#ddos-attacks

#ddos-attacks

Cybercrime has skyrocketed since the start of the Iran war, according to Akamai, which reports a 245 percent increase in everything from credential harvesting attempts to automated reconnaissance traffic aimed at banks and other critical businesses.

Using the tools they administer, popular websites such as auction and sales portals, IT domains, hosting services, and accommodation booking services were attacked. The youths, aged between 12 and 16 at the time of the alleged offenses, all face charges related to selling DDoS tools in what police described as a purely profit-driven scheme.

In light of rapidly evolving events in the Middle East, it is critical that all UK organisations remain alert to the potential risk of cyber compromise, particularly those with assets or supply chains that are in areas of regional tensions. Today, the National Cyber Security Centre has published an alert outlining the current cyber threat to the UK and the practical steps organisations should take in response.

Wikipedia editors have decided to remove all links to Archive.today, a web archiving service that they said has been linked to more than 695,000 times across the online encyclopedia. Archive.today - which also operates under several other domain names, including archive.is and archive.ph - is perhaps most widely used to access content that's otherwise inaccessible behind paywalls. That also makes it useful as a source for Wikipedia citations.

Cloudflare says DDoS crews ended 2025 by pushing traffic floods to new extremes, while Britain made an unwelcome leap of 36 places to become the world's sixth-most targeted location. The Q4 stats confirm it was a lively year for traffic floods, with Cloudflare claiming it had to swat away 47.1 million DDoS attacks, more than double 2024's count. Momentum picked up toward the end of the year, as Q4 volumes jumped 31 percent from the prior quarter and 58 percent over 2024.

Also known as Kimwolf, Aisuru is one of the largest botnets currently in existence, powered by an estimated one to four million infected hosts worldwide, including home and consumer devices such as routers and online CCTV systems. Its operators scan the web for vulnerable devices, often with exposed ports or default credentials, and infect them to add them to a pool of devices that can be harnessed to launch a tsunami of fake traffic against a target service.

"SoundCloud recently detected unauthorized activity in an ancillary service dashboard," opens a Monday post from the company. "Upon making this discovery, we immediately activated our incident response protocols and promptly contained the activity. We also engaged leading third-party cybersecurity experts to assist in a thorough investigation and response." Not long after SoundCloud and its hired help contained the incident, the site became the subject of multiple denial of service attacks.

As Apache explained, the entry point for CVE-2025-54988 was Tika's tika-parser-pdf-module, but the vulnerability and its fix were in another piece of code called tika-core. "Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to >= 3.2.2 would still be vulnerable," the organization advised. The org's new advisory also admits that its original report "failed to mention that in the 1.x Tika releases, the PDFParser was in the org.apache.tika:tika-parsers module." Tika's developers have tidied things up in recent releases, and now users get to revisit this mess too.