Articles about denial of service

Orange juice squeezing

Mimosa spiked! Wireless kit has multiple security holes

5G wireless vendor Mimosa Wireless has patched against a bunch of remote code execution, denial-of-service and file disclosure vulnerabilities. The bugs were reported by Ian Ling on Full Disclosure, and apply to firmware used in the company's access points, client products, and backhaul systems. The products' Web interface …
DDoS

DDoS in 2017: Strap yourself in for a bumpy ride

DDoS attacks have been around since at least 2000, and they’re not going away. In fact, as the number of devices online grows, the volume and velocity of these attacks is also increasing. Whole industries have developed around launching and preventing DDoS campaigns as black hats and white hats battle for dominance, and 2017 …
Robin Birtstone, 16 Dec 2016
purple rotary phone

Asterisk users need to patch DoS bug

Asterisk users need to get busy with a patch. In September, the popular open-source IP PBX project advised users to switch off its “overlap dialling” feature to dodge a possible denial-of-service (DoS) vulnerability. Overlap dialling is designed to reduce call setup time, by letting the system start looking for destinations …

IBM makes meek apology for Oz #CensusFail, offers no fail detail

IBM has finally broken its silence about the failure of Australia's online census, but only with meaningless PR blather that leaves the cause of the mess a mystery. Australians were supposed to complete their census forms online on Tuesday evening, but the site crashed, leading to allegations that offshore hackers had staged a …
Simon Sharwood, 11 Aug 2016

Apache, Debian crews patch library with DoS vuln

A file upload library used in Apache Tomcat and various Linux distributions needs patching to plug a denial-of-service vulnerability. Discovered by the TERASOLUNA Framework Development Team, the bug in libcommons-fileupload-java, which sits under Apache Commons FileUpload, has the Common Vulnerabilities and Exposures …
Computer with dead bug, Stacy Brunner CC2 license

Downtime for Up.Time: time to patch some bugs

Popular sysadmin tool Up.Time from Idera software needs patching, with bugs exposing it to denial-of-service attacks and possible remote code execution. The bugs in the server monitoring tool (now known as Uptime Infrastructure Monitor), outlined by the Carnegie-Mellon CERT here, cover three CVEs: CVE-2015-2894, CVE-2015-2895 …
Anonymous video screenshot

Canadian government websites hosed, Anonymous takes credit

Canada's government websites and email servers have been knocked offline in a distributed denial-of-service (DDoS) attack. The assault was apparently a simple flood-the-pipes operation rather than an attempted data-heist. At 5pm local time, according to Bloomberg (presumably in Ottawa), sysadmins were working to get services …

Post-POODLE, OpenSSL shakes off some fleas

OpenSSL has squashed eight low severity vulnerabilities bugs that could result in denial of service or the removal of forward secrecy. The holes, two graded "moderate", were addressed in OpenSSL updates 1.0.0p, 0.98zd, and 1.0.1k. Maintainers wrote in an advisory that Cisco warned last October that a crafted Datagram …
Darren Pauli, 9 Jan 2015
Evernote Android app screenshot

Evernote taken out by DDoS attack

Popular mobile and online note app Evernote is recovering from a distributed denial of service attack that took its service offline for hours last night. The firm was hit by the DDoS attack from around 10.45 BST last night, leaving folks unable to access their notes in the cloud or sync their files from one device to another …

Miscreant menaces Meetup, minuscule money mania mashed

Meetup.com has gone public with one of the most paltry ransom demands The Register has seen – but rather than pay up to end a distributed denial-of-service (DDoS) attack, the klatch organizer instead put up with its site being repeatedly hosed offline, we're told. The website said its woes began on Thursday when it received a …
anonymous logo

Anons escape human sewer after billionaire bog roll blag

A denial-of-service attack that knocked a Koch-owned subsidiary offline in 2011 has earned its perpetrators probations and hefty fines. Twenty-four-year-old Iowan Jacob Wilkins was sentenced in a US federal court in Green Bay on February 14 for the attack, and will have to find $110,932 to pay restitution to Koch Industries. …
Snapchat logo

Snapchat bug lets hackers aim DENIAL of SERVICE attacks at YOUR MOBE

A security consultant who works for Telefonica has turned up a bug in how Snapchat handles authentication tokens, which enables a denial-of-service attack against users' phones. It's a simple enough problem, as Jaime Sánchez explains here: the tokens should expire, but don't. As a result, one token can be re-used on many …

Snowden leak: GCHQ DDoSed Anonymous & LulzSec's chatrooms

British intelligence ran denial-of-service attacks against chatrooms used by Anonymous and LulzSec, according to an investigation by NBC News involving Snowden confidante Glenn Greenwald. Documents leaked by the NSA whistleblower record how a GCHQ unit known as the Joint Threat Research Intelligence Group, or JTRIG, used a …
John Leyden, 5 Feb 2014
Github octodex

GitHub wipes hand across bloodied face, stumbles from brutal DDoS beating

Popular source-code warehouse GitHub was back online today after weathering a huge denial-of-service attack throughout the week. The status page of the San Francisco-based outfit charts the progress of the assault and the attempts to end it. Problems with the web service first cropped up on Tuesday, 1 October, before the team …
John Leyden, 4 Oct 2013
The Register breaking news

Cisco goes public with major vulns

Users of Cisco's Unified Communications Manager, UCM instant messaging and presence, and Prime Central hosted collaboration system need to get busy with patches, after the Borg announced denial-of-service vulnerabilities across all three platforms. UCM 7.1, Cisco advises, has an improper error handling vulnerability that can …
Network Cables Index Image

Websites stagger to feet, Network Solutions wears off DDoS hangover

Web-hosting biz and domain-name registrar Network Solutions was pummelled offline by attackers last night - and took its customers' websites down with it. The distributed denial-of-service assault (DDoS) lasted for about two or three hours before the US company was able to mitigate the effects and get its systems back online. …
John Leyden, 18 Jul 2013
cable

BIND 9 patched against remote crash vuln

Time to get patching, sys admins: ISC (the Internet Systems Consortium) has issued a fix for a BIND 9 denial of service vulnerability. The defect and patch, published last week, “allows an attacker to crash a BIND 9 recursive resolver with a RUNTIME_CHECK error in resolver.c”, the ISC says in its announcement. CVE-2013-3919 …
The Register breaking news

Router crash downs CloudFlare services

During Sunday, US time, prominent Web services outfit CloudFlare sent an instruction to its routers in response to an attempted DoS, and instead took down its own network. In a rare example of detailed disclosure, the company has posted an explanation of what happened here. The network collapse occurred, the company explains …

Create a news alert about denial of service, or find more stories about denial of service.

Biting the hand that feeds IT © 1998–2018