Large ddos attack affecting multiple clients

Large DDOS attack affecting Multiple Client

Update: The attack seems to have been resolved by the provider at 20.oo central european time.

Intelliagg have seen an increase in traffic related to the bot-net named “mirai” that comprises of hacked devices such as home routers and surveillance cameras and other “internet of thing” (iot) devices.

Today a large distributed denial of service attack have affected several of our clients. The attack is ongoing and has currently not been resolved.

What we know

The early research of the attack shows that the majority of the affected sites and clients have a tie to DYNDNS who reported the attack at 16.00 Central european time. 

It is unclear wether more DNS providers are targeted in the attack but given the initial research on some of the big sites that have gone down that is likely.

Intelliagg will continue to investigate and update information on this attack.

Who is affected

It is looking like the attack is persistent and have targeted the Core DNS service from a bot net with an so called DNS amplification attack. Initially it seemed to only affect .com addresses but we are now getting reports that .se addresses are affected. According to our reports so far it seems .co.uk addresses are not affected.

Recommended action

If you are affected and know that you have Dyn.com as you dns provider we recommend to temporarily move DNS to a alternate provider or set up a temporary local DNS server. several of our clients have mitigated the attack by temporarily move the DNS resolution to amazon AWS.

For more information and updates

https://www.intelliagg.com/index.php/blog/

If you are affected have any questions or would like any advice on mitigation please send an e-mail to support@intelliagg.com 

Intelliagg CEO on BBC Horizon

Intelliagg Acquires DARKSUM

Intelliagg (Threat finder Ltd), provider of cyber threat intelligence services and software platforms for real-time cyber threat intelligence Intelligence, today announced it has acquired DARKSUM, Inc. a leading innovator in darknet collection and analytics. Under the terms of the agreement, Intelliagg has acquired all the assets, software, employees and intellectual property of DARKSUM for an undisclosed sum.

The combination of the DARKSUM and Intelliagg technologies revolutionize the intelligence collection market by unifying world-class machine learning capabilities with complete darknet collection.

Recent high-profile breaches show the business impact of information leaks and targeted attacks. Using automated detection leveraging machine learning is the future for detecting known and unknown threats from insider and external attackers to help organisations mitigate damages in a timely manner.

“Intelliagg built its reputation in security by enabling customers to effectively identify and respond to breaches and emerging threats. With this acquisition, our customers can now also better detect advanced threats found on the darknet – Breaches that are becoming more complex and severe with each passing day,” said Thomas Olofsson, co-founder of Intelliagg.

“With DARKSUM, Intelliagg improves its capabilities in detecting and acting upon advanced threats by shining a light on those threat actors who are hiding on the darker areas of the net. By detecting and responding to known and unknown threats, and by providing a platform to detect, respond to, and automate actions, Intelliagg has further reinforced its position of moving its clients from a reactive to a proactive position”

“We founded DARKSUM with a vision to help clients be in a proactive stance when monitoring for threats found only in the dark web,” said Eric Michaud, CEO, DARKSUM. “By joining Intelliagg and applying their machine learning platform to our datasets we are able to better detect breaches and new threat actor behavior. DARKSUM has solved a problem that previously required significant manpower, expensive custom toolsets, and compute time. We are very excited to join the Intelliagg family and deliver new detection capabilities to customers.”

Key capabilities of the combination of the Intelliagg and DARKSUM solutions include the ability to:

Detect physical and cyber Threats against your organization

  • Continuous monitoring for and automatic detection of threats from private and open sources the use multi-domain analysis using machine learning.
  • Continuous monitoring of hundreds of thousands of darknet as well as open sources.
  • All events manually verified by skilled threat analysts

About Intelliagg

Intelliagg is a leading threat intelligence company working with organisations to control or evade data loss, reputational damage and targeted cyber crime through the provision of intelligence and automatic threat detection through machine learning.

The company provides a suite of professional and managed services that deal with cyber threat intelligence and incident response management. Intelliagg was founded in London 2011 and is privately held by the founders.

The company’s founders had a vision to bridge the gap between technical cyber protection and theoretical risk assessment models with actionable threat intelligence.

For more information go to http://www.Intelliagg.com/