All articles tagged with #ddos
Ubuntu and Canonical’s servers have been offline for more than 24 hours due to a cross-border DDoS attack, hampering the company’s ability to communicate after a major vulnerability disclosure. Updates remain available from mirror sites, while a pro‑Iran group claims responsibility and officials have offered little public comment as the outage persists.
An international law enforcement sweep called Operation PowerOFF, coordinated by Europol across 21 countries, has identified more than 75,000 DDoS-for-hire users, shut down 53 domains, and arrested four people, as part of an ongoing effort to disrupt booter services and raise awareness about illegality; previous phases have seized infrastructure and databases with more than 3 million criminal accounts, and the operation is now shifting toward prevention with awareness campaigns, search-engine removals of illegal content, and on-chain warnings tied to illicit payments.
Europol-led Operation PowerOFF, backed by EMPACT, coordinated actions in 21 countries to dismantle DDoS-for-hire networks, sending warning emails/letters to over 75,000 suspected users, seizing 53 domains, issuing 25 search warrants, and making four arrests, while launching prevention and awareness measures.
Intel 471 notes a surge in hacktivist campaigns after US–Israel strikes on Iran, with pro-Iranian and pro-Russian groups claiming DDoS, defacements and data breaches against governments, military and critical sectors in the U.S., Israel and neighboring countries; Israel, Kuwait and Jordan were among the most affected regions, and national government, aerospace/defense, and technology were top-targeted industries. The activity is high in volume but often low in actual impact, and experts say cyber operations are now integrated with military strategy, underscoring resilience needs and infrastructure risk.
Following Feb 28, 2026 U.S.–Israel strikes, Iran’s cyber posture shifts amid severe internet outages that likely constrain state-aligned actors, while hacktivist groups and other threat actors expand globally with low-to-medium impact activities (DDoS, data leaks, phishing). Unit 42 observes active phishing via a malicious Android app and notes a surge in cyber activism tied to an “Electronic Operations Room.” Defensive guidance emphasizes offline backups, out-of-band verification, patching internet-facing assets, phishing awareness, IP geofencing, and robust incident response; multi-layer defense and ongoing updates from cyber authorities are advised as activity remains fluid.
Embark Studios says Arc Raiders and The Finals have been hit by extensive, coordinated DDoS attacks, causing sustained server instability. Mitigations and hotfixes are in progress with some recovery reported, but it’s unclear when full restoration will be complete as players continue to log in.
KrebsOnSecurity.com celebrates its 16th anniversary by highlighting its recent coverage on cybercrime, including sanctions against cybercriminal entities, major phishing and DDoS attacks, and the rise of powerful botnets like Aisuru and Kimwolf, with plans to investigate Kimwolf's origins in 2026. The site thanks its readers and encourages support through ads and newsletter subscriptions.
A pro-Russian hacking group claimed responsibility for a DDoS cyberattack that disrupted France's postal service just before Christmas, affecting package deliveries and online banking, as part of broader hybrid warfare efforts against Western countries supporting Ukraine.
A major cyberattack, likely a DDoS, disrupted France's postal service and banking operations just days before Christmas, causing delays and service outages amid ongoing concerns about cyber warfare involving Russia and other foreign actors.
France's national postal service, La Poste, and its banking arm, La Banque Postale, were hit by a suspected DDoS cyber-attack causing service disruptions during the busy Christmas period, with online services inaccessible and mail deliveries slowed, amid a series of recent cyber incidents targeting French government and private sector entities.
France's postal service and banking division, La Poste and La Banque Postale, were hit by a suspected DDoS cyberattack during the Christmas period, disrupting package deliveries and online banking services. The incident follows previous attacks on La Poste and recent cyber breaches involving France's government and a suspected international ferry hacking plot, highlighting ongoing concerns about cyber threats and foreign interference in France.
A suspected cyberattack involving a DDoS incident disrupted France's La Poste postal service and La Banque Postale banking during the Christmas season, causing delays in mail delivery and online banking services, though customer data remained unaffected.
A 22-year-old Oregon man, Ethan J. Foltz, was arrested for operating Rapper Bot, a large IoT-based botnet used for launching massive DDoS attacks, including one that disrupted Twitter/X in March 2025. The botnet, which enslaved around 65,000 devices globally, was rented out to extortionists and was responsible for over 370,000 attacks targeting thousands of victims. Foltz admitted to building and controlling the botnet, which was designed to be manageable and stealthy, and he discussed its capabilities and rival threats in encrypted chats. The case highlights the significant financial and operational risks posed by such cybercriminal activities.
Researchers have discovered a new technique called Win-DDoS that exploits flaws in Windows LDAP and RPC protocols to turn public domain controllers into a powerful botnet for DDoS attacks, without requiring code execution or credentials, and identified multiple related DoS vulnerabilities that can be exploited remotely or internally, challenging assumptions about internal system safety.
A botnet named 'InfectedSlurs' is actively exploiting a remote code execution vulnerability in QNAP VioStor NVR devices, using them for DDoS attacks. The botnet was discovered by Akamai's Security Intelligence Response Team, who observed the exploitation of two zero-day vulnerabilities in routers and NVR devices. The first vulnerability affects FXC AE1021 and AE1021PE WiFi routers, while the second vulnerability impacts QNAP VioStor NVR models running QVR firmware 4.x. QNAP has released security updates and recommends users update their firmware and change passwords. Legacy VioStor NVR models that have reached end-of-life will not receive security updates and should be replaced.