Cybersecurity Newsletter, June 22 - July 4
Qrator

Ladies and gentlemen, after a short vacation, we are back with the most relevant and essential news on cyber and network security.

This time we are going to make the 2-week overview, covering stories published roughly from June 22 to July 4. Enjoy!

Last week was marked by mitigation of what has been called "the biggest DDoS attacks", one by AWS, with the other by Akamai

Two record DDoSes disclosed this week underscore their growing menace: "More bots + better DDoS traps = ever-growing amounts of junk traffic." - ArsTechnica.
"A bank in Europe was the target of a huge distributed denial-of-service (DDoS) attack that sent to its networking gear a flood of 809 million packets per second (PPS)" - BleepingComputer.
There are DDoS attacks, then there's this 809 million packet-per-second tsunami Akamai says it just caught: "Bank on the receiving end of massive 418Gbps traffic barrage" - The Register.
 

New Charges, Sentencing in Satori IoT Botnet Conspiracy

"The U.S. Justice Department today charged a Canadian and a Northern Ireland man for allegedly conspiring to build botnets that enslaved hundreds of thousands of routers and other Internet of Things (IoT) devices for use in large-scale distributed denial-of-service (DDoS) attacks. In addition, a defendant in the United States was sentenced today to drug treatment and 18 months community confinement for his admitted role in the botnet conspiracy." - Brian Krebs.
DDoS botnet coder gets 13 months in prison: "Kenneth Schuchman, known as Nexus Zeta, created multiple DDoS botnets, including Satori, Okiru, Masuta, and Fbot/Tsunami." - ZDNet.
 

The US-China Battle Over the Internet Goes Under the Sea

"The DOJ's opposition to Facebook and Google's 8,000-mile cable to Hong Kong highlights how physical infrastructure is as contentious as the virtual world." - Wired.
 

GDPR's two-year review flags lack of "vigorous" enforcement

While EU lawmakers' top-line message is the clear claim: "GDPR is working" — with commissioners lauding what they couched as the many positives of this "modern and horizontal piece of legislation"; which they also said has become a "global reference point" — they conceded there is a "very serious to-do list", calling for uniformly "vigorous" enforcement of the regulation across the bloc. - Wired.
 

Hackers are trying to steal admin passwords from F5 BIG-IP devices

"Threat actors have already started exploiting the F5 BIG-IP mega-bug, three days after it was disclosed." - ZDNet.
 

XORDDoS, Kaiji Botnet Malware Variants Target Exposed Docker Servers

"There is, however, a notable difference between the two malware variants’ method of attack. While the XORDDoS attack infiltrated the Docker server to infect all the containers hosted on it, the Kaiji attack deploys its own container that will house its DDoS malware." - TrendMicro.
 

DDoS and dingoes: Australia to bolster cyber-defences with 500 hackers amid China spat

"Australia will hire 500 hackers as part of a AU$1.35bn (£754m, $925m) boost to protect the nation's networks from a wave of cyber attacks." - The Register.
 

Measuring IPv6 - an article by Geoff Huston

"The IPv6 measurement story is so much more than just counting users and mapping deployments.
How similar are the IPv4 and IPv6 networks in terms of internal topology? Are the two protocols handled identically within service provider networks, with the same load balancing and traffic management systems? Or are they treated differently? Do the two protocols offer similar performance? How is the dual-stack network performing?" - Geoff Huston.
 

System hardening in Android 11

"In Android 11 we continue to increase the security of the Android platform. We have moved to safer default settings, migrated to a hardened memory allocator, and expanded the use of compiler mitigations that defend against classes of vulnerabilities and frustrate exploitation techniques." - Android Developers.
 

Japanese Supercomputer Is Crowned World’s Speediest

"The 416 quadrillion reasons why Japan’s supercomputer is number 1." - ArsTechnica.
 

Barclays Bank appeared to be using the Wayback Machine as a 'CDN' for some Javascript

"The bizarre discovery was made by Twitter user @immunda, who discovered on Thursday that the British financial institute was calling JS from the Internet Archive." - The Register.
 

Mining DNS MX Records for Fun and Profit

"If you have read my blog before, you may realize that I really love DNS data and dns analytics. In this post, I share some experiences in using mostly DNS data for identifying the visible footprint of popular email security providers." - Jason Trost.
 

The weekend read - Building Subversion

"We started the story of the year in 1993. It’s the year the Mosaic web browser came out. You know, email has been around for some time, but the web was fairly young and CVS was the most popular open-source source control system." - Jim Blandy.
 

Repository of the week - Wirediff: a new tool to diff network captures

 

Have a great weekend!

For feedback, please write to us at cybersec@qrator.net.