Month: August 2022

Google announced it has fended off the largest ever HTTPS-based Distributed Denial of Service (DDoS) attack, which peaked at 46 million requests per second. According to Google, the DDoS attack was quickly detected and stopped at the edge of Google’s network, and the customer that was attacked was not impacted.

On June 1, 2022, starting 9:45 AM PDT, a Google Cloud Armor customer was targeted with a series of HTTPS DDoS attacks which peaked at 46 million requests per second. To give a sense of the scale of the attack, that is like receiving all the daily requests to Wikipedia (one of the top 10 trafficked websites in the world) in just 10 seconds.

Cloud Armor Adaptive Protection was able to detect and analyze the traffic early in the attack lifecycle. Cloud Armor alerted the customer with a recommended protective rule which was then deployed before the attack ramped up to its full magnitude. Cloud Armor blocked the attack ensuring the customer’s service stayed online and continued serving their end-users.

“There were 5,256 source IPs from 132 countries contributing to the attack. Approximately 22% (1,169) of the source IPs corresponded to Tor exit nodes.”

The attack lasted 69 minutes, ending at 10:54 AM PDT.

Read more about it here.

Attackers abused open redirects on the websites of Snapchat and American Express in a series of phishing attacks to steal Microsoft 365, Fedex and Docusign credentials.

Open redirect occurs when a website provides a URL which direct to another URL, and it fails to validate user input, allowing attackers to redirect victims to malicious sites. Victims will trust the link, because the first domain name in the manipulated link is a trusted domain, such as American Express or Snapchat. An example of such URL is https://safe.com/redirect?url=https://malicious.com.

“The trusted domain (e.g., American Express, Snapchat) acts as a temporary landing page before the surfer is redirected to a malicious site.” says a post published in August 2022 by Inky.

During a two-and-a-half-month period, INKY engineers detected the snapchat[.]com open redirect vulnerability in 6,812 phishing emails originating from various hijacked accounts.

Open Bug Bounty reported the Snapchat vulnerability to the company on Aug. 4, 2021. However, it remains unpatched.

American Express quickly fixed the issue in late July 2022.

When examining links, surfers should keep an eye out for URLs that include, for example, “url=”, “redirect=”, “external-link”, or “proxy”. These strings might indicate that a trusted domain could redirect to another site.

Web sites owners should allow redirects to go only back to their web site.

Read more about it here.

The US Federal Communications Commission (FCC) warned Americans of the rising threat of robotext (smishing) attacks.

“Substantial increases in consumer complaints to the FCC, reports by non-government robocall and robotext blocking services, and anecdotal and news reporting make it clear that text messages are increasingly being used by scammers to target American consumers”, reads the alert.

Scam text message senders want you to engage with them. Like robocallers, a robotexter may use fear and anxiety to get you to interact. Texts may include false-but-believable claims about unpaid bills, package delivery snafus, bank account problems, or law enforcement actions against you.

Some scammers may be after your money, but others may simply be trying to collect personal information or confirm that a number is active for use in future scams. Do not respond or click on any links in the message

Some independent reports estimate billions of robotexts each month.

What should you do to protect Yourself:

• Do not respond to suspicious texts, even if the message requests that you “text STOP” to end messages.
• Do not click on any links.
• Do not provide any information via text or website.
• File a complaint.
• Forward unwanted texts to SPAM (7726).
• Delete all suspicious texts.
• Update your smart device OS and security apps.
• Consider installing anti-malware software.
• Review companies’ policies regarding opting out of text alerts and selling/sharing your information.
• Review text blocking tools in your mobile phone settings, available third-party apps, and your mobile phone carrier’s offerings.

Read more about it here.