Domain: incapsula.com
Stories and comments across the archive that link to incapsula.com.
Comments · 8
-
Re:Good for "whom," exactly?
Not my claim. OP's numbers. I did a duckduck search on "what portion of web traffic is search engine spiders" and the various articles were consistent with the OP's claim. "what portion of web traffic is robots" gives a WSJ article that says "over one third" in 2014, Another 2014 report ( https://www.incapsula.com/blog... ) claims over 60%, again in 2014. Who knows today?
-
Re:don't protect the targets. cut off the sources.https://www.incapsula.com/blog...
Both attack bursts originated from spoofed IPs, making it impossible to trace the botnet's actual geo-location or learn anything about the nature of the attacking devices.
-
Entries for hosts that block this
0.0.0.0 lelantos.org
0.0.0.0 srv70.putdrive.com
0.0.0.0 api.telegram.org
0.0.0.0 putdrive.com
0.0.0.0 telegram.org
0.0.0.0 smtp-mail.outlook.com
0.0.0.0 api.telegram.org
0.0.0.0 telegram.org* Per source article(s) from https://www.incapsula.com/blog/650gbps-ddos-attack-leet-botnet.html/ http://www.welivesecurity.com/2016/12/13/rise-telebots-analyzing-disruptive-killdisk-attacks/ https://cyberx-labs.com/en/blog/new-killdisk-malware-brings-ransomware-into-industrial-domain/ http://www.securityweek.com/destructive-killdisk-malware-turns-ransomware/ as this malware/botnet descends from others before it...
APK
P.S.=> Those are it's C&C's + other compromised sites/hosts/domains-subdomains & THIS IS THE 10th BOTNET HOSTS CONQUER IN THE PAST 2++ WEEKS - here's the others (many before it, but not as many as recently so fast & clustered together) https://news.slashdot.org/comments.pl?sid=10020701&cid=53529963/
-
Routers alone = shit (here's proof #15/15)
https://nakedsecurity.sophos.c...
https://nakedsecurity.sophos.c...
https://threatpost.com/exploit...
https://www.hackread.com/cisco...
https://www.incapsula.com/blog...
https://www.schneier.com/blog/...
http://hardware.slashdot.org/s...
http://www.theregister.co.uk/2...
http://news.slashdot.org/story...
http://news.slashdot.org/story...
http://news.com.com/Bug+expose...
http://news.cnet.com/8301-1009...
http://it.slashdot.org/story/1...
http://www.theregister.co.uk/2...* STILL BELIEVE routers = best security alone?
YOU SAID YOUR DNS NEVER WENT DOWN TOO?
Funny YOU ADMIT IT DOES -> http://slashdot.org/comments.p... & you FAIL vs. myself as usual, noob do-nothing "rookie ne'er-do-well" CHUMP!
APK
P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each) & YOU OUTRIGHT LIED ON YOUR DNS NEVER GOING DOWN TOO - HUGE fail (one for my bookmarks)... apk
-
Re:COOL STORY BRO
I'm not really sure anymore what your point even is?
I'll paraphrase the posts:
1) You state that having a smart phone is a bad idea and that this article seems to make it even more so.
2) I laughed at your comment.
3) You justify yourself.
4) I bring up the similarities and dis-similaries of the exploitability to other devices through MitM, such as a PC and imply that if that would be your main motivator, that probably should avoid using any other device with similar circumstances.
5) You side-tracked on 'wi-fi' being the cause.
6) I point out MitM again.
7) You don't really see my point.If you're implying that the CIA/NSA/FBI/whoever has sneaked into my house and is watching the whole three ethernet devices I have on my private network
CIA/NSA/FBI and other three letter agencies don't need to go on that level to my knowledge. With the advent of home routers being compromised through automated worms, Linux routers and even ISP routers getting compromised while operating in secure BAU setups. It would be silly to make assumptions like your Internet access is never going to have some sort of MitM. Based on this, how is this different to a smart phone being compromied by a MitM? I don't really see much of a difference.
In the next responses, I am just going to take the comments as if they were targetted to my use; because I have no idea what your use it or why you would end up compromised, but I have a good idea what would compromise me.
All I'm saying is why the hell should I make it easier for criminals or tragically anal-retentive government types to be going through my informational underwear drawer
I feel the risk to me in this area is very minimal because I simply do not store that data directly on the device. There is the exception that it has GPS tracking and I guess some special malware could get into my phone and trace where my phone is; but there isn't really much use to criminals having that information.
or directly monitoring me in realtime by having a smartphone when week after week I have it demonstrated to me that you're a chump if you own one
Considering that my alternative would be doing phone conferencing a lot over a laptop, I view the exploitability about the same with real time monitoring. If I had to use ae laptop, it too would know of the movies/documentaries I watch in bed, what slashdot comments I am reading (big deal) and the secure text messages (these aren't SMSes) I get regarding people accessing datacenters/servers
especially when nobody even uses their phone as a phone, for most it's like some crazy twisted lifestyle?
I use my landline for Internet and my mobile for voice calls, secure texts, tethering and discussing with people on Slashdot when I am travelling (last year I averaged 5 days a week in hotels and 0.7 days travelling per week).
..and before you say it: No, I'm not a luddite.
I never said that you're a luddite, your initial comment still does not really justify smart phones being that much worse than any other Internet connected device and I really don't care about any other reasons you have for not owning a smart phone.
-
Routers alone = shit (here's proof #15/15)
https://nakedsecurity.sophos.c...
https://nakedsecurity.sophos.c...
https://threatpost.com/exploit...
https://www.hackread.com/cisco...
https://www.incapsula.com/blog...
https://www.schneier.com/blog/...
http://hardware.slashdot.org/s...
http://www.theregister.co.uk/2...
http://news.slashdot.org/story...
http://news.slashdot.org/story...
http://news.slashdot.org/story...
http://news.com.com/Bug+expose...
http://news.cnet.com/8301-1009...* STILL BELIEVE routers = best security alone?
APK
P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each)... apk
-
Good for them for raising awareness
I actually work for one of the DDoS mitigation providers mentioned in this research paper. (Incapsula)
Speaking as an "insider" I can tell you that, while the statistical study is very interesting, none of the origin-exposing vectors it mentions are particularly new.
In fact all of these could be countered by few well-known best practices, which we are suggesting for years.
I've put up a list of things you can do to immunize your website from origin-exposing attacks. https://www.incapsula.com/blog...
I hope that now, with the subject getting some long overdue recognition, more people will get acquainted with these and pay more attention to their deployment configuration.
PS: IP masking is really not the best way to protect your origin. Today, almost all cloud-based vendors offer BGP enabled DDoS protection for direct-to-origin attacks. -
Re:Advertisement-as-news
Good point. Maybe so.
I was curious and found this blog post from Incapsula which contains the statistics both articles used. The details are different enough that I wouldn't call either article "plagiarized" from that post, though the articles could have provided more accurate citations. The ZDNet post has some details like
I spoke with Marc Gaffan, co-founder of Incapsula. “Few people realize how much of their traffic is non-human, and that much of it is potentially harmful.”
which make me think it's probably an original work, despite being advertisement-heavy.