powerful now – now average 700-800Gbps, sometimes over 1 Tbps per second. It will pass any remote protections, no current protection systems can help.”

    Let me be clear: I have no data to indicate that the attack on Dyn is related to extortion, to Mirai or to any of the companies or individuals Madory referenced in his talk this week in Dallas. But Dyn is known for publishing detailed writeups on outages at other major Internet service providers. Here’s hoping the company does not deviate from that practice and soon publishes a postmortem on its own attack.

    Update, 3:50 p.m. ET: Security firm Flashpoint is now reporting that they have seen indications that a Mirai-based botnet is indeed involved in the attack on Dyn today. Separately, I have heard from a trusted source who’s been tracking this activity and saw chatter in the cybercrime underground yesterday discussing a plan to attack Dyn.

    Update, 10:22 a.m. ET: Dyn’s status page reports that all services are back to normal as of 13:20 UTC (9:20 a.m. ET). Fixed the link to Doug Madory’s talk on Youtube, to remove the URL shortener (which isn’t working because of this attack).

    Update, 1:01 p.m. ET: Looks like the attacks on Dyn have resumed and this event is ongoing. This, from the Dyn status page:

    This DDoS attack may also be impacting Dyn Managed DNS advanced services with possible delays in monitoring. Our Engineers are continuing to work on mitigating this issue.
    OCT 21, 16:48 UTC
    As of 15:52 UTC, we have begun monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Our Engineers are continuing to work on mitigating this issue.
    OCT 21, 16:06 UTC


    https://krebsonsecurity.com/2016/10/...potify-reddit/

  6. #6
    Louco pelo WHT Brasil
    Data de Ingresso
    Feb 2014
    Posts
    170
    Uma série de ataques DDoS está quebrando a internet hoje

    Talvez você esteja enfrentando problemas ao acessar determinados serviços desde a manhã desta sexta-feira (21). O motivo da instabilidade generalizada, que inclui sites como Twitter, Spotify e SoundCloud, é uma série de ataques de negação de serviço contra a Dyn, uma das principais empresas fornecedoras de serviços de DNS do mundo.

    Os ataques DDoS estão acontecendo desde, pelo menos, 9 horas da manhã no horário de Brasília. A Dyn informou em sua página que estava monitorando e combatendo um ataque contra os servidores do Dyn Managed DNS, o que impactava especialmente o acesso a servidores localizados na costa leste dos Estados Unidos.

    Como muitas empresas são clientes da Dyn (ou são clientes de clientes da Dyn), a lista de possíveis afetados pelo ataque de negação de serviço é gigantesca: o Gizmodo listou mais de 60 sites que enfrentaram ou continuam enfrentando instabilidades, incluindo PayPal, GitHub, Pinterest, Reddit, Netflix, Disqus e Box, além das páginas dos veículos CNN e New York Times.

    O problema parecia ter sido resolvido pela Dyn às 11h20, mas os ataques DDoS voltaram a acontecer por volta das 14h no horário de Brasília, novamente tendo o Dyn Managed DNS como alvo. Por isso, é bem provável que você tenha mais problemas ao acessar sites conhecidos durante o resto do dia. Até a última atualização desta notícia, a Dyn ainda tentava mitigar o ataque.

    Não se sabe exatamente qual é a motivação dos ataques à Dyn, mas o Krebs on Security diz que provedores de infraestrutura estão sofrendo tentativas de extorsão. O responsável pede 5 bitcoins (cerca de R$ 11 mil) para cessar os ataques; se o dinheiro não for pago, o “resgate” aumenta em 5 bitcoins por dia de ataque. O DDoS contra os serviços é bastante poderoso, com taxas ultrapassando 1 terabit por segundo (!).

    Um dos maiores ataques DDoS da história foi feito por meio de uma botnet com mais de 145 mil câmeras de segurança, que teria capacidade de até 1,5 terabit por segundo. Enquanto as fabricantes não derem a mínima atenção para a segurança de seus dispositivos conectados, esses ataques devem continuar acontecendo.

    https://tecnoblog.net/202610/ddos-dyn-ferrou-internet/

  7. #7
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010
    Posts
    18,556

    Hackers Take Down Sites From New York to Los Angeles

    Nate Lanxon, Jeremy Kahn, and Joshua Brustein
    October 21, 2016 — 3:41 PM EDT


    Millions of internet users temporarily lost access to some of the world’s most popular websites Friday, as hackers hammered servers along the U.S. East Coast with phony traffic until they crashed, then moved westward.

    In what is believed to be a coordinated attack on one particular Domain Name Server provider, the hack took down sites including Twitter, Spotify, Reddit, CNN, Etsy and The New York Times for long stretches of time, from New York to Los Angeles.

    Unlike data breaches, the latest so-called distributed denial-of-service (DDoS) attack didn’t steal anything. It just caused big headaches for everyone affected, especially Manchester, New Hampshire-based Dyn Inc.

    Dyn first reported site outages relating to the DDoS attack at around 7:10 a.m. New York time. The company restored service two hours later but was offline again at around noon, as another attack appeared to be underway, this time affecting the West Coast as well.

    ...

    “I would suspect there was a single company being attacked, and everybody else who was on the same service also experience outages,” said Carl Herberger, vice president for security solutions at Radware, an Israeli-based internet security company.

    ...

    https://www.bloomberg.com/news/artic...of-eastern-u-s
    Última edição por 5ms; 21-10-2016 às 21:04.

  8. #8
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010
    Posts
    18,556

    Level 3 takes brunt of user ire after Dyn denial of service attack




    Sean Buckley
    Oct 21, 2016


    Level 3 said its network is not suffering any from any distributed denial of service (DDoS) attack, disputing user reports made on crowdsourced outage reporting website Downdetector earlier this morning, and saying that the site's information is not accurate.

    “The Level 3 network is operating normally,” the transport provider said in a tweet this morning. “Please note, reports of an outage by Downdetector are not accurate.”

    Complaints spiked in the wake of a DDoS attack against another company, Dyn.

    A Level 3 spokesperson later told FierceTelecom in an e-mail that its Security Operations Center (SOC) does not have reports of any issue.

    “At this time, we do not have an update,” the spokesperson said. “The SOC is not seeing anything on our network.”

    Solutions architect Ant Stanley of A Cloud Guru Ltd. pointed out in a Twitter post that Level 3's network was more likely "under heavy load" due to a DDoS attack against domain name server provider Dyn, which reported it was under attack earlier this morning.

    http://www.fiercetelecom.com/telecom...are-inaccurate

  9. #9
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010
    Posts
    18,556

    Talking Veja quem apareceu neste instante para festejar ...

    Octave Klaba / Oles Retweeted
    Breaking News Feed ‏@pzf 1 hour ago

    Websites affected by #DDoS :
    •Twitter
    •Amazon
    •CNN
    •Reddit
    •Nytimes
    •PayPal
    •Spotify
    •SoundCloud
    •AirBnB
    •HBO
    •Netflix
    •Etsy
    •Github
    •Vox

  10. #10
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010
    Posts
    18,556

    John McAfee: 'Iran hacked the DNC, and North Korea hacked DYN'

    Cybersecurity legend John McAfee looks to the Dark Web for answers on the DNC and DYN hacks.

    Steve Morgan
    Oct 21, 2016

    Who hacked the Democratic National Committee (DNC)?

    John McAfee -- in an email exchange and follow up phone call just moments ago -- said sources within the Dark Web suggest it was Iran, and he absolutely agrees. While Russian hackers get more media attention nowadays, Iranian hackers have had their share.

    A computer hacker briefly hijacked Twitter.com in 2009, redirecting users to a website and claiming to represent a group calling itself the Iranian Cyber Army.

    Earlier this year, Iranian hackers were charged by the U.S. Department of Justice (DOJ) over cyber attacks.

    Why Iran? "The Iranians view Trump as a destabilizing force within America," said McAfee. "They would like nothing more than to have Trump as President."

    What about Russia?

    "If all evidence points to the Russians, then, with 100% certainty, it is not the Russians," said McAfee.
    "Anyone who is capable of carrying out a hack of such sophistication is also capable, with far less effort than that involved in the hack, of hiding their tracks or making it appear that the hack came from some other quarter. The forensic tools used to assign culpability in a hack are well known, in the cybersecurity world, to be largely ineffective. They may, sometimes, correctly identify an unsophisticated 15 year old as the source of a hack, such as the teenager who hacked the FBI less than a year ago. But they are completely ineffective against large, sophisticated groups of hackers such as those run by the Russian State."

    When asked for his Dark Web source, McAfee replied "You know better than to ask me for a link to the Underweb. I would spend the rest of my life fighting the best hackers on the planet."

    There's no conclusive evidence to point the finger at Iranian or Russian hackers, but McAfee may be on to something.

    And the DYN hack?

    "The Dark Web is rife with speculation that North Korea is responsible for the DYN hack" said McAfee. He suspects it is Bureau 121, a North Korean cyberwarfare agency with almost 2,000 state sponsored hackers in the group. McAfee said they certainly have the capability and if it's true (that they hacked DYN) then forensic analysis will point to either Russia, China, or some group within the U.S."

    There's no conclusive evidence that North Korea is responsible for the DYN hack, but McAfee is wired into a large network of underground sources.

    Update: McAfee added "Bureau 121 left trails to an American company that offers services to counter DDoS attacks. The company was not named. When found, I guarantee that the company might have had cause to launch the attack. This is how sophisticated hacks work."

    http://www.csoonline.com/article/313...acked-dyn.html

Permissões de Postagem

  • Você não pode iniciar novos tópicos
  • Você não pode enviar respostas
  • Você não pode enviar anexos
  • Você não pode editar suas mensagens
  •