U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS?

Researchers at Qurium Media Foundation analyzed the blocking implemented by four different operators in Belarus. September 23, 2020 Qurium analyzes the blocking implemented by four different operators in Belarus Belarus operators use their own infrastructure to implement the blocking Block techniques include transparent web proxies, injection of HTTP responses, stateless and stateful SSL DPI and […]

Belarus

Researchers at Qurium Media Foundation analyzed the blocking implemented by four different operators in Belarus.

September 23, 2020

  • Qurium analyzes the blocking implemented by four different operators in Belarus
  • Belarus operators use their own infrastructure to implement the blocking
  • Block techniques include transparent web proxies, injection of HTTP responses, stateless and stateful SSL DPI and fake DNS responses

In August 2020, mass anti-government protests erupted in Belarus against the re-election of the president Alexander Lukashenko and the arrest of opposition political candidates. The Internet was shutdown several days and more than 80 websites, most of them news and political sites, were blocked. They still remain blocked.

Qurium Media Foundation, in collaboration with the Belarusian human rights organization Human Constanta, has been looking into some of the implementation details of the Internet blocking in Belarus, focusing on a few selected providers (Business Network, Beltelecom, A1 and MTS), to look deeper into the nature of the hardware used for the blocking and understand how it is working.

According to Qurium’s report, providers use their own infrastructure to implement the blocking and blocking is therefor not implemented on a central level. Some of the blocking techniques used include Domain Name System spoofing, transparent proxies with hijacked HTTPS certificates and Deep Packet Technology (DPI) implementations.

Qurium forensics report:  Internet blocking in Belarus

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Internet)

[adrotate banner=”5″]

[adrotate banner=”13″]