Latest coverage for DoS
Stay updated on DoS threats. Explore the latest news and insights on Denial of Service attacks, prevention tips, and cybersecurity strategies.
Refine the feed
Search across headline titles and summaries.
Tag briefing
Background for this topic.
Denial of service (DoS) is an attack that makes a system, network, or application unavailable by exhausting resources or triggering failure. Floods can consume bandwidth, connection state, CPU, memory, or request-processing capacity; a software defect may instead be exploited to crash a service. A distributed denial-of-service (DDoS) attack generates traffic from many systems, increasing volume and complicating source-based blocking. The material security impact is loss of availability for users and dependent services, including websites, APIs, DNS, and operational systems.
Mitigation should match the bottleneck. Rate limits, request validation, connection protections, caching, and service isolation can reduce application and state-exhaustion attacks; volumetric traffic generally needs filtering or absorption upstream of the network. Monitoring should distinguish abnormal request patterns from ordinary load and alert on saturation, while tested failover, traffic diversion, and restoration procedures limit outage duration. Vulnerability management and timely patching reduce DoS caused by remotely triggerable crashes, but do not replace capacity planning and resilience testing.
Critical Bug Could Open 50K+ Tinyproxy Servers to DoS, RCE
Patch now: CVE-2023-49606 in the open source, small-footprint proxy server can potentially lead to remote code execution.
Mastodon delays fix for link previews DDoSing websites
Decentralization is great, except when many servers grab data from a site Mastodon has pushed back an update that would have addressed the issue of link previews creating accidental distributed denial of service (DDoS) attacks.…
Germany points finger at Fancy Bear for widespread 2023 hacks, DDoS attacks
ALSO: Microsoft promises to git gud on cybersecurity; unqualified attackers are targeting your water systems, and more infosec in brief It was just around a year ago that a spate of allegedly Russian-orchestrated cyberattacks hit government agencies in Germany, and now German officials claim to know for a fact who did it: APT28, or Fancy Bear, a Russian threat actor linked to the GRU intelligence service.…