New eLearnSecurity Course – WAPT – Web Application Penetration Testing

eLearnSecurity is coming out with a new course, it’s intended to be a comprehensive training on web application penetration testing with large coverage of the newest attack vectors introduced by HTML5 and other W3C protocols. Over 40 new labs in the Coliseum cloud based virtual lab are included in the course. Course Description The Web...

Read the full post at

Potent DDoS attacks on Mt. Gox delay rollout of new virtual currency

Mt. Gox, the world's largest Bitcoin exchange, is delaying plans to support a new form of virtual currency known as Litecoin following a series of debilitating Internet attacks that are growing increasingly powerful.

The most recent distributed denial-of-service (DDoS) attack to hit Mt. Gox came on Sunday, and it knocked the Tokyo-based exchange offline for four hours, officials said in a statement issued Wednesday. Unlike more traditional DDoS attacks, which flood websites' routers and servers with more junk data than they can handle, the latest assault targeted Web applications the Mt. Gox site uses to process and secure customer transactions. That's known as Layer 7, or the application layer, of the networking stack.

"What we are experiencing lately are 'Layer 7' DDoS attacks," the statement read. "Unlike your average DDoS (which overloads the servers with traffic to the sites as a whole) these are much more creative and harder to detect in that they target specific elements of the site and make it difficult to distinguish malicious traffic from normal traffic. The attackers' goal is to shut down the exchange, either thorough the DDoS itself, or by forcing Mt. Gox to take measures that have the same effect."

Read 6 remaining paragraphs | Comments