1. Home
  2. >
  3. Solutions
  4. >
  5. Investigations

Investigations

Baskerville – dynamic model updates

July 20, 20216 min read
Baskerville – dynamic model updates
We extend our machine learning capability to accept feedback from clients on prediction accuracy and to be able to modify the model without any interruption of service.

Deflect Labs Report #6: Phishing and Web Attacks Targeting Uzbek Human Right Activists and Independent Media

May 9, 201920 min read
Deflect Labs Report #6: Phishing and Web Attacks Targeting Uzbek Human Right Activists and Independent Media
The attacks leading to the publication of this report quickly stood out from the daily onslaught of malicious traffic on Deflect, at first because they were using professional vulnerability scanning tools like Acunetix. The moment we discovered that the origin server of these scans was also hosting fake gmail domains[…]

Deflect Labs Report #5 – Baskerville

March 24, 201913 min read
Deflect Labs Report #5 – Baskerville
In this report, we look at the performance of the Deflect Labs’ new anomaly detection tool, Baskerville, in identifying a selection of the attacks seen on the Deflect platform during the last year. Baskerville is designed to consume incoming batches of web logs[…]

Deflect Labs Report #4 – Anatomy of a booter

January 9, 201914 min read
Deflect Labs Report #4 – Anatomy of a booter
Key Findings We identified a DDoS attack against the Israeli human rights website www.btselem.org on the 2nd of November Attackers used three different type of relays to overload the website and were automatically mitigated by Deflect We identified the booter infrastructure (professional DDoS service) and accessed and analyzed its tools, which we describe in this article In […]

News From Deflect Labs: Botnet Targeting WordPress Websites

October 15, 20189 min read
News From Deflect Labs: Botnet Targeting WordPress Websites
Key Findings We identified traffic from thousands of IPs trying to brute-force WordPress websites protected by Deflect using the same user-agent (Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0) since September 2017 We confirmed that it was not only targeting Deflect protected websites, but targeting also a large number of websites over Internet We analyze in […]

News From Deflect Labs: DDoS attacks against Vietnamese Civil Society

September 7, 201828 min read
News From Deflect Labs: DDoS attacks against Vietnamese Civil Society
Key Findings We identified 10 different DDoS attacks targeting two Vietnamese websites protected by Deflect, viettan.org and baotiengdan.com, between the 17th of April and 15th of June 2018. These attacks happened in the context of an important lack of Internet Freedom in Vietnam with regular online attacks against activists and independent media. We sorted these […]

Deflect Labs report #3 – attack analysis of blacklivesmatter.com

December 14, 201630 min read
Deflect Labs report #3 – attack analysis of blacklivesmatter.com
Seamus Tuohy and eQualitie This report covers attacks between April 29th and October 15th, 2016. Over this seven-month period, we recorded more than a hundred separate denial-of-service incidents against the official Black Lives Matter website. Our analysis shows a variety of technical methods used in attempts to bring down this website and the characterization of […]

Deflect Labs Report #2

June 2, 201619 min read
Botnet attack analysis of Deflect protected website bdsmovement.net This report covers attacks between February 1st and March 31st of six discovered incidents targeting the bdsmovement.net website, including methods of attack, identified botnets and their characteristics. It provides detailed technical information and analysis of trends with the introduction of the Bothound library for attack fingerprinting and […]

Deflect Labs Report #1

March 29, 20168 min read
Botnet attack analysis covering reporting period February 1 – 29 2016 Deflect protected website – kotsubynske.com.ua This report covers attacks against the Kotsubynske independent media news site in Ukraine, in particular during the first two weeks of February 2016. It details the various methods used to bring down the website via distributed denial of service […]

Deflect Labs – fighting impunity with analytics and advocacy

March 29, 20162 min read
For the last four years, the Deflect DDoS mitigation system has protected independent online voices from the onslaught of cyber-attacks aiming to silence them. We have grown, learning our lessons as we took the punches. One aspect of this work stood out as particularly interesting during this time: there were stories to be told in […]