HPE says hackers breached Aruba Central using stolen access key
FBI warns of Iranian hackers looking to buy US orgs’ stolen data
Telnyx is the latest VoIP provider hit with DDoS attacks
NUCLEUS:13 TCP security bugs impact critical healthcare devices
You can prepare for 11 popular CompTIA exams with this $50 bundle
Microsoft: New security updates trigger Windows Server auth issues
Gmail accounts are used in 91% of all baiting email attacks
Careful: ‘Smart TV remote’ Android app on Google Play is malware
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security
DDoS
Telnyx is the latest VoIP telephony provider targeted with distributed denial-of-service (DDoS) attacks, causing worldwide outages since yesterday.
Telnyx is a voice over Internet Protocol (VoIP) company that provides worldwide telephony services over the Internet, including in the Americas, EMEA, APAC, and Australia regions.
Starting November 9th at approximately 11 PM EST, Telnyx was targeted with a DDoS attack causing all telephony services to fail or be delayed.
“Telnyx is currently experiencing a DDoS attack. Until we reach a resolution, you may be experiencing failed calls, API and portal latency/time outs, and/or delayed or failed messages,” reported the Telnyx status page.
After the DDoS attacks continued, Telnyx began migrating their services to Cloudflare’s Magic Transit service, which provides DDoS protection for service providers.
“Magic Transit delivers its connectivity, security, and performance benefits by serving as the “front door” to your IP network. This means it accepts IP packets destined for your network, processes them, and then outputs them to your origin infrastructure,” explains documentation for the Magic Transit feature.
At this time, Telnyx has moved their EMEA and APAC services behind Cloudflare, with the company planning on migrating services for the Americas during off-peak hours.
This attack follows September DDoS attacks on VoIP.ms and Bandwidth that effectively took down the service provider’s services for days.
When VoIP.ms suffered their week-long DDoS attack, they received a ransom demand by threat actors impersonating the ransomware group ‘REvil.’
The threat actors initially demanded a one bitcoin ransom (roughly ~$45,000) to halt the attacks but later increased it to 100 bitcoins, worth approximately $4.5 million at the time
Bandwidth remained silent about the cause of their outage for days but, eventually, admitted to suffering a DDoS attack.
In a recent Q2 2021 earnings call, the Bandwidth CEO implied that the threat actors demanded a ransom in their attack but that the company did not give in to the demands.
“We did not pay a ransom and instead relied on innovative solutions and strategies to confront the threat, head on. To sum up, we believe, Bandwidth is now stronger than ever and we plan to leverage what we’ve learned to help make the ecosystem safer for enterprise communications,” Bandwidth CEO David Morken said during the earnings call.
To mitigate the DDoS attacks, both vendors migrated their infrastructure behind Cloudflare as well.
Morken went as far as to say that the attacks on their infrastructure taught Cloudflare how to mitigate attacks against VoIP providers.
“We rallied during this attack and used vendors like Cloudflare and taught them how to address this issue for the first time and collaborated with them in a way that they then were able to go to the whole industry and share,” said Morken.
As VoIP services are commonly routed over the Internet and require servers and endpoints to be publicly accessible, they become prime targets for DDoS extortion attacks.
We should expect these attacks to continue and potentially bypass defenses at times as threat actors evolve their tactics.
BleepingComputer did not receive a response after reaching out to Telnyx to ask if they also received a ransom demand.
Bandwidth.com is latest victim of DDoS attacks against VoIP providers
VoIP.ms phone services disrupted by DDoS extortion attack
Dutch police send warning letters to DDoS booter customers
FBI: HelloKitty ransomware adds DDoS attacks to extortion tactics
DDoS attacks against Russian firms have almost tripled in 2021
Not a member yet? Register Now
Microsoft urges Exchange admins to patch bug exploited in the wild
Microsoft November 2021 Patch Tuesday fixes 6 zero-days, 55 flaws
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source

You May Also Like

UK govt shares 585 million passwords with Have I Been Pwned

UK govt shares 585 million passwords with Have I Been PwnedFBI: State…

Microsoft announces new endpoint security solution for SMBs

FBI: Ransomware targets companies during mergers and acquisitionsMicrosoft Defender for Windows is…

Microsoft Exchange ProxyShell exploits used to deploy Babuk ransomware

Ukraine links members of Gamaredon hacker group to Russian FSBSamsung Galaxy S21…

Eurostar tests facial recognition system on London train station

Microsoft offers 50% subscription discounts to Office piratesRussian hacking group uses new…