- Massive DDOS attacks against dyn DNS service knocks popular sites offline
Popular sites and services, including Twitter, SoundCloud, Spotify, and Shopify, for many users, is causing uproar online. It’s because of a DDoS attack against the popular Domain Name System (DNS) service provider Dyn, according to a post on Ycombinator. Dyn DNS is used by many websites and services as their upstream DNS provider, including Twitter, Spotify, SaneBox, Reddit, Box, Github, Zoho CRM, PayPal, Airbnb, Freshbooks, Wired.com, Pinterest, Heroku and Vox Media properties. According to Dyn DNS, the DDOS started at 11:10 UTC and is mostly affecting its customers in the East Coast of the United States, specifically Managed DNS customers. It is not clear that who is behind this attack.
Cyber Security Tips: Rate limit your router to prevent your Web server being overload, Add filter to filter packets, set time out, use intrusion detection and prevention system
- Dirty cow – critical Linux kernel flaw being exploited in wild
A nine-year-old critical vulnerability has been discovered in virtually all versions of the Linux operating system and is actively being exploited in the wild and the flaw is called dirty cow. It’s very easy to develop exploits that work reliably. Secondly, the Dirty COW flaw exists in a section of the Linux kernel, which is a part of virtually every distro of the open-source operating system, including RedHat, Debian, and Ubuntu, released for almost a decade. Dirty COW potentially allows any installed malicious app to gain administrative (root-level) access to a device and completely hijack it.
Cyber Security Tips: User has to inform that immediately update your Linux operating system with latest patch