A new Zero-day distributed denial of service attack (DDoS) technique has been found in the wild that is able to amplify malicious traffic by as much as 55x. Ofer Maor, Director of Security Strategy at Synopsys commented below.
Ofer Maor, Director of Security Strategy at Synopsys:
“This vulnerability is another example of how developers often do not comprehend the security implications of implementation decisions they make for certain extreme cases. It appears that in this case, the response to an unintended exception results in returning substantial amounts of data. Naturally this can be used by attackers to make DDoS attacks more efficiently, by leveraging on resources available to the servers running the vulnerable LDAP service (i.e. the attacker only needs to use little bandwidth to make another machine attack its target with substantial more bandwidth used). As with many security vulnerabilities, attackers find ways to abuse a behavior which the developer that wrote this service, with insufficient security training and/or controls, did not perceive as a threat.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…
“Cybersecurity is increasingly complex, in part, due to the interconnected…
“Unfortunately, time and time again we see NGOs, hospitals and…
As I have always said - it is verified trust…