Employs DDoS attacks, enlists Amazon Web Services to block distribution
In a surprising twist to the ongoing saga of an attack on Sony Pictures' internal computer system by unidentified hackers (likely to be from North Korea), the studio is starting to fight back by leveraging Amazon Web Services to carry out distributed denial of service (DDoS) attacks on identified servers that contain files stolen from Sony over the last month. Taking a page from its own playbook, the media conglomerate is flooding suspect servers with dummy files, a sequel of sorts to anti-piracy attacks carried out by the firm in conjunction with Media Defender seven years ago.
Evernote recovers from multi-hour DDoS attack, Feedly continues to suffer
Two prominent web properties have come under fire from distributed denial of service (DDoS) attacks in the last 24 hours. Note-taking app Evernote struggled to stay active during its multi-hour attack earlier today, with Google Reader replacement Feedly being the current target, with the entire service currently unavailable while it attempts to mitigate the malicious traffic surge.
Denial of Service attacks employed against hacking groups by UK intelligence agency
A spy unit under the control of the United Kingdom's intelligence services was used to attack the Anonymous and LulzSec hacking groups, according to GCHQ documents leaked by Edward Snowden. The Government Communications Headquarters (GCHQ) used the unit to deploy distributed denial of service (DDOS) attacks against the groups, a similar strategy employed by the hackers themselves.
Initiative to keep smaller activist sites active during attacks
Google has announced it will help website owners protect their sites from Distributed Denial of Service (DDoS) attacks. Project Shield hopes to keep smaller sites running during DDoS attacks, with the project's initial focus being to protect under-resourced sites serving "media, elections, and human rights related content."
Denial of service attack over spam blacklist inclusion
The Internet is reportedly slowing down due to a large-scale online attack against an anti-spam organization, with the attack itself being declared the largest public denial of service attack in history. Non-profit Spamhaus is believed to be under attack from criminal gangs based in Russia and Eastern Europe, in a dispute that has escalated to a level that other services, such as Netflix, are feeling the impact.
British hacker faces 10 years in prison for attacks
A British hacker has been found guilty for his part in a Distributed Denial of Service attack against payment services. Anonymous member Christopher Weatherhead, attacked MasterCard, Visa, and Paypal after they turned away from processing payments for Wikileaks, as well as music industry companies, in attacks costing those involved over $5.6 million.
Domain name servers assailed by denial of service attack
Most of the GoDaddy-hosted websites and services on the Internet were taken temporarily offline today from around 1:25PM ET to just after 8PM as the result of an attack. The outage is blamed on a DNS denial of service attack, which one purported Anonymous collective hacktivist leader claims as his own. No motive has been ascribed to the attack.
Video details targets, dates of local protests
In a video recently uploaded on YouTube, hacker activist group Anonymous has changed its traditional direction. Nodding to recent countermeasures to distributed denial of service (DDOS) attacks against targeted websites, Anonymous announced a list of companies and dates for more conventional protesting. The group plans traditional protests beginning May 1 against companies that support the Cyber Intelligence Sharing and Protection Act (CISPA), recently approved by the House of Representatives.
Apple: critical updates
Apple on Wednesday released dozens of security updates part of its Mac OS X 10.5.3 update for Leopard and Security Update 2008-003(PPC Tiger client, Intel Tiger client, PPC Server, Universal Server) for Mac OS X Tiger, including critical bugs for remote shutdown, arbitrary code execution (multiple including JPG2000 issues), denial of service (via viewing PNG files), private information information disclosure (via SSL, Tiger Mail, Unicode, malicious BMP/GIF files and Image Capture) as well as a critical code execution bug for the continually updated Adobe Flash plugin. Apple also updated its Single Sign-On feature (CVE-ID: CVE-2008-1578) to prevent passwords from being supplied other local users.
New iPhone vulnerability
iPhone owners should be on guard against a new threat, which fortunately doesn't harm the device, but still induces a freeze by taking all available system memory. According to security firm SecurityFocus, the vulnerability is exposed by a Denial of Service attack, when a maliciously crafted webpage is viewed. The page will insert code into the iPhone, which continually eats up available system memory before causing a kernel panic.