“In this paper, we present #DDoSCoin, which is a #cryptocurrency with a malicious proof-of-work. DDoSCoin allows miners to prove that they have contributed to a #distributed_denial_of_service attack against specific target servers. This proof involves making a large number of TLS connections to a target server, and using cryptographic responses to prove that a large number of connections has been made. Like proof-of-work puzzles, these proofs are inexpensive to verify, and can be made arbitrarily difficult to solve.”
Paper: ▻https://www.usenix.org/conference/woot16/workshop-program/presentation/wustrow
]]>Attackers are turning MySQL servers into DDoS bots
▻http://www.net-security.org/malware_news.php?id=3134
Someone has been compromising MySQL servers around the world and using them to mount DDoS attacks. The latest targets of these attacks are an (unnamed) US hosting provider and a Chinese IP address.
Most of the servers affected in this campaign are located in India, China, Brazil and the Netherlands, but others can be found around the globe.
Uses variant of #Chikdos Trojan
• SQL injection to install malicious user-defined function (UDF) on target server, then loaded into SQL and executed
• UDF acts as downloader and compromise server to get remote access
• UDF downloads two variants of Chikdos trojan from 2 compromised sites.
#Border Check (BC) is a #browser extension that illustrates the physical and political realities of the internet’s infrastructure using free software tools. // MP19 soft-tools
▻http://mp19.net/border-check
As one surfs the net, data packets are sent from the user’s computer to the target server. These data packets go on a journey hopping from server to server, potentially crossing multiple countries, until the packets reach the desired website. In each of the countries that are passed different laws and practices can apply to the data, influencing whether or not authorities can inspect, store or modify that data.
In realtime BC lets you know which countries you surf through as you browse the web. Additionally BC will illustrate this process on a world map and (where available) provide you with contextualizing information on that country’s laws and practices regarding your data.
Currently supporting the following browsers on Unix systems and OSX:
Firefox, Chromium, Chrome, Safari
▻http://mp19.net/wp-content/uploads/2013/09/Bordercheck_01_MP19.jpg
(c’est @archiloque qui signale)
Adminer - Database management in single PHP file
►http://www.adminer.org/en
#Adminer is a full-featured database management tool written in PHP. Conversely to #phpMyAdmin, it consist of a single file ready to deploy to the target server. #mysql #sqlite
# git clone git://adminer.git.sourceforge.net/gitroot/adminer/adminer
via @suske