iMyFone LockWiper Crack With Serial Key 2020

iMyFone LockWiper Crack With License Key 2020

Helps you bypass the iPhone passcode in case you forgot it and the device became unusable or you have to wait for a long time before attempting to unlock it again

Flvto Youtube Downloader Crack + Activator Download 2020

Flvto Youtube Downloader Crack With Activator Latest

With this simple and intuitive application, you can swiftly download all your favorite online videos to your computer, in just a couple of moves

Voicemod Crack + Serial Key Updated

Voicemod Crack Plus Serial Number

Real-time voice changer that works with any application and comes equipped with an extensive collection of voices and ambient effects

Dolby Access Crack + Activator

Dolby Access Crack With Keygen

Take advantage of stunning sound quality and realism in your multimedia experiences, with sound that surrounds you with the help of this app that gives you a free trial of Dolby Atmos.

DraftSight Crack With Activator 2020

DraftSight Crack + Activator Updated

Rich-featured CAD application that enables users to quickly load, visualize and edit all their DWG files, as well as create new drawings from scratch


IT News

May 29
The experimental project addresses common pain points of developing, testing, and deploying microservices and distributed applications
May 28
Red Hat's middleware platform for cloud-native apps now incorporates Java microservices technology
May 28
The company's Cliq messaging app gets a raft of features designed to help employees and managers keep track of workers in a virtual office.
May 27
Some industries have seen increases in cloud-related threat events rise as much as 1,350% since the COVID-19 crisis began.
May 27
COVID-19 has accelerated some companies' plans to adopt secure access service edge (SASE), which combines SD-WAN capabilities with network security services.
May 27
Microsoft is bringing improvements to the 'low code' Power Platform that professional developers could use, such as T-SQL support and GitHub integration
May 27
Cisco has upgraded its core networking software to include better support for multicloud integration and management as well as tools to help telcos or hyperscalers tie together large scale data center networks.


Misconfigured WS-Discovery in devices enable massive DDoS amplification

Hundreds of thousands of devices can be abused to amplify distributed denial-of-sevice (DDoS) attacks because they are misconfigured to listen and respond to WS-Discovery protocol requests over the internet. Web Services Dynamic Discovery (WS-Discovery or WSD) is an UDP-based communications protocol used to automatically discover web-based services inside networks. It's been used by printers, cameras and other types of devices for over a decade, including by various Windows features starting with Windows Vista.

Most automated service discovery and configuration protocols, including UPnP (Universal Plug and Play), SSDP (Simple Service Discovery Protocol), Simple Network Management Protocol (SNMP) and WSD were designed for use on local networks. However, many devices come with insecure implementations that expose these protocols to the internet, allowing for attackers to abuse them in DDoS reflection and amplification attacks.

What is DDoS reflection?

Unlike TCP, UDP does not perform any IP source validation, which makes most UDP-based protocols vulnerable to IP spoofing by default. In turn, this allows attackers to hide the source of DDoS traffic by "reflecting" it through machines that respond over such protocols.

The way DDoS reflection works is this: From machines under their control, attackers send queries to other servers over an UDP-based protocol and set the source IP address inside packets to be the IP address of their intended victim. This causes the queried servers to send their responses to the victim, instead of back to the attackers' machines.

DDoS reflection is particularly powerful when the generated responses are larger than the original requests, because it allows attackers to amplify their available bandwidth. For example, an attacker with control over ten machines can send requests to 100 devices with a vulnerable UDP-based service exposed to the internet. In turn, those devices send large responses to the victim due to IP spoofing, so the victim receives a larger number of malicious packets from 100 neutral machines instead of the ten the attacker controls.

WSD is a serious threat

In a new report published today, researchers from Akamai warn that attackers have already started abusing WSD as a DDoS amplification technique and are ramping up their attacks. In one case, an Akamai customer from the gaming industry was hit with a WSD flood that peaked at 35 Gbps.

"Additional research into WSD protocol implementations on devices across the Internet raised grave concerns, since the SIRT [Security Intelligence Response Team] was able to achieve amplification rates of up to 15,300% of the original byte size," the Akamai researchers said in their report. "This places WSD in fourth place on the DDoS attacks leaderboard for highest reflected amplification factor."

Akamai's SIRT studied the WSD protocol as well as various implementations found in devices and discovered ways for attackers to significantly reduce their initial request payloads to trigger responses with huge amplification factors. For example, a standard WSD probe is 783 bytes, but Akamai's researchers managed to reduce it to 170 bytes and still trigger a valid WSD response of 3,445 bytes.

They didn't stop there. It turns out that it's more profitable for attackers to send malformed payloads that would trigger WSD errors. These error responses are not as large as valid probe responses, but there are methods to enlarge them and the requests that trigger them are significantly smaller than valid probes -- 29 and even 18 bytes for some vulnerable implementations found in around 2,151 devices from a certain manufacturer.

While the pool of devices that can be abused with the 18-byte attack is quite small, the pool of devices exposed to the internet that respond to the 29-byte payloads is much bigger. In such a scenario, an attacker with a 100-Mbps connection would be able to send 420,000 requests per second with the 29-byte payload triggering 2,599-byte responses and generating an attack of 8.73 Gbits at an 8,900% amplification rate. "Get 10 nodes, and this can turn into an 87Gbps attack," the Akamai researchers warned.

Even with valid probes and lower amplification factors, the WSD technique still poses a serious threat, since Akamai identified 802,115 devices on the internet that respond back to WSD probes with a 193% median amplification factor. Many of the devices are CCTV cameras and digital video recorders.

Mitigation for the WSD technique

Organizations can block UDP source port 3702 in their gateway devices and firewalls to prevent unsolicited WSD traffic from reaching their servers. However, the traffic can still congest the bandwidth available on their router. So, complete mitigation requires enforcing access control lists (ACLs) to block traffic from known devices with WSD exposed. DDoS mitigation providers are likely to maintain such lists, just like they do for devices with vulnerable DNS, NTP, SNMP, UPnP and other services that can be abused for DDoS reflection and amplification.

"WSD suffers from the same problem we've seen time and time again," the Akamai researchers said. "WSD was designed and intended to be a LAN-scoped technology. It was never meant to live on the internet. As manufacturers pushed out hardware with this service (improperly) implemented, and users deployed this hardware across the Internet, they've inadvertently introduced a new DDoS reflection vector that has already begun to see abuse."

"The only thing we can do now is wait for devices that are meant to have a 10- to 15-year life to die out and hope that they are replaced with more secured versions," they said.

This story, "Misconfigured WS-Discovery in devices enable massive DDoS amplification" was originally published by CSO.