ZDNet

The CoAP protocol is the next big thing for DDoS attacks

RFC 7252, also known as the Constrained Application Protocol (CoAP), is about to become one of the most abused protocols in terms of DDoS attacks, security researchers have told ZDNet. If readers ...
ZDNet

Apple's AWDL protocol plagued by flaws that enable tracking and MitM attacks

Apple Wireless Direct Link (AWDL), a protocol installed on over 1.2 billion Apple devices, contains vulnerabilities that enable attackers to track users, crash devices, or intercept files transferred ...
Ars Technica

How DDoSers used the HTTP/2 protocol to deliver attacks of unprecedented size

What's missing from this article is a discussion of what the IETF HTTPBIS working group is doing about it. Here's a link to the thread on the mailing list: https ...
Bleeping Computer

DDoS Attacks Leverage UPnP Protocol to Avoid Mitigation

Attackers are experimenting with a new method of avoiding some DDoS mitigation solutions by employing the Universal Plug and Play (UPnP) protocol to mask the source port of network packets sent during ...
Bleeping Computer

IC3 Issues Alert Regarding Remote Desktop Protocol (RDP) Attacks

The Internet Crime Complaint Center (IC3), in collaboration with the Department of Homeland Security and the FBI, have issued a security alert regarding attacks being conducted through the Windows ...
Network World

Attackers abuse legacy routing protocol to amplify distributed denial-of-service attacks

Servers could be haunted by a ghost from the 1980s, as hackers have started abusing an obsolete routing protocol to launch distributed denial-of-service attacks. DDoS attacks observed in May by the ...
Ars Technica

Hackers can mess with HTTPS connections by sending data to your email server

When you visit an HTTPS-protected website, your browser doesn’t exchange data with the webserver until it has ensured that the site’s digital certificate is valid. That prevents hackers with the ...
Dark Reading

Critical Vulns Discovered in Vendor Implementations of Key OT Protocol

Researchers from Claroty this week disclosed multiple critical vulnerabilities in vendor implementations of the Open Platform Communications (OPC) network protocol that is widely used in operational ...
Tidbits

New iMessage PQ3 Encryption Protocol Protects Against Post-Quantum Attacks

Today we are announcing the most significant cryptographic security upgrade in iMessage history with the introduction of PQ3, a groundbreaking post-quantum cryptographic protocol that advances the ...
CoinTelegraph

ParaSwap launches intent-based protocol to curb MEV attacks

Decentralized exchange aggregator ParaSwap is launching an intent-based trading protocol designed to mitigate an issue costing millions of dollars on crypto transactions daily: MEV attacks. “MEV” ...
SDxCentral

VU#456537: RADIUS protocol susceptible to forgery attacks.

Overview A vulnerability in the RADIUS protocol allows an attacker allows an attacker to forge an authentication response in cases where a Message-Authenticator attribute is not required or enforced.