Change All Your Passwords, Right Now!

ASERT team

by Steinthor Bjarnason, Senior ASERT Security Analyst & Roland Dobbins, ASERT Principal Engineer CloudFlare are probably best known as a DDoS mitigation service provider, but they also operate one of the largest Content Delivery Networks (CDNs) on the Internet. Many popular Web sites, mobile apps, etc. make use of the CloudFlare CDN, which hosts content […]

Annual Security Survey – Call for Participation

ASERT team

It’s that time again! Arbor Networks is opening its 12th annual Worldwide Infrastructure Security Report survey. Findings from this survey are compiled and analyzed to provide insights on a comprehensive range of issues from threat detection and incident response to staffing, budgets and partner relationships.  A copy of the report will be sent to all participants. We […]

Estimating the Revenue of a Russian DDoS Booter

Dennis Schwarz

At the end of 2014, ASERT presented research where we mapped some DDoS booter advertisements on Russian language forums to their behind-the-scenes DDoS botnet infrastructures. For this post, we will follow up on that research a bit by looking at another one of these mappings and trying to estimate the revenue generated by the DDoS […]

Defending the White Elephant

Curt Wilson

Click here to download the full report that includes attack details, TTPs and indicators of compromise.   Myanmar is a country currently engaged in an important political process. A pro-democracy reform took place in 2011 which has helped the government create an atmopshere conducive to investor interest. The country is resource rich, with a variety of […]

Espionage, Spying and Big Corporate Data, These Are a Few of China’s Favorite Things

ASERT provides a weekly threat bulletin for Arbor customers that highlights and analyzes the week’s top security events and provides other pertinent infosec material. Recently, we covered the public notification of a United Airlines breach by possible Chinese state-sponsored threat actors. In this blog, we offer an alternative hypothesis to the conclusions many have drawn […]

Attack of the Shuriken 2015: Many Hands, Many Weapons

Curt Wilson

The expected evolution of DDoS attacks continues. Attack sizes increase over time, tools become easier to use, more threat actors are launching attacks, older attack techniques have become commoditized and new attack techniques are added to the mix on a regular basis. Attacks are cheap, easy, and extremely common. The criminal underground continues to provide […]

How to Become an Internet Supervillain in Three Easy Steps

One of the truisms of comic books and graphic novels is that nothing is immutable – both heroes and villains are rebooted, retconned, featured as radically (or subtly) different versions in alternate timelines, etc. The Marvel Cinematic Universe, which so far includes the Captain America, Thor,Hulk, Iron Man, and Avengers films, is a good example. […]

DDoS Attacks in the Wake of French Anti-terror Demonstrations

Kirk Soluk

On January 15th, France’s chief information systems defense official, Adm. Arnaud Coustilliere, announced a sharp rise in online attacks against French web sites: “Calling it an unprecedented surge, Adm. Arnaud Coustilliere, head of cyberdefense for the French military, said about 19,000 French websites had faced cyberattacks in recent days, …” [1]. As we’ve done in […]

North Korea Goes Offline

Dan Holden

It was reported earlier today that North Korea was having Internet connectivity issues. Given recent events involving Sony Pictures Entertainment (SPE), these reports are of particular interest. The first question when you see this type of report is whether it’s purely a connectivity issue or whether an attack is behind it. While visibility into North Korean […]