1. Home
  2. >
  3. Solutions
  4. >
  5. Investigations

Investigations

Baskerville – dynamic model updates

Jul 20, 20216 min read
Baskerville – dynamic model updates
We extend our machine learning capability to accept feedback from clients on prediction accuracy and to be able to modify the model without any interruption of service.

Deflect Labs Report #6: Phishing and Web Attacks Targeting Uzbek Human Right Activists and Independent Media

May 9, 201920 min read
Deflect Labs Report #6: Phishing and Web Attacks Targeting Uzbek Human Right Activists and Independent Media
The attacks leading to the publication of this report quickly stood out from the daily onslaught of malicious traffic on Deflect, at first because they were using professional vulnerability scanning tools like Acunetix. The moment we discovered that the origin server of these scans was also hosting fake gmail domains[…]

Deflect Labs Report #5 – Baskerville

Mar 24, 201913 min read
Deflect Labs Report #5 – Baskerville
In this report, we look at the performance of the Deflect Labs’ new anomaly detection tool, Baskerville, in identifying a selection of the attacks seen on the Deflect platform during the last year. Baskerville is designed to consume incoming batches of web logs[…]

Deflect Labs Report #4 – Anatomy of a booter

Jan 9, 201914 min read
Deflect Labs Report #4 – Anatomy of a booter
Key Findings We identified a DDoS attack against the Israeli human rights website www.btselem.org on the 2nd of November Attackers used three different type of relays to overload the website and were automatically mitigated by Deflect We identified the booter infrastructure (professional DDoS service) and accessed and analyzed its tools, which we describe in this article In […]

News From Deflect Labs: Botnet Targeting WordPress Websites

Oct 15, 20189 min read
News From Deflect Labs: Botnet Targeting WordPress Websites
Key Findings We identified traffic from thousands of IPs trying to brute-force WordPress websites protected by Deflect using the same user-agent (Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0) since September 2017 We confirmed that it was not only targeting Deflect protected websites, but targeting also a large number of websites over Internet We analyze in […]

News From Deflect Labs: DDoS attacks against Vietnamese Civil Society

Sep 7, 201828 min read
News From Deflect Labs: DDoS attacks against Vietnamese Civil Society
Key Findings We identified 10 different DDoS attacks targeting two Vietnamese websites protected by Deflect, viettan.org and baotiengdan.com, between the 17th of April and 15th of June 2018. These attacks happened in the context of an important lack of Internet Freedom in Vietnam with regular online attacks against activists and independent media. We sorted these […]