From the Blue Leaks, the data which is exposed or leaked by the DDoSecrets group which contains hundreds of sensitive documents from the past 10 years that may include official and personal information.

DDoSecrets of the Distributed Denial of secrets works the same as the WikiLeaks include transparency work. they publicly publish data and classified information that is submitted by the hackers while claiming the organizations themselves and never get involved in the extraction of the data.

As the hacktivist Group, the BlueLeaks dump having the information of “Police and FBI reports, guides, bulletins and more details which provide the unique insights into enforcement and a wide array of government activities that include the thousands of documents mentioning about the COVID19. 

We are gonna find a Screenshots of the Blue Leaks dump which show the data contains around millions of the files which include images, document, videos, web pages, text files, emails, audio files and more though they yet to investigate how many files are classified and that not supposed to be public.

The Blueleaks having the data which contained intelligence on protests include the recent countrywide “Black Lives matter” and that protest in the U.S which followed the death of George Floyd at the time when he was in the custody of Minneapolis.

The Blue Leaks have the list of U.S agencies are : 

• Alabama Fusion Center
• Austin Regional Intelligence Center
• Boston Regional Intelligence Center
• Colorado Information Analysis Center
• California Narcotic Officers’ Association
• Delaware Information and Analysis Center
• FBI Houston Citizens Academy Alumni Association
• FBI National Academy Association Arkansas/Missouri Chapter
• FBI National Academy Association Michigan Chapter
• FBI National Academy Association of Texas

When Finding it appears that the source of the massive data stems from a security breach at Houston-based web hosting ‘Netsential Inc’, and the web server for the National Fusion Center Association (NFCA) is hosted as security bloggers mention it.

The Fusion centers are having the information centers which enable intelligence sharing between local, territorial law enforcement, tribal and federal agencies which maximizing the ability to detect, investigate, prevent and respond to criminal and terrorist activities.

The NFCA confirmed that the “Data leaked was actually of around 24 years which are from August 1996 through June 19, 2020. The document which includes names, email addresses, phone number, PDF documents, images, and a large number of text, video, CSV and ZIP files”.

Netsential confirmed about the threat actor which had leveraged a compromised Netsential customer user account and the web platforms upload features and exfiltrated other Netsential customer data which include U.S police agencies.

NetSential is the same web hosting company that can previously be abused by the attackers that infect targeted victims with ransomware by sending spoofed spear-phishing emails.

Found this article informative? Follow Vednam on Facebook, Twitter, Mix, Tumbler, and Linkedin to know more exclusive content we post.

The post 269 GB of U.S Police and Fusion Centres Data Leaked Online appeared first on Vednam.

DDoS attack on ESET

From the sources, ESET researcher Lukas revealed details about an android app that used to target the ESET website with DDoS attacks.

The app appeared  “updates for android which seems like a new update. The main thing it was linked with a website i-updater.com that was really fascinating. It seems that it is not harmful and that may cause thousands of downloads.”

According to ESET analysis, the malicious app has an inbuilt ability to load and execute malicious JS on the target device. This may really not happen it appeared online in late 2019. Hence, it was avoided by the google play store’s security.

What really it effect

As the result came, it turned the devices of all its users into its “botnet”.The interesting part is that it displayed the ads on the devices which helps to hide app icons and in between the app start downloading malicious javascript from the attacker’s server to run on user’s devices.

However, the availability to execute JS is what the attackers used to wages a DDoS attack

“The DDoS attack starts with the machines who compromised while receiving a command to load the vulnerable script that specifies the targeted domain. When the script is loaded, the machine starts making requests to the targeted domain.”

This all happens till they don’t reach the ESET website, the team of ESET detected the source behind the attack.

Take Down the App

After finding the threat, the ESET team got in touch with Google who eventually removed the app from the play store. The researcher also checks the website i-updater.com remained up as it was not malicious. When the team checks the website it appeared as a blank page. The site is fully cleaned and no traces are found of threat and malicious script.

Conclusions came after that the attacker may go underground and rebuild the site in a new manner.

The post ESET Website under DDoS attack by Malicious Android App appeared first on Vednam.

DDoS attacks not always involved in a data breach and credential theft. When you talk along with the victim’s perspective DDoS attacks can cause almost irreparable damages. The DDoS attack is similar to the other cyber attacks but it caused devastating effects to targets. From attacking individuals as well as targeting large organizations’ infrastructure. cybercriminals have leveraged DDoS attacks in their own ways.

High Security will not do anything if DDoS attacks are evolving with more malicious and larger radius targets.

How DDoS Attacks Evolve?

Every time the botnets are used for conducting DDoS attacks on various web apps, attackers simply scan your vulnerable devices and take over them secretly. Attackers use infected devices(Like smartphones and PCs) to create barriers between malicious traffic and victim machines.

Let’s know the list of some recent trends depicting DDoS Evolution.

IoT has been targeted by Botnets

These days people are focusing on IoTs and they forget to understand that DDoS attackers target their IoT Devices with gadgets connected to the internet other than PCs and mobile phones. Attackers may target Tubelights, bulb, fridge, microwave anything that can be operated and maintained by IoTs; they get access to all devices without the knowledge of the owner and turn all devices into infected bots to create a botnet. 

The most used tool in the DDoS attack is the “Torii” botnet which has wage persistence with a greater range of IoT devices.

Power of Denial-of-Service Attacks

The Evolution of DDoS attack is the target impact These types of attacks have emerged to become advanced persistent Denial-of-service(APDoS). The DDoS protection tool sometimes fails against APDoS attacks.

Through APDoS attacks, the attackers target the core IT applications of the target organizations, such as databases and servers. With such attacks, hackers can also come to attack the ISPs and cloud services.

What happens if it is integrated with Machine Learning and AI?

If you put aside the IoTs, attackers are also looking for ways to do DDoS attacks including machine learning and artificial intelligence. If this happens means AI and ML are included with DDoS attacks then it may be difficult to handle DDoS attacks.

Methods to Prevent DDoS attack 

After all achievements and evolution, If an organization wants to Stop DDoS attack they need to take some precautions that may be helpful.

• Implementing IT security measures from the basic Stage.
• The Role of Web Application Firewall (WAF) is undeniable. A WAF helps to block irrelevant requests to avoid DDos Attacks.
• Using CDN that supports DDoS protections just as Cloudflare.
• Keep eyes on the new information related to the DDoS attack that can help you to prepare before attacks.
• The organization may hire the fully managed security offering included in the cloud WAF product AppTrana from the interface. A group of Experts helps to manage the structure and prepare a protection barrier before Attacks.

Know about the North Korea attacks

The post How DDoS attack effect organization in 2020 ? appeared first on Vednam.