Author: Roland Dobbins
Roland Dobbins is a Principal Engineer on Arbor’s ASERT Team. He has more than 30 years of operational experience in the service provider (SP) and large enterprise arenas, designing, deploying, operating, securing, maintaining, troubleshooting and defending many of the highest-visibility networks in the world. He is a recognized industry leader in the fields of operational security (opsec) and network telemetry, and has an extensive background in security product/feature innovation, devising operational security requirements for network infrastructure devices and protocol design. His focus is on extending the availability, scalability and security of the network infrastructure and the applications/services it enables, with an emphasis on flexible and resilient global service delivery capabilities.
Written by Roland Dobbins, ASERT Principal Engineer & Matt Bing, ASERT Security Analyst.
In this article:
- SSDP Diffraction Attacks aren’t new; they’ve been observed in the wild since 2015.
- ‘Evasive Amplification’ attacks, aren’t.
- UPnP NAT Bypass is real.
Read more
ASERT Threat Summary: memcached Reflection/Amplification Description and DDoS Attack Mitigation Recommendations Date/Time: 27022018 2325UTC Title/Number: memcached Reflection/Amplification Description and DDoS Attack Mitigation Recommendations – February 2018 – v1.4. Severity: Critical Distribution: TLP WHITE (see <https://www.us-cert.gov/tlp>) Categories: Availability Authors: Roland Dobbins & Steinthor Bjarnason Contributors: Keshav […]
Read more
Over the course of the last few weeks, a botnet comprised mainly of Android mobile devices has been utilized to launch a high-impact DDoS extortion campaign against multiple organizations in the travel and hospitality sector. This botnet, dubbed ‘WireX’, is only the second mobile botnet […]
Read more
Authors: Roland Dobbins & Steinthor Bjarnason Since its inception in August of 2016, the Mirai ‘Internet-of-Things’ (IoT) botnet, comprised largely of internet-enabled digital video recorders (DVRs), surveillance cameras, and other Internet-enabled embedded devices, has been utilized by attackers to launch multiple high-profile, high-impact DDoS attacks against various Internet properties and […]
Read more
One of the truisms of comic books and graphic novels is that nothing is immutable – both heroes and villains are rebooted, retconned, featured as radically (or subtly) different versions in alternate timelines, etc. The Marvel Cinematic Universe, which so far includes the Captain America, […]
Read more