Aisuru i Kimwolf – jak botnety zmieniają zasady w sieci i zarabiają na nas

Kto naprawdę zarobił na Aisuru i Kimwolf? Podpowiedź: nie tylko autorzy malware i na pewno nie twój dostawca internetu.

Czytaj dalej:
https://pressmind.org/aisuru-i-kimwolf-jak-botnety-zmieniaja-zasady-w-sieci-i-zarabiaja-na-nas/

#PressMindLabs #aisuru #androidtvbox #botnety #ddos #kimwolf

📰 Noction IRP v4.3 Launches with Automated DDoS Detection and Routing-Native Mitigation

Noction releases IRP v4.3 with Automatic Anomaly Detection! 🛡️ The new feature provides rapid, automated DDoS detection & mitigation using routing-native tools like BGP FlowSpec and RTBH to protect networks at the edge. #DDoS #BGP #NetOps #CyberSec...

🔗 https://cyber.netsecops.io/articles/noction-irp-v4-3-introduces-automated-ddos-detection-and-mitigation/?utm_source=mastodon&utm_…

📢⚠️ A coordinated DDoS attack knocked the ICE List site offline just as it prepared to publish thousands of ICE agent identities from an alleged DHS whistleblower dataset last week.

Read: https://hackread.com/ice-agent-doxxing-platform-ddos-attack/

#CyberAttack #DDoS #ICEList #DataLeak #ICE #Whistleblower

API Payload Size Guard

Reject oversized requests before they melt your servers.

#php #python #api #payloadsize #ddos #reliability #backendsafety #performance #security #viralcoding

https://www.youtube.com/watch?v=FwKCy-9u568

last night half a million IPs requested 1 million unique URLs from a website I run.

every single aspect of the crawl was randomised, a typical AI crawl.

except for two things... the HTTP accept header and that the country was all US.

as the accept header is more specific, that's what to block:

text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7

this is not a common accept header, very low percent of good traffic have this, but 100% of the attack had it.

block it in nginx.

if you're using Cloudflare, then the firewall rules don't offer to filter on accept, but I would recommend this:

(any(http.request.headers["accept"][*] eq "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"))

I've set that to a managed challenge.

#infosec #ddos #ai

Email received from Abuse @hetzner which originated from @certbund

Very very much appreciated !
Thanks for helping us to keep our services safe ❤️

P.S.: If you host service(s), please check if your machine is having rpcbind listening on tcp:111 😊

#datalove #ddos #dos #security #systemd #debian #ubuntu #proxmox