Month: February 2021

DDoSers are abusing the Plex Media Server to make attacks more potent

Plex Media servers using SSDP let DDoSers amplify attacks by a factor of 5.

DDoSers are abusing the Plex Media Server to make attacks more potent

Enlarge (credit: Getty Images)

Distributed denial-of-service attackers have seized on a new vector for amplifying the junk traffic they lob at targets to take them offline: end users or networks using the Plex Media Server.

DDoS amplification is a technique that leverages the resources of an intermediary to increase the firepower of attacks. Rather than sending data directly to the server being targeted, machines participating in an attack first send the data to a third party in the form of a request for a certain service. The third party then responds with a much larger payload to the site the attackers want to take down.

So-called amplification attacks work by sending the third parties requests that are manipulated so they appear to have come from the target. When the third parties respond, the replies go to the target rather than the attacker device that sent the request. One of the most powerful amplifiers used in the past was the memcached database caching system, which can magnify payloads by a factor of 51,000. Other amplifiers include misconfigured DNS servers and the Network Time Protocol, to name only three.

Read 5 remaining paragraphs | Comments

Schlechte Datenschutz-Tipps: “Löschen Sie verdächtige Mails sofort”

Veraltet, wenig durchdacht und teilweise schädlich: Der Bundesbeauftragte für den Datenschutz gibt beunruhigend schlechte Ratschläge zum sicheren Surfen. Ein IMHO von Hanno Böck (Datenschutz, WLAN)

Veraltet, wenig durchdacht und teilweise schädlich: Der Bundesbeauftragte für den Datenschutz gibt beunruhigend schlechte Ratschläge zum sicheren Surfen. Ein IMHO von Hanno Böck (Datenschutz, WLAN)

Rocket Report: SpaceX sets new reuse record, Astra valued at $2.1 billion

“This takes us a step closer to our mission of improving life on Earth from space.”

A streak of light arcs across the night sky and is reflected in a lake.

Enlarge / Eighteenth SpaceX Starlink mission streaks to orbit from the Space Coast of Florida on Thursday, February 4. (credit: Trevor Mahlmann / Ars Technica)

Welcome to Edition 3.32 of the Rocket Report! The Starship prototype SN9 gave us quite a week, what with the FAA drama surrounding its (eventually fiery) launch and hard landing, but let's not forget the couple of small satellite-launch companies seeking public funding. With help from readers, we're doing our best to stay on top of it all.

As always, we welcome reader submissions, and if you don't want to miss an issue, please subscribe using the box below (the form will not appear on AMP-enabled versions of the site). Each report will include information on small-, medium-, and heavy-lift rockets as well as a quick look ahead at the next three launches on the calendar.

Astra to become a publicly traded company. After very nearly reaching orbit during its second launch attempt in December, Astra announced this week it would be joining a "special purpose acquisition company," or SPAC, that valued the company at $2.1 billion. The public listing is expected to take place in late 2021 when Astra combines with Seattle-area investment company Holicity. The stock would trade as ASTR on Nasdaq.

Read 26 remaining paragraphs | Comments