- Openssl releases patch for high severity vulnerability
On Tuesday, the OpenSSL project team released OpenSSL version 1.1.0c that addresses three security vulnerabilities in its software. The vulnerability, reported by Robert Święcki of the Google Security Team on September 25, can lead to DoS attack by corrupting larger payloads, resulting in a crash of OpenSSL. The OpenSSL project also patches a moderate severity flaw (CVE-2016-7053) that can cause applications to crash. This vulnerability causes heap-based buffer overflow related to transport layer. Successful exploitation could allow denial of service.
Cyber Security Tips: Users are strongly recommended to upgrade software to OpenSSL version 1.1.0c.
- Top Russian Banks Suffer Powerful DDoS Attacks
Russian banks were targeted with two-days-long series of continuous DDoS attacks launched through a wide-scale botnet that involved 24,000 computer systems from 30 different countries. However, the banks managed to prevent the online client services from getting disrupted. It is happened due to around ten thousand computers are compromised from different ten countries. As per the analysis was done by the Russian computer security firm Kaspersky lab, over half of the botnets were located in the Israel, Taiwan, India and the USA. Every single wave of attack lasted for at least one hour and the longest of them all lasted for over 12 hours straight. The intensity of the attacks reached 660 thousands of requests per second. It is also noted that some of the banks were attacked repeatedly.
Cyber Security Tips: To prevent from such attack use security devices to filter request and user has to protect their computers from such attack by using antivirus and keep your system password protected.
- Trump’s victory crashes Canada’s immigration website
Donald Trump was voted as the 45th American President on Wednesday (November 09), the immediate aftermath of the situation was born by Canadian immigration website which crashed due to heavy traffic posting a “500 – Internal server error” message. The official website for ‘Citizenship and Immigration Canada’ was made inaccessible to visitors during the US election vote “as a result of a significant increase in the volume of traffic due to more no of request.
Cyber Security Tips: To prevent from such attack crashes make your server’s capability well enough to handle multiple request and use filter to handle your request.