Trending

The latest hot topics from the Deep & Dark Web and beyond.

Blog > Trending

Recommended DDoS Attack Mitigation Strategies

November 2, 2016

In light of the recent Mirai botnet DDoS attacks against DNS servers, Flashpoint would like to raise awareness on certain suggested mitigation strategies. These recommendations are relevant for organizations with Internet-facing authoritative DNS servers. For organizations running their own DNS servers, is it crucial for network team members to both be aware of the current […]

Read more

An After-Action Analysis of the Mirai Botnet Attacks on Dyn

Key Takeaways • On October 21, 2016, a series of distributed denial-of-service (DDoS) attacks against Dyn DNS impacted the availability of a number of sites concentrated in the Northeast US and, later, other areas of the country. Impacted sites included: PayPal, Twitter, Reddit, GitHub, Amazon, Netflix, Spotify, and RuneScape. • While the attacks were still […]

Read more

Mirai Botnet Linked to Dyn DNS DDoS Attacks

By FP_Analyst
October 21, 2016

Key Takeaways Flashpoint has confirmed that some of the infrastructure responsible for the distributed denial-of-service (DDoS) attacks against Dyn DNS were botnets compromised by Mirai malware. Mirai botnets were previously used in DDoS attacks against the “Krebs On Security” blog and OVH. As of 1730 EST, the attacks against Dyn DNS are still ongoing. Flashpoint […]

Read more

Analysis of “DirtyCow” Kernel Exploit

Key Takeaways On October 20, 2016, Ars Technica published an article about a serious kernel-level Linux exploit which allows for local privilege escalation attacks. Red Hat Product Security has identified this exploit being used in the wild and addressed the apparent vulnerability caused by this exploit. Other Linux distribution operating systems are also in the […]

Read more

When Vulnerabilities Travel Downstream

CVEs Assigned to Upstream Devices Exploited by Mirai IoT Botnet Key Findings • While investigating the recent large-scale distributed denial-of-service (DDoS) attacks, Flashpoint identified the primary manufacturer of the devices that utilize the default username and password combination known as root and xc3511. • Default credentials pose little threat when a device is not accessible […]

Read more

Turkish Organizations Exploited in Terror Finance Scheme

September 20, 2016

New evidence supports allegations that jihadists are exploiting Turkish organizations to launder donations to armed groups involved in the Syrian civil war. While closely studying a network of websites that operate as an online portal for Turkic Islamist rebel groups, Flashpoint analysts noted a recent article from a Turkic jihadist publication about a first-hand visit […]

Read more

Attack of Things!

By FP_Analyst
September 17, 2016

This post was written in collaboration with Level 3 Threat Research Labs and was originally published to Beyond Bandwidth on August 25, 2016. The rush to connect everything to the internet is leaving millions of everyday products vulnerable and ripe for abuse. We’ve seen internet connectivity added to appliances, athletic clothing, pill bottles and even forks. Security, […]

Read more

Why Flashpoint?

June 27, 2016

We’ve all been offered job-hunting advice. And as the co-founder of a thriving cybersecurity talent community, I’ve probably heard more than most. One good piece of advice that I can vouch for is “Look to work for companies you admire.” It’s one reason why I recently accepted the role as Chief Strategy Officer at Flashpoint. […]

Read more