Welcome to InfoRiskToday’s DDoS Resource Center!

The latest news, views and education about distributed-denial-of-service attacks. New, sophisticated DDoS attacks have increased throughout the world, and security experts predict this trend will continue. Use this DDoS Resource Center for the latest information on detection, mitigation, incident response and ongoing risk management.

XorDDos is part of the trend of malware increasingly targeting Linux (Source: ISMG)

Massive Surge in Use of Linux XorDDos Malware Reported

Prajeet Nair • May 21, 2022

Microsoft has observed a 254% increase in activity over the past six months from a Linux Trojan called XorDDos. First discovered in 2014, XorDDos was named after its denial-of-service-related activities on Linux endpoints and servers and its usage of XOR-based encryption for its communications.

Endpoint Security

Cybersecurity Mesh is the Next Big Trend In Cybersecurity

Latest

Business Continuity Management / Disaster Recovery

European Union Officials Call for Stricter Cyber Rules

Dan Gunderman • March 22, 2022

Just one day after the White House warned that intelligence is pointing to potential offensive cyberattacks out of Moscow, European Union officials are calling for more stringent cybersecurity rules.

3rd Party Risk Management

How to Maximize Application Intelligence

Tom Field • April 8, 2022

At a time when applications are more business-critical than ever - and visibility is more challenging to achieve - we need to discuss new strategies and tools for maximizing application intelligence. Sujay Pathakji of Axiom Telecom and Srudi Dineshan of Gigamon share insights.

3rd Party Risk Management

Why Third Parties Are an Organization's Biggest Risk Point

Tori Taylor • April 8, 2022

Hackers are exploiting third-party remote access. If you’re not taking third-party risk seriously, it’s just a matter of time until your company is the next headline.

Fraud Management & Cybercrime

New Mirai-Based Campaign Targets Unpatched TOTOLINK Routers

Prajeet Nair • April 5, 2022

A new ongoing malware campaign is currently being conducted in the wild, targeting unpatched TOTOLINK routers. By leveraging a newly released exploit code, threat actors can use this variant of the Mirai botnet, called Beastmode, to potentially infect vulnerable devices.

Finance & Banking

Survey: State of Security Automation in Financial Services

Tom Field • April 1, 2022

When it comes to advanced threat response, 42% of financial institutions say their current abilities are average. Only 35% say automation currently plays a strong role. Josh Zelonis of Palo Alto Networks and Sid Srivastava of Accenture analyze the State of Security Automation in Financial Services.

Access Management

Why Access Governance Is Crucial For Strong Cybersecurity

Isa Jones • April 1, 2022

If an organization doesn’t know who is accessing what, how can they be trusted to make sure a bad actor isn’t gaining access to data, assets, or systems they shouldn’t?

CISO Trainings

Securing Industry 4.0: Insights From New Research

Tom Field • March 29, 2022

Eighty percent of survey respondents say they either are well on the way or getting started toward becoming a "smart manufacturing company." Cloud migration, business resiliency and securing OT environments are among their priorities. Del Rodillas of Palo Alto Networks analyzes the survey results.

CISO Trainings

How Has COVID-19 Changed CISO Approach to Data Security?

Tom Field • March 29, 2022

Fifty-three percent of survey respondents say cyberthreats became fiercer during COVID-19, and 17% say the pandemic disrupted their data security initiatives. These are among findings of a new survey sponsored by HelpSystems. Cary Hudgins analyzes the results and discusses how to put them to work.

Business Continuity Management / Disaster Recovery

DDoS Attack Downs Several Israeli Government Websites

Mihir Bagwe • March 15, 2022

On Monday night, Israeli government websites including those of the prime minister and the ministries of Interior, Health, Justice, and Welfare, went offline. The Israel National Cyber Directorate confirmed a massive DDoS attack against a communications provider, resulting in temporary access loss.

Application Security & Online Fraud

How a Global Pandemic Changed the Fraud Landscape

Tom Field • March 14, 2022

Pete Barker was a cybersecurity Digital Loss Prevention practitioner before joining SpyCloud as Director of Fraud & Identity. He saw first-hand the impact of COVID-19 on fraud incidents, which are more automated and broadly targeted. He explains how "COVID changed all the rules" and how defenders can raise their game.

Cybercrime

Dayslong DDoS Attack With Embedded Ransom Note Mitigated

Prajeet Nair • March 7, 2022

An undisclosed website was the victim of a massive, dayslong distributed denial-of-service attack. The threat actor included a ransom note as part of the attack, instead of contacting the victim separately, and the DDoS attack has been mitigated, researchers at cybersecurity company Imperva say.