430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

DDoS Attack on Amazon Web Services caused intermittently outage

This week Amazon Web Services (AWS) suffered a major distributed denial-of-service (DDoS) attack that made it unavailable for some customers. This week, threat actors launched a massive DDoS attack against Amazon Web Services (AWS) causing the inability of some customers to access their AWS S3 buckets. Users were intermittently unable to access online services relying […]

Amazon

This week Amazon Web Services (AWS) suffered a major distributed denial-of-service (DDoS) attack that made it unavailable for some customers.

This week, threat actors launched a massive DDoS attack against Amazon Web Services (AWS) causing the inability of some customers to access their AWS S3 buckets.

Users were intermittently unable to access online services relying on the Amazon infrastructure that was under attack.

According to the company status page, hackers were targeting the AWS DNS servers flooding them with junk network traffic.

The attacks lasted for around 8 hours, between 10:30 AM and 6:30 PM PDT, but some of DNS names experienced problems starting 5:16 PM.

The company reported intermittent DNS resolution errors with Route 53 and external DNS providers, it also informed the users of the ongoing DDoS attack.

“We are investigating reports of occasional DNS resolution errors. The AWS DNS servers are currently under a DDoS attack. Our DDoS mitigations are absorbing the vast majority of this traffic, but these mitigations are also flagging some legitimate customer queries at this time. We are actively working on additional mitigations, as well as tracking down the source of the attack to shut it down.” reads the notification sent to the AWS users. “Amazon S3 customers experiencing impact from this event can update the configuration of their clients accessing S3 to specify the specific region that their bucket is in when making requests to mitigate impact.”

Users attempting to access Amazon’s services were redirected to its status page.

The attack also impacted many companies, including Digital Ocean, which has had issues with accessing S3/RDS resources inside Droplets.

“Our Engineering team is continuing to monitor the issue impacting accessibility to S3/RDS/ELB/EC2 resources across all regions,” the company wrote on the incident’s status page at 23:25 UTC on Oct 22.”

At the time of writing all the impacted systems have been restored,

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Amazon, DDoS)

[adrotate banner=”5″]

[adrotate banner=”13″]