2017 Online Safety Modernization Act

The 2017 Online Safety Modernization Act is a proposed bill which would make Swatting, Doxing, revenge porn, and other forms of online harassment illegal, and with harsher penalties.   (a) CRIMINAL VIOLATION.—Whoever uses the mail or any facility or means of interstate or foreign commerce, to knowingly publish a person’s personally identifiable information— (1) with…

OPSEC tool lineup

I find myself recommending a lot of these tools & practices to friends and colleagues so I thought I would share some of my insight on the best tools and practices to use for good OPSEC.
I’ll go over some of the tools that I personally use, then briefly describe how some of them can be used together to make your OPSEC practices a little easier and more streamlined.…

I'm a geek, gamer, and co-founder of Gota.IO. I dream in code. I can write in PHP, Perl, C#, HTML, CSS, & javascript. I am also an apache attack helicopter. Hobbies include flying around, shooting things down, and occasionally breaking stuff.

67.06% of Reported NTP Servers Patched After Waves of DRDoS Attacks

A script reporting vulnerable servers used in NTP reflection attackEarlier this month I wrote about how I took offensive security measures in order to shutdown the emerging NTP reflection / DRDoS threat. Today I am happy to announce that of the 2,917 reported NTP servers which were observed as being used in NTP reflection attacks, 1,956 (67.06%) of them have been either shutdown or patched to disallow monlist.…

I'm a geek, gamer, and co-founder of Gota.IO. I dream in code. I can write in PHP, Perl, C#, HTML, CSS, & javascript. I am also an apache attack helicopter. Hobbies include flying around, shooting things down, and occasionally breaking stuff.

CloudFlare Hit with 400Gbps NTP Amplification Attack

cloudflare-illustration-of-ntp-amplification-attackCloudFlare & Arbor Networks have both reported the attack against a CloudFlare hosted website reached a peak of between 325Gbps & 400Gbps. Previously the largest ever recorded DDoS attack has been against SpamHaus with 300Gbps.…

I'm a geek, gamer, and co-founder of Gota.IO. I dream in code. I can write in PHP, Perl, C#, HTML, CSS, & javascript. I am also an apache attack helicopter. Hobbies include flying around, shooting things down, and occasionally breaking stuff.

Dismantling DRDoS Attacks, the Offensive way

NTP monlist reply packet in wireshark

NTP monlist reply packet in wireshark

Late 2013/Early 2014 we started noticing a new reflected denial of service attack being used in the wild. This has been none other than the NTP amplification attack, which utilizes UDP spoofing to request monlist, which causes the NTPd to send the reply data back to the target host.…

I'm a geek, gamer, and co-founder of Gota.IO. I dream in code. I can write in PHP, Perl, C#, HTML, CSS, & javascript. I am also an apache attack helicopter. Hobbies include flying around, shooting things down, and occasionally breaking stuff.

Realm of the Mad God Domain Name Stolen

realmofthemadgod_hacked

AfraidIRC chat embedded into web page on realmofthemadgod.com

realmofthemadgod-swat-txt

Text file which appeared at realmofthemadgod.com/swat.txt

Yesterday at around 6:24PM central time, realmofthemadgod.com was hijacked by a group calling themselves swatsec. A mibbit chat was embedded to direct visitors to AfraidIRC (and later on Freenode).
Our staff members at AfraidIRC had to constantly let people visiting know that we are not affiliated with the game or the company behind it, and also let people know that we had nothing to do with the hijacking. Other than being a minor annoyance, since we didn’t actually know what was going on at first, that really wasn’t all that bad.…

I'm a geek, gamer, and co-founder of Gota.IO. I dream in code. I can write in PHP, Perl, C#, HTML, CSS, & javascript. I am also an apache attack helicopter. Hobbies include flying around, shooting things down, and occasionally breaking stuff.

Man Extorted out of his Twitter Username

hacker-keyboardOn January 20th Naoki Hiroshima discovered that his PayPal & GoDaddy accounts had been breached, and domains stolen.
The hacker had control over his email, websites, and online finances, while Naoki was powerless to protect himself. He was at the mercy of the attacker who stole his accounts.…

I'm a geek, gamer, and co-founder of Gota.IO. I dream in code. I can write in PHP, Perl, C#, HTML, CSS, & javascript. I am also an apache attack helicopter. Hobbies include flying around, shooting things down, and occasionally breaking stuff.

Will NTP Amplification Become More Popular than DNS Amplification?

ntp-amplification-attack-wiresharkIn this first month of 2014 there has been a new threat in the world of DrDoS.
Reflected NTP attacks appear to be increasing in popularity over DNS reflection (2013’s favorite reflected attack method), but will NTP amplification rise above DNS amplification in popularity?…

I'm a geek, gamer, and co-founder of Gota.IO. I dream in code. I can write in PHP, Perl, C#, HTML, CSS, & javascript. I am also an apache attack helicopter. Hobbies include flying around, shooting things down, and occasionally breaking stuff.

How an Attacker Can Turn Your Antivirus Into a Botnet

botnetSecurity researcher Jerome Nokin has managed to find exploits in McAfee’s ePolicy Orchestrator product which can allow an attacker to turn attached computers into a botnet, using the McAfee product as it’s C&C.…

I'm a geek, gamer, and co-founder of Gota.IO. I dream in code. I can write in PHP, Perl, C#, HTML, CSS, & javascript. I am also an apache attack helicopter. Hobbies include flying around, shooting things down, and occasionally breaking stuff.

Average of Over 2,000 Websites Defaced Each Day

In statistics data gathered from zone-h, a popular defacement archive, I was able to get an idea of how many websites are defaced each day, as well as how many unique servers are hacked to create these defacements. The numbers were shocking, to say the least, and a lot more defacements in a day than I ever imagined possible!…

I'm a geek, gamer, and co-founder of Gota.IO. I dream in code. I can write in PHP, Perl, C#, HTML, CSS, & javascript. I am also an apache attack helicopter. Hobbies include flying around, shooting things down, and occasionally breaking stuff.