2015 Cybersecurity Threat Advisories

Electronic Medical Records: Risks and Defenses
Published November 16, 2015
Malicious actors have begun to exploit the data contained within Electronic Medical Records (EMRs) with the potential to commit various forms of fraud.

Case Study: FASTDNS Infrastructure Battles XOR Botnet
Published November 12, 2015
XOR DDoS malware used in a ten day, multi-vector DDoS attack against Akamai’s FASTDNS Infrastructure.

Torte Botnet: A Spambot Investigation
Published November 2, 2015
A multi-layered, decentralized and widely-distributed botnet used to launch brute-force email spamming campaigns.

Latest DDoS Reflection Attack Vectors Threat Advisory
Published October 28, 2015
NetBIOS name server reflection DDoS, RPC portmap reflection DDoS and Sentinel DDoS, which reflects off of licensing servers.

XOR DDoS Threat Advisory
Published September 29, 2015
Linux machines infected by XOR DDoS malware are launching DDoS attacks at as many as 20 targets a day.

Summary of Operation DD4BC Case Study
Published September 9, 2015
The latest bitcoin extortion campaigns by DD4BC in May through July 2015 involved new social tactics and DDoS methodology.

RIPv1 Reflection DDoS Threat Advisory
Published July 01, 2015
Attackers are using an outdated Routing Information Protocol version one (RIPv1) for reflection and amplification attacks.

DD4BC Operation Profile
Published April 23, 2015
A malicious group that extorts bitcoins while threatening large DDoS attacks and offering DDoS protection has expanded its range of targets.

Joomla Reflection DDoS-for-Hire Threat Advisory
Published February 25, 2015
Attackers are using reflection techniques against compromised Joomla servers to launch DDoS GET floods.

MS SQL Reflection DDoS Threat Advisory
Published February 12, 2015
Attackers are using reflection techniques against Internet-exposed SQL Server instances to launch amplified DDoS attacks against targets.