Categories
Security

DynDNS is currently being DDoS’d – May affect your site

DNS provider DynDNS, also known as Dyn.com is currently being attacked using a very aggressive DDoS attack. If you use them for your website DNS you probably have experienced outages today.

You can get status updates from DynDNS themselves here and also on Twitter.

This attack affects any website or online service that uses Dyn.com for DNS resolution. So far this attack has affected:

  • Paypal
  • Netflix
  • Github
  • Twitter
  • Esty
  • Soundcloud
  • Spotify
  • Amazon
  • Heroku
  • Pagerduty
  • Shopify

And many other large well known brands.

This attack may affect your website shopping cart checkout if you use a service provider who has been affected by the attack. It may also affect other features or services you provide to customers that rely on being able to contact a site affected by the attack.

The attack appears to be an attack on Dyn’s infrastructure according to their technical updates. They are working continuously to mitigate the attack. You can watch BGP routes change as Dyn tries to mitigate the attack.

Last Friday the source code for the Mirai malware that infects a very large (greater than 1 million) Internet of Things botnet was released to the general public. According to Brian Krebs this “virtually guarantees that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices”. This large scale attack today may be related to the Mirai source code release.

DownDetector is showing many major brands are having trouble today. Click on a logo for connectivity details.

If you are affected by this attack, you should consider setting up another DNS provider as your secondary DNS or temporarily moving all DNS to another provider. This appears to be what Amazon has done to mitigate the attack. You will need to exactly duplicate your DNS configuration on the new provider before making it the authoritative DNS for your domain and this may take some time. The transfer may take up to 48 hours, by which time this may all be over.

The post DynDNS is currently being DDoS’d – May affect your site appeared first on Wordfence.

Categories
Security

A Plugin’s Expired Domain Poses a Security Threat to Websites

Do you keep all of your website software (including third-party themes, plugins, and components) up to date? You should! We always recommend this to our clients and readers. Applying updates quickly will make sure that you replace any vulnerable code as soon as the security patch is released. However, this isn’t the only reason to…

The post A Plugin’s Expired Domain Poses a Security Threat to Websites appeared first on Sucuri Blog.

Categories
Security

Nulled WordPress Themes: Malvertising and Black Hat SEO

If you have been following our blog for some time, you know that we regularly warn about risks associated with the use of third-party software on your site. A benign plugin may sneakingly inject ads into your site which cause malvertising problems for the site visitors (e.g. SweetCaptcha). Other plugins may be hijacked by hackers or…

The post Nulled WordPress Themes: Malvertising and Black Hat SEO appeared first on Sucuri Blog.