Hello, welcome to the Wednesday, August 3, 2020 edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

Yesterday, I talked about the denial of service attack.

We blocked over the weekend after allowing some of the related traffic again.

The attack came back with a small modification.

The user agents are now randomized, so maybe someone read what I wrote about it yesterday.

This time, the ad hack didn't cause any effects on the site, and a new block is locking it out for now.

But it continues at about the level we have seen before.

I looked a little bit closer at some of the networks participating in these attacks,

and while the data isn't fully conclusive, there's a lot of noise here, so not really sure if I should call this a significant signal.

The common low-level vulnerabilities that are being scanned for by bots are also being scanned by the networks that are hitting us here's

profit in all of service attacks. And it has been sort of increasing a tiny little bit,

I think, over the last couple days. Now, given that all of this comes from China,

it may be related to hacktivists, for example,

trying to find some sites to the face or maybe denial of service attacks

in relation to the US Speaker of the House, Nancy Pelosi, visiting Taiwan.

There have been other reports of sort of similar level of denial of service attacks as

we have seen them. Nothing that you would commonly consider sort of a nation state attack,

but more something that hacktivists are capable of. Let me know if you see anything similar,

any sort of changes in some of that

background scanning, particularly when it comes to some of these Chinese mobile and

home user IP address ranges. And a Soho password manager pro-vornability that was

...