Threatwire Summary

The video discusses a record-setting DDoS attack mitigated by Cloudflare, reaching peaks of 3.8 terabits per second and affecting various sectors without interrupting service. Additionally, new vulnerabilities in the Common Unix Printing System (CUPS) have been found that could be exploited for DDoS attacks, emphasizing the need for timely software updates.

Key Points

Cloudflare reported mitigating the largest publicly disclosed DDoS attack, peaking at 3.8 terabits per second.
The attack targeted customers in financial services, telecommunications, and other sectors, primarily coming from countries such as Vietnam, Russia, Brazil, Spain, and the US.
Attacks utilized UDP on a fixed port, aiming to overload network layer processing.
Many attack sources were identified as compromised home routers and Mirotic devices.
A discovered CVE (CVE-2024-3080) allowed authentication bypass on routers, rated with a CVSS score of 9.8.
Research on CUPS vulnerabilities could lead to DDoS attacks using a single packet, endangering around 198,000 devices, with over 58,000 particularly at risk.
The CUPS exploit takes advantage of the Internet Printing Protocol to initiate high-amplification attacks.
Many vulnerable CUPS servers are running outdated software, making them attractive targets for attacks.
Telegram has begun complying with law enforcement requests, providing user data in response to 14 requests from U.S. law enforcement.
The episode encourages viewers to support the show via Patreon and explores new content ideas for the host’s personal YouTube channel.

Youtube Video: https://www.youtube.com/watch?v=djkTVLlR-l4
Youtube Channel: Hak5
Video Published: 2024-10-09T16:06:15+00:00

Video Description:

Keypoints

Keypoints Summary

OPEN FOR LINKS TO ARTICLES TO LEARN MORE

Connect with Ali

Twitch: endingwithali
Twitter: @endingwithali
YouTube: @endingwithali
Everywhere else: links.ali.dev

Want to work with Ali? Email: endingwithalicollabs@gmail.com

Support the Channel

Join the Patreon: Patreon

Video Overview

0:00 – Intro
0:07 – Record Breaking DDoS Attack
1:46 – CUPS DDoS
3:56 – Telegram Gave Data
4:34 – Outro

Links to Articles

Story 1: Record Breaking DDoS Attack
- Cloudflare DDoS Mitigation
- ASUS Router Vulnerability
Story 2: CUPS DDoS
- October CUPS DDoS Threat
- CUPS Flaw Amplifies DDoS Attacks
Story 3: Telegram Gave Data
- Telegram User Data for Cops

Additional Information

Our Site: Hak5
Shop: Hak5 Shop
Community: Hak5 Community
Subscribe: YouTube Subscription
Support: Patreon Support
Contact Us: @Hak5 Twitter

About Hak5

Founded in 2005, Hak5’s mission is to advance the InfoSec industry through award-winning educational podcasts, leading pentest gear, and an inclusive community where all hackers belong.

Tags: FINANCIAL, CVE, RUSSIA, EXPLOIT, LEARN, UNIX, EMAIL, GOVERNMENT

Telegram Complied with Government Requests – ThreatWire