FortiDDoS Launches Support for FortiGuard Domain Reputation Service for IoT and Botnet Based DDoS Attack Mitigation

CSPs and Proliferation of DNS Based DDoS Attacks DNS is used in over 91% of malware communication today (vs. direct IP) in order to contact Command & Control (C&C) servers. Phishing attacks that distribute malware also depend heavily on DNS. And recent cases of ransomware attacks, such as last year’s Continue Reading

DDoS Ransom: An Offer You Can Refuse

Cloudflare has covered DDoS ransom groups several times in the past. First, we reported on the copycat group claiming to be the Armada Collective and then not too long afterwards, we covered the “new” Lizard Squad. While in both cases the groups made threats that were ultimately empty, these types Continue Reading

TLD glue sticks around too long

Recent headline grabbing DDoS attacks provoked heated debates in the DNS community. Everyone has strong opinions on how to harden DNS to avoid downtime in the future. Is it better to use a single DNS provider or multiple? What DNS TTL values are best? Does DNSSEC make you more or Continue Reading

The Daily DDoS: Ten Days of Massive Attacks

Back in March my colleague Marek wrote about a Winter of Whopping Weekend DDoS Attacks where we were seeing 400Gbps attacks occurring mostly at the weekends. We speculated that attackers were busy with something else during the week. This winter we’ve seen a new pattern, and attackers aren’t taking the Continue Reading

IoT-based Linux/Mirai: Frequently Asked Questions

Ever since the Mirai DDoS attack was launched a few weeks ago, we have received a number of questions that I will try to answer here. If you have more follow-up questions, please let me know! Who is the Author of Mirai? The presumed developer goes under the pseudonym of Continue Reading

Patented Firmware Repels Large-Scale DDoS attacks on DNS Services

DNS-Related DDoS Attacks Are on the Rise Domain Name System (DNS)-related distributed denial of service (DDoS) attacks are on the rise because hacktivists and cyberterrorists are finding it easy to use botnets to stage large volumetric reflection and amplification of queries DDoS attacks to overwhelm servers. When these attacks succeed, Continue Reading

10 Simple Ways to Mitigate DNS Based DDoS Attacks

UDP floods are used frequently for larger bandwidth DDoS attacks because they are connectionless and it is easy to generate UDP packets using scripts.  DNS uses UDP primarily and under some circumstances uses TCP. Because, the usage of UDP/DNS protocol is extremely popular as a DDoS tool.  Since DNS is Continue Reading