AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

DoS loop: new threat on UDP protocol puts digital security at risk

300,000 systems exposed: how to deal with the innovative attack that exploits UDP vulnerabilities

CISPA has discovered a cyber attack, called Loop DoS, that targets systems using UDP, causing endless traffic between servers with fake IP addresses. Around 300,000 devices are at risk. Security patches and preventative methodologies are recommended to avoid this.

This pill is also available in Italian language

The CISPA Helmholtz Center for Information Security, a German institution, recently uncovered a novel cyber threat targeting systems that employ the User Datagram Protocol (UDP) for communication. Known as Loop DoS, this malicious technique can cause an endless dialogue between servers through the use of manipulated IP addresses, compromising the availability of the affected services. UDP, known for its connectionless data transmission method, emerges as an ideal candidate for these types of spoofing attacks. Analysts estimate that up to 300,000 systems are exposed to risk due to this vulnerability.

Characteristics of the Loop DoS attack and its targets

The operation of the Loop DoS attack is based on generating uninterrupted communications between servers operating on vulnerable versions of UDP, via spoofed IP addresses. This activity generates an incessant exchange of error messages, draining the resources of the systems involved. Some of the common protocols subject to this attack include DNS, NTP, TFTP, as well as older ones like QOTD, Chargen, and Echo. Research shows that even modern protocols are susceptible, thus broadening the scope of the attack.

The current context and possible solutions

Although approximately 300,000 potentially vulnerable hosts have been identified, there are currently no reported cases of actual attacks. A preliminary report has exposed various hardware devices potentially at risk, including products from recognized brands such as Arris, Cisco and D-Link. Following the discoveries, specific vulnerabilities, such as CVE-2024-1309 for Honeywell devices, were communicated to manufacturers for investigation and fixes.

Prevention and mitigation strategies

To effectively combat Loop DoS, CERT/CC experts recommend promptly applying the security patches provided by the manufacturers, capable of neutralizing the highlighted critical issues. Alternatively, they suggest replacing devices that are no longer supported by updates. The configuration of advanced firewalls, the adoption of the TCP protocol and the use of request validation techniques prove to be other valid preventive measures. Finally, implementing anti-spoofing and Quality of Service (QoS) policies further strengthens protection against potential Loop DoS attacks.

Follow us on Threads for more pills like this

03/23/2024 09:51

Marco Verro

Last pills

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon

Data breach: Fortinet faces new hack, 440GB of stolen informationFortinet under attack: hackers breach security and make information public. discover the details and the consequences for the privacy of involved users

Shocking cyber espionage discoveries: nation-state threatsHow state-of-state cyberwarfare is changing the game in the tech industry: Details and analysis of recent attacks

A new era for Flipper Zero with firmware 1.0Discover the revolutionary features of Flipper Zero firmware 1.0: performance improvements, JavaScript, and enhanced connectivity