In 2016, I shared some thoughts about firewalls in general; their history and purpose in the information security domain. The point of the article was to help website owners differentiate between the types of firewalls they might encounter. Today, I will shift my focus specifically to website application firewalls (WAF). WAFs are not new, but […]
Tag Archives: ddos
SSH Brute Force Compromises Leading to DDoS
A few weeks ago we ran an experiment to see how long it would take for some IPv4-only and IPv6-only servers to be compromised via SSH brute force attacks. We configured five cloud servers on Linode and Digital Ocean with the root password set to “password.” The idea was to see how long it would… […]
Product Update: Sucuri Firewall in Tokyo, Japan
For the last couple of years, we have been transitioning the Sucuri Firewall (WAF) away from the cloud and expanding it to run on top of our own Anycast content delivery network (CDN). We provide security for websites using our service and felt we needed to couple the performance benefits of a CDN with the… […]
IoT Home Router Botnet Leveraged in Large DDoS Attack
We have been monitoring a large-scale Layer 7 HTTPS flood attack (i.e., application level DDoS) against a customer over the past few weeks. It is being distributed across 47,000 IP addresses and has been pushing over 120,000 HTTPS requests per second (RPS) to the website. Unlike volumetric attacks that target the network link (measured in… […]
Spotlight: WPBeginner’s Approach to WordPress Security
WPBeginner offers tutorials, tips, and tricks for WordPress beginners to improve their sites. With over 150K Twitter followers and almost 10 million monthly visitors, the website is undeniably popular. The high-quality content provided by WPBeginner helps WordPress users make better decisions and gain awareness of their options. Using research and thought leadership, WPBeginner offers guidance… […]
Large CCTV Botnet Leveraged in DDoS Attacks
Our security operations team investigate and mitigate multiple denial of service (DDoS) attacks every single day. One recent case caught our attention because of the intensity and duration of the attack, and – as we discovered through some research – how it was being done. In this article, we’ll share the specifics in an effort to track… […]
The Growing DDoS Threat to Website Owners
As website attacks continue to evolve, we see growing levels of sophistication in the way attackers are expanding the economics of their industry. The monetization potential of attacking websites continues to grow exponentially as more website come online (currently estimated to be over a billion live sites). With this evolution comes new tactics that we’ve… […]
Lizard Squad Ransom Threats: New Name, Same Faux Armada Collective M.O.
CloudFlare recently wrote about the group of cyber criminals claiming to be be the “Armada Collective.” In that article, we stressed that this group had not followed through on any of the ransom threats they had made. Quite simply, this copycat group of cyber criminals had not actually carried out a single DDoS attack—they were […]
Empty DDoS Threats: Meet the Armada Collective
Beginning in March 2016, we began hearing reports of a gang of cybercriminals once again calling themselves the Armada Collective. The calling card of the gang was an extortion email sent to a wide variety of online businesses threatening to launch DDoS attacks if they weren’t paid in Bitcoin. From The Wizard of Oz (1939) […]
WordPress Sites Leveraged in Layer 7 DDoS Campaigns
We first disclosed that the WordPress pingback method was being misused to perform massive layer 7 Distributed Denial of Service (DDoS) attacks back on March 2014. The problem, as previously described,was that any WordPress website with the pingback feature enabled (which is on by default) could be used to attack the availability of other websites. The attacks wouldRead […]
