[ SB 20.30 ] Global DDoS-Campaign targeting ISPs, correlates with ISC-Bind-vuln (CVE-2020-8620)

A Global DDoS-Campaign against ISPs has been spotted since Aug 27, very often targeting DNS.

Swithak collected these in a Twitter-Thread and counts upo to 14 ISPs/Telcos and Hosting-Provider who had been targetted with mostly DNS-based DDOS-Attacks, starting Aug 27.

We analyzed a random sample of DNS-Infrastructure from some targets and found BIND-DNS-Servers, and we urge any provider to update their DNS-Servers as soon as possible.

isp ddos

The attacks correlates with the latest ISC-Bind - vuln reported by Talos just a week ahead of these attacks, where Talos also talked about an available PoC

Radware talks in a Report from today as well about these attacks, which doesnt seem to be connected to the latest DDoS-Ransomware-attacks.

radware ddos

We can provide our Luup-Clients with analysis regarding their own infrastructure.

Fragen? Kontakt: info@zero.bs