News highlights this week: memcached servers are being used to launch DDoS amplification attacks, first in-the-wild IPv6 DDoS attack spotted, DDoS bot seen in Chinese drive-by attack, cryptomining malware fuels most RCE attacks, and more.
New DDoS attack using memcached servers
In-the-wild DDoSes use new way to achieve unthinkable sizes (Ars Technica, Feb 27)
Attackers exploit memcached severs to amplify attack volumes by an unprecedented factor of 51k
‘First true’ native IPv6 DDoS attack spotted in wild (SC Magazine, Feb 28)
First in-the-wild DDoS attack on IPV6 hits servers, with portents of more to come. The DNS dictionary attack originated from around 1,900 different native IPv6 hosts, on more than 650 different networks.
Updated Avzhan DDoS bot spotted in Chinese drive-by attack (SC Magazine, Mar 1)
A Chinese drive-by attack was recently observed dropping an updated version of the Avzhan DDoS bot, according to Malwarebytes researchers.
Vulnerable internet-connected devices from security cameras to smartphones can be hijacked by hackers and turned into tools to mine cryptocurrencies, cybersecurity firm Avast demonstrated.
Cryptomining Malware Fuels Most Remote Code Execution Attacks: Study (Bitcoin, Feb 27)
RCE attacks continue to deliver malware to mine cryptocurrency illegally on servers.
In other news
The State of Application Penetration Testing (Dark Reading, Feb 27)
Data from real-world pen tests shows configuration errors and cross-site scripting are the most common vulnerabilities.
Zero-Day Attacks Major Concern in Hybrid Cloud (Dark Reading, Feb 28)
Hybrid cloud environments are particularly vulnerable to zero-day exploits, according to a new study.
Bot Roundup: Avalanche, Kronos, NanoCore (Krebs on Security, Feb 28)
Brian Krebs updates some of the cases he’s been following.