This new type of DDoS attack takes advantage of an old vulnerability

A newly-uncovered form of DDoS attack takes advantage of a well-known, yet still exploitable, security vulnerability in the Universal Plug and Play (UPnP) networking protocol to allow attackers to bypass common methods for detecting their actions. Attacks are launched from irregular source ports, making it difficult to determine their origin and blacklist the ports in order to protect against future incidents.

The new form of distributed denial-of-service attack has been uncovered and detailed by researchers at security company Imperva, who say it has been used by unknown attackers twice. The UPnP protocol is commonly used for device discovery, especially so by Internet of Things devices, which use it to find each other and communicate over a local network.

Read more about the new DDoS attack technique that has “the potential to put any company with an online presence at risk of attack” on ZDNet.





Gain Deeper Insights Into The Threat

Sign up to gain access to our special reports on threat actors and their tactics as well as daily Threat Brief.

Your support will enable us to continue our production of action-oriented content and help us help you stay informed on the latest in adversary activities.

Try our free two week trial.

Sign Up For Free Trial of The Daily Threat Brief