Dive into Q2 DDoS and BGP Incidents Statistics and Overview.

Learn about the distinct methodologies and impacts of layer 4 and layer 7 DDoS attacks, from SYN floods and UDP floods at the transport layer to HTTP floods and Slowloris attacks at the application layer. Understand how cybercrime services like booters facilitate these attacks and explore notable case studies, including the Dyn and GitHub incidents.

In August 2023, a vulnerability in the HTTP/2 protocol, known as CVE-2023-44487 or "Rapid Reset," was discovered. This article provides an in-depth understanding of how CVE-2023-44487 works, its impact on HTTP/2, and offers 4 mitigation strategies to defend against this vulnerability.

Discover how cybercriminals use fast flux to increase the resilience and takedown immunity of their malicious infrastructure. Understand the benefits of fast flux for attackers, the challenges it presents for security professionals, and the most effective strategies for combating this threat, such as domain seizures, botnet takedowns, and international cooperation.

Explore the history of DDoS attacks from their inception in 1994 to the sophisticated threats of the present day. Discover how bandwidth, processing speeds, and protection mechanisms have evolved, fueling the arms race between attackers and defenders. Understand the forces driving the evolution of DDoS tactics, from simple bandwidth overloads to complex amplification and application-layer attacks.
 

Explore essential strategies to safeguard your website against unauthorized AI data scraping while maintaining a superior user experience. Learn how rate limiting, robots.txt file, and selective IP bans can protect your digital assets.

DDoS attacks send ripples on the ocean of the Internet, produced by creations of various sizes - botnets. Some of them feed at the top of the ocean, but there also exists a category of huge, deep water monstrosities that are rare and dangerous enough they could be seen only once in a very long time.

November 2021 we encountered, and mitigated, several attacks from a botnet, that seems to be unrelated to one described and/or well-known, like variants of Mirai, Bashlite, Hajime or Brickerbot. 

Although our findings are reminiscent of Mirai, we suppose this botnet is not based purely on propagating Linux malware, but a combination of brute forcing and exploiting already patched CVEs in unpatched devices to grow the size of it. Either way, to confirm how exactly this botnet operates, we need to have a sample device to analyze, which isn’t our area of expertise.

This time, we won’t give it a name. It is not 100% clear what we are looking at, what are the exact characteristics of it, and how big this thing actually is. But there are some numbers, and where possible, we have made additional reconnaissance in order to better understand what we’re dealing with. 

But let us first show you the data we’ve gathered, and leave conclusions closer to the end of this post.

Hello, everybody!

My name is Alexander Zubkov and today I’d like to talk about routing loops.

Introduction

For the last five years, there have virtually been almost no global-scale application-layer attacks.

During this period, the industry has learned how to cope with the high bandwidth network layer attacks, including amplification-based ones. It does not mean that botnets are now harmless.

End of June 2021, Qrator Labs started to see signs of a new assaulting force on the Internet – a botnet of a new kind. That is a joint research we conducted together with Yandex to elaborate on the specifics of the DDoS attacks enabler emerging in almost real-time.

Among many popular graph algorithms, several algorithms allow you to find the shortest paths. Each of them solves its own problem and, accordingly, has its own application in practice. For example, the A* search algorithm can use various heuristics to find the path of the minimum cost in video games, while the Floyd — Warshell algorithm allows you to efficiently find the shortest paths between all pairs of vertices in dense graphs and can be used in the Schultz method to determine the winner of the election [1]. However, computer networks are considered to be the area where shortest path algorithms are strongly sought-for.

This article by Roman Klimovitsky describes how such problems arise in Qrator Labs and how we solve them.