DDoS – Qualys ThreatPROTECT

Palo Alto Networks (PAN-OS) Reflected Amplification Denial-of-Service (DoS) Vulnerability (CVE-2022-0028)

Posted by Diksha Ojha on August 16, 2022August 21, 2022

Palo Alto has released a security advisory to address an actively exploited, high-severity vulnerability (CVE-2022-0028) affecting PAN-OS, the operating system used by the company’s networking hardware products. The vulnerability is a PAN-OS URL filtering policy misconfiguration vulnerability that could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The advisory claims … Continue reading “Palo Alto Networks (PAN-OS) Reflected Amplification Denial-of-Service (DoS) Vulnerability (CVE-2022-0028)”

Tenda Routers Multiple Security Vulnerabilities

Posted by Pallavi Pangavhane on October 6, 2020October 6, 2020

Overview Netlab security researchers published a report recently for a new Mirai-based IoT botnet called Ttint. This IoT botnet spreads by exploiting the two Tenda router zero-day vulnerabilities (CVE-2020-10987, second one is not yet disclosed). Ttint is a remote access Trojan based on Mirai botnet code. Traditional Mirai botnet is mostly used to launch a … Continue reading “Tenda Routers Multiple Security Vulnerabilities”

Lucifer malware multiple DDoS vulnerabilites (CVE-2019-9081, CVE-2014-6287, CVE-2018-1000861, CVE-2017-10271, CVE-2018-20062, CVE-2018-7600, CVE-2017-9791, CVE-2019-9081, CVE-2017-0144, CVE-2017-0145, CVE-2017-8464)

Posted by Dhiren Vaghela on June 30, 2020

Summary: A new fish in town with two version of itself, a malware, that impacts Windows machines named Lucifer, is a powerful DDos based malware does crypto jacking and other such nefarious activities using old and new vulnerabilities. In actual, out of the two versions of Lucifer the second sample was compiled on Thursday, June 11, 2020 caught by Palo Alto Networks Next-Generation … Continue reading “Lucifer malware multiple DDoS vulnerabilites (CVE-2019-9081, CVE-2014-6287, CVE-2018-1000861, CVE-2017-10271, CVE-2018-20062, CVE-2018-7600, CVE-2017-9791, CVE-2019-9081, CVE-2017-0144, CVE-2017-0145, CVE-2017-8464)”

Memcached Amplification Attacks

Posted by Deepak Shanker on March 2, 2018March 7, 2018

Memcached is high-performance distributed system for caching. It was designed yo improve web application performance by reducing database load. An amplification attack using the memcached protocol was observed in the wild. The attack is carried over UDP port 11211. Amplification attacks requires an attacker to forge the IP address of the target and send a … Continue reading “Memcached Amplification Attacks”