2018年1月観測レポートサマリー DDoS攻撃の観測情報 IIJマネージドセキュリティサービスの観測情報 Web/メールのマルウェア脅威の観測情報 セキュリティインシデントカレンダー 2018年1月観測レポートサマリー はじめに、IIJの提供するセキュリティ事業において収集・観測した、様々な攻撃活動について示します。当月もサーバやクライアント、IoT機器などを狙った複数の攻撃活動を観測しています。 まず、Webサーバに対する攻撃では、古いCGIやRuby on Railsの脆弱性(CVE-2012-1823、CVE-2012-2311、CVE-2013-0156)を利用した、Webサーバに対する特徴的な攻撃を観測しました。この一連の活動では、攻撃が成功すると、攻撃者は対象となったWebサーバを利用して、仮想通貨のマイニングを行います。なお、攻撃に利用された脆弱性は古いものであることから、
Reshared, Recycled, Swapped and Sold breach data is being a common thing and well once again someone has complied a bunch of public and not so public combo lists from well known previous breaches that when combined have a total of 3,443,684,697 Emails with 2,914,838,915 of them being unique leaving only about 333K duplicate entries. The leak has originated from raidforums and was posted at First i
Memcached payloadA long time ago in a git repository far-far away, a commit made by Brian Aker introduced a brilliant feature of the default listening to UDP traffic in memcached. Days in between February 23, 2018, and the Monday of February 26, 2018, were marked by multiple memcached-amplification DDoS attacks across entire Europe. The issue with memcached insecurity seemed to well known from at
ASERT Threat Summary: memcached Reflection/Amplification Description and DDoS Attack Mitigation Recommendations Date/Time: 27022018 2325UTC Title/Number: memcached Reflection/Amplification Description and DDoS Attack Mitigation Recommendations - February 2018 - v1.4. Severity: Critical Distribution: TLP WHITE (see <https://www.us-cert.gov/tlp) Categories: Availability Authors: Roland Dobbins & Ste
Surfing Internet Security & Resiliency as we thrive, heal, and grow in this life …. TLP:WHITE UPDATE: As of 2018-03-17 ( Morning Update), more attack using the memcached reflection vector have been unleashed on the Internet. As shared by Akamai Technologies “memcached-fueled 1.3 Tbps Attacks,” the application factors are “Internet Impacting.” Mitigation and Remediation Efforts are reducing the nu
Memcrashed - Major amplification attacks from UDP port 1121102/27/2018 Over last couple of days we've seen a big increase in an obscure amplification attack vector - using the memcached protocol, coming from UDP port 11211. CC BY-SA 2.0 image by David Trawin In the past, we have talked a lot about amplification attacks happening on the internet. Our most recent two blog posts on this subject were:
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く