Nei giorni scorsi il sito web seflow.it è stato impattato da un attacco TCP da 9 Milioni di PPS. Si tratta del primo attacco con peak superiore ai 4 Milioni ricevuto dall’ implementazione del servizio WAF con mitigazione scalabile. La protezione DDoS SeFlow si basa…
Category: Security
Mikrotik O.S. - DNS cache poisoning vulnerability
DNS cache poisoning vulnerability Tenable has identified a vulnerability in RouterOS DNS implementation. RouterOS 6.45.6 and below is vulnerable to unauthenticated remote DNS cache poisoning via Winbox. The router is impacted even when DNS is not enabled. One possible attack vector is via Winbox on port 8291 if this port is…
Remote Desktop Services Remote Code Execution Vulnerability
Qualche giorno fa, Microsoft ha reso pubblica l’esistenza di una vulnerabilità critica della sicurezza che minaccia questi sistemi operativi: Windows XP; Windows 7 ; Windows Server 2003; Windows Server 2008; Windows Server 2008 R2. Chiamato “BlueKeep” e registrato con il codice CVE-2019-0708, questo bug è…

MS SQL REFLECTION - Again
Recently we detected return of reflection from 1434 port. The attack manifests in the form of Microsoft SQL Server responses to a client query or request via abuse of the Microsoft SQL Server Resolution Protocol (MC-SQLR), which listens on UDP port 1434…

3 million packets per second . Good Summer Holidays!
Unless you’re setting up a website just for you and your 2 penpals and all the content that this website will ever have will be text entries, then you need to take a real close look at those bandwidth and disk space terms.