DoS attacks Archives

AppWizard

November 28, 2025

Vitalik Buterin Donates $765K in Ethereum to Privacy Messaging Apps

Vitalik Buterin donated approximately 5,000 ETH to the privacy messaging applications Session and SimpleX. He emphasized the importance of encrypted messaging for digital privacy and mentioned two key areas for improvement: permissionless account creation and metadata privacy. Session aims to minimize metadata leakage and saw its token, SESH, rise by 371% in a day. SimpleX focuses on user identity ownership and plans to introduce community support vouchers. Buterin acknowledged both applications have room for improvement in user experience and security. The increasing interest in privacy applications is driven by concerns over global surveillance, with recent government regulations highlighting the need for privacy solutions. The Ethereum Foundation has formed a new privacy team to enhance its initiatives. Privacy-focused cryptocurrencies like Zcash have also seen significant growth, with Zcash rising by 793% over the past year.

Winsage

August 11, 2025

Win-DDoS: Attackers can turn public domain controllers into DDoS agents

SafeBreach researchers have identified critical vulnerabilities in Windows Active Directory domain controllers (DCs), particularly CVE-2025-32724, which can be exploited for distributed denial-of-service (DDoS) attacks using a method called Win-DDoS. This vulnerability allows attackers to manipulate public DCs into connecting to a controlled Lightweight Directory Access Protocol (LDAP) server, directing them to flood a target server with requests. The researchers also highlighted additional vulnerabilities: - CVE-2025-26673 and CVE-2025-49716 enable uncontrolled resource consumption in Windows LDAP and Windows Netlogon, respectively. - CVE-2025-49722 affects Windows Print Spooler Components, potentially crashing DCs and other Windows machines. The first three vulnerabilities can be triggered remotely by unauthenticated attackers, while the last one requires minimal privileges. Microsoft has released security updates for all four vulnerabilities in 2025, and organizations are advised to implement these patches and strengthen their defenses against potential DDoS attacks.

Winsage

August 11, 2025

Win-DoS Epidemic: New DoS and DDoS Attacks Start with Microsoft Windows

During DEF CON 33, Yair and Shahak Morag from SafeBreach Labs introduced a new category of denial-of-service (DoS) attacks called the “Win-DoS Epidemic.” They identified four significant Windows DoS vulnerabilities, all categorized as “uncontrolled resource consumption,” including: - CVE-2025-26673 (CVSS 7.5): High-severity DoS vulnerability in Windows LDAP. - CVE-2025-32724 (CVSS 7.5): High-severity DoS vulnerability in Windows LSASS. - CVE-2025-49716 (CVSS 7.5): High-severity DoS vulnerability in Windows Netlogon. - CVE-2025-49722 (CVSS 5.7): Medium-severity DoS vulnerability in the Windows print spooler, requiring an authenticated attacker on an adjacent network. These vulnerabilities can incapacitate Windows endpoints and servers, including domain controllers (DCs), which are essential for managing authentication and resources in enterprise networks. The researchers also revealed a new DDoS attack method, termed Win-DDoS, which exploits a flaw in the Windows LDAP client referral process, allowing attackers to redirect DCs to a victim server and continuously repeat this redirection, creating a large-scale DDoS botnet using public DCs without leaving forensic traces.

Winsage

August 11, 2025

New ‘Win-DoS’ Zero-Click Vulnerabilities Turns Windows Servers/Endpoints, Domain Controllers Into DDoS Botnet

Researchers Yair and Shahak Morag from SafeBreach Labs introduced a new category of denial-of-service (DoS) attacks called the “Win-DoS Epidemic” at DEF CON 33. They identified four new vulnerabilities in Windows DoS and one zero-click distributed denial-of-service (DDoS) flaw, classified as “uncontrolled resource consumption.” The vulnerabilities include: - CVE-2025-26673 (CVSS 7.5): High-severity DoS vulnerability in Windows LDAP. - CVE-2025-32724 (CVSS 7.5): High-severity DoS vulnerability in Windows LSASS. - CVE-2025-49716 (CVSS 7.5): High-severity DoS vulnerability in Windows Netlogon. - CVE-2025-49722 (CVSS 5.7): Medium-severity DoS vulnerability in Windows Print Spooler, requiring an authenticated attacker on an adjacent network. These vulnerabilities can incapacitate Windows endpoints or servers, including Domain Controllers (DCs), potentially allowing for the creation of a DDoS botnet. The researchers also discovered a DDoS technique called Win-DDoS that exploits a flaw in the Windows LDAP client’s referral process, enabling attackers to redirect DCs to a victim server for continuous redirection. This method can leverage public DCs globally, creating a large, untraceable DDoS botnet without specialized infrastructure. Additionally, the researchers examined the Remote Procedure Call (RPC) protocol and found three new zero-click, unauthenticated DoS vulnerabilities that can crash any Windows system. They also identified another DoS flaw exploitable by any authenticated user on the network. The researchers released tools named “Win-DoS Epidemic” to exploit these vulnerabilities, highlighting the need for organizations to reassess their security measures regarding internal systems and services like DCs.