DDoS Blog

DDoS Blog

WannaCry FAQ

We have a had a number of enquiries lately about the Ransom Ware Vulnerability. What is it ? WannaCry also know as WanaCrypt 2.0 is a form of malware commonly known as "Ransom Ware". Where did it come from ? It was originally developed by the NSA in the US called "Eternal Blue" and was a way for[...]

May 15th 2017

DDoS prevention as part of a robust I.T. Strategy

A decade ago the idea of loss prevention (LP) had been limited to the idea of theft of merchandise. With the advent of online retailing, retailers have discovered that loss must be viewed more broadly to "intended sales income that was not and cannot be realized" [Beck and Peacock, 28]. While Beck a[...]

Jan 16th 2017

The Difference Between Positive VS Negative WAF ?

The resurgence in Positive security of late has been a refreshing change to the security landscape dominated by anti-virus scanners, IDS/IPS, and antispam engines. The resurgence is most noticeable in the field of Web Application Security where Web Application Firewalls have been adopting a Positive[...]

Dec 14th 2016

Online Certificate Status Protocol (OSCP) Vulnerability

Going Green...Internet security is a passion of mine. It’s why I get up in the morning (it’s also why I sometimes cry myself to sleep). For many netizensprotection is summarized by a green lock icon in the addressbar:That lock tells us that a Certificate Authority (CA) has verified the website i[...]

Sep 25th 2016

The Difference Between Web Vulnerability Assessment and Penetration Testing

The widespread use of web applications by businesses and organizations has made them a lucrative target for attackers. It only takes one successful exploit to cause a breach in an application's security and compromise an organization and its customers. These incidents have the potential to damage a [...]

Apr 15th 2016

How To Stress Test Your Website? Invite the Pope to Visit !

Two of our long time customers that are responsible for 911memorial.org, Radha Nagaraja, Dir. Software Development and Marc Cima, CTO contacted us about 10 days ago to inform us that they would be having a major event on September 25th that may stress the website and wanted to know what we could do [...]

Sep 26th 2015

How Visual Basic Broke Modern Python Welcome to the World of High Orbit Ion Cannon

In 2012, Anonymous introduced HOIC (high orbit ion cannon) as a replacement to LOIC (low orbit ion cannon). Unlike its predecessors, that were built upon C, and later java. This new DDoS player was built upon the unsuspecting language of Visual Basic. Taught in high school classrooms, Visual Basic [...]

May 27th 2015

Invalid TCP Flags Attacks Gaming the System

Figure 1: The TCP connection cycle.Packets with malicious intent encompass a diverse ecosystem of TCP behaviors. However network layer attacks that seek to be the most powerful are the ones that work within the expected connection cycle (see above: figure 1). For example one could launch a flood o[...]

Apr 30th 2015

How to use a CDN properly and make your website faster

It’s one of the biggest mysteries to me I have seen in my 15+ years of Internet hosting and cloud based services. The mystery is, why do people use a Content Delivery Network for their website yet never fully optimize their site to take advantage of the speed and volume capabilities of the CD[...]

Apr 27th 2015

Freak Attack Vulnerability CVE-2015-0204

We have a had a number of enquiries today about the Freak Attack Vulnerability.First off, if you are customer using our service your data is not vulnerable to this attack as we have disabled support for these, lower grade encryption protocols in October 2014. Our service will not accept RSA_EXPORT c[...]

Mar 4th 2015

DDoS Article Categories