Thursday, October 28th, we go live again for Episode 15 of the Radware Threat Researchers Live.
Join us at 4pm Paris, 10am New York, 7am Los Angeles, 11pm Tokyo.
--
References and Resources
REvil RDoS
https://www.ispreview.co.uk/index.php/2021/10/voip-provider-voipfone-uk-knocked-out-by-ddos-attack-again.html
https://www.itpro.co.uk/security/distributed-denial-of-service-ddos/361374/international-co-ordinated-ddos-attacks-are
Cursed Patriarch RDoS
https://therecord.media/ddos-attacks-hit-multiple-email-providers/
https://zero.bs/ddos-incidents-logbook.html
DDoS as a Lure
https://twitter.com/malware_traffic/status/1450627472131825667?s=20
Dutch Police warns booter customers
https://www.politie.nl/nieuws/2021/oktober/11/03-kopers-van-ddos-aanval-krijgen-waarschuwing-van-cybercrimeteam.html
https://www.politie.nl/nieuws/2020/juli/30/03-doorzoekingen-woningen-in-zaak-ddos-aanbieder.html
https://therecord.media/dutch-police-send-warning-letters-to-customers-of-ddos-booter-service/
https://web.archive.org/web/20200428153850/https://minesearch.rip/
Record level DDoS attacks
https://blog.qrator.net/en/meris-botnet-climbing-to-the-record_142/
https://blog.cloudflare.com/cloudflare-thwarts-17-2m-rps-ddos-attack-the-largest-ever-reported/
https://azure.microsoft.com/en-us/blog/business-as-usual-for-azure-customers-despite-24-tbps-ddos-attack/
Olympics
https://www.cnbc.com/2021/09/29/beijing-olympics-to-ban-foreign-spectators-implement-covid-vaccination-protocols.html
https://group.ntt/en/newsrelease/2021/10/21/211021a.html
https://group.ntt/en/newsrelease/2021/10/21/pdf/211021aa.pdf
Ukrainian Takedown
https://www.cyberpolice.gov.ua/news/kiberpoliczejski-vykryly-ukrayinskogo-xakera-u-zdijsnenni-virusnyx-atak-na-ponad--inozemnyx-kompanij-2642/
https://www.europol.europa.eu/newsroom/news/ransomware-gang-arrested-in-ukraine-europol%E2%80%99s-support
https://www.interpol.int/en/News-and-Events/News/2021/Ransomware-gang-arrested-in-Ukraine
https://therecord.media/treasury-said-it-tied-5-2-billion-in-btc-transactions-to-ransomware-payments/
https://ssu.gov.ua/novyny/sbu-blokuvala-diialnist-armii-botiv-yaka-poshyriuvala-virusni-prohramy-i-zdiisniuvala-ddos-ta-spamataky
REvil Offline Again
https://therecord.media/revil-gang-shuts-down-for-the-second-time-after-its-tor-servers-were-hacked/
https://www.reuters.com/technology/exclusive-governments-turn-tables-ransomware-gang-revil-by-pushing-it-offline-2021-10-21/
Hacking Back
https://gizmodo.com/britain-wants-to-use-its-new-cyber-command-to-hunt-rans-1847930905
https://therecord.media/netherlands-can-use-intelligence-or-armed-forces-to-respond-to-ransomware-attacks/
Conti Statement
https://twitter.com/ddd1ms/status/1451599517741162500?s=20
https://pastebin.com/kMQAbcFa
https://us-cert.cisa.gov/ncas/alerts/aa21-265a
Groove Statement
https://www.bleepingcomputer.com/news/security/groove-ransomware-calls-on-all-extortion-gangs-to-attack-us-interests/
https://twitter.com/ddd1ms/status/1451559644833406977?s=20
https://twitter.com/ddd1ms/status/1451653107029532675?s=20
Darkside/BlackMatter Reacts
https://twitter.com/campuscodi/status/1451487756455133184
https://twitter.com/GelosSnake/status/1451462899231338500
https://therecord.media/darkside-ransomware-gang-moves-some-of-its-bitcoin-after-revil-got-hit-by-law-enforcement/
Yanlouwang Ransomware
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/yanluowang-targeted-ransomware
OWASP 2021 TOP 10
https://owasp.org/Top10/
https://www.radware.com/2021q3-ddos-report/
Apache Path Traversal and RCE
https://blog.talosintelligence.com/2021/10/apache-vuln-threat-advisory.html
https://twitter.com/hackerfantastic/status/1445529822071967745
Authentication bypasses in Dahua cams
https://github.com/mcw0/PoC/blob/master/Dahua%20authentication%20bypass.txt
Dahua Bans
https://ipvm.com/reports/lorex-box
https://ipvm.com/reports/fcc-hikua
https://ipvm.com/reports/sanction-hikua
VMWare vCenter command execution vulnerability
https://www.randori.com/blog/technical-analysis-vcenter-vmsa-2021-0020/
https://www.zdnet.com/article/exploit-released-for-vmware-vulnerability-after-cisa-warning/
https://www.vmware.com/security/advisories/VMSA-2021-0020.html
https://twitter.com/bad_packets/status/1440893196993634307
GTA Online DDoS Attacks
https://www.nme.com/news/gaming-news/gta-online-twitch-streamers-are-being-targeted-with-ddos-attacks-3073077
--
Presentations and resources from past episodes: https://discover.radware.com/l/threat-intelligence
Security reports, alerts, advisories and earlier episodes: https://www.radware.com/security/
Comments
Post a Comment