Qrator Labs

27/06/2025

🚨 CyberGEN 2025: A Powerful Gathering for Cyber Resilience
📍 June 16–18 | Yerevan, Armenia

Over three packed days, the 4th CyberGEN Conference brought together global cybersecurity leaders, engineers, and policymakers to tackle today’s most urgent digital threats and share bold defense strategies.

We were proud to represent Qrator Labs at the event, invited by the Central Bank of Armenia, with special thanks to Komitas Stepanyan for the invitation and organization.

🎤 Our speaker, Edgar Mikayelyan, delivered the talk:
"Beyond the WEB: Comprehensive protection of infrastructure from DDoS attacks"
A deep dive into defending high-load infrastructure beyond just the web layer — covering network-level, routing, and upstream mitigation strategies.

Highlights from the conference included:
🔹 Cybersecurity strategy & risk management
🔹 Critical infrastructure protection
🔹 Real-time threat intelligence sharing
🔹 Deep technical sessions & hands-on workshops

Big thanks to the organizers and all the brilliant speakers — including Ramsés Gallego, Ryan Gandrud, Michael Grafnetter, Marcin Majchrzak, Kieran G., Rami Kayyali, and many more — for making CyberGEN 2025 a truly global and high-impact event.

26/06/2025

🚨 Ransomware is the #1 threat to Cyprus SMEs.
In his interview, Andrey Leskin, CTO of Qrator Labs, shares bold ideas for making Cyprus a safe place for business and a magnet for tech talent.
🇨🇾 He also outlines practical steps: affordable solutions, better training, and government support.

Read the full interview here:

The Cyprus Mail recently sat down with Andrey Leskin, CTO of Czech firm Qrator Labs, which also has a presence in Limassol, who delved into the cybersecurity risks confronting Europe’s small and medium-sized enterprises (SMEs). In this in-depth interview, Leskin identified ransomware as the leadin...

16/05/2025

In the first months of 2025, the internet saw a wild parade: FinTech was the main event, and a botnet of 1.33 million zombie devices set the pace.

💳 FinTech companies were hit hardest, with over half of all application layer (L7) DDoS attacks targeting them.
🖥 Imagine an army of 1.33 million hacked devices marching across the internet — this is what hit us in Q1 2025.

🔗Check out the full Qrator Labs report for all the details: https://qrator.net/blog/details/q1-2025-ddos-bots-and-bgp-incidents-statistics-and

15/05/2025

𝟱.𝟮 𝗕𝗶𝗹𝗹𝗶𝗼𝗻 𝗕𝗼𝘁 𝗥𝗲𝗾𝘂𝗲𝘀𝘁𝘀 𝗕𝗹𝗼𝗰𝗸𝗲𝗱 𝗶𝗻 𝟯 𝗠𝗼𝗻𝘁𝗵𝘀 – 𝗤𝟭 𝟮𝟬𝟮𝟱 𝗕𝗮𝗱 𝗕𝗼𝘁 𝗧𝗿𝗲𝗻𝗱𝘀
🤖 In Q1 2025, Qrator Labs blocked over 5.2 billion bad bot requests — most of them weren’t trying to break anything, just pretending to be real people and scraping data or testing passwords.

𝗢𝗻𝗲 𝗼𝗱𝗱 𝗰𝗮𝘀𝗲 𝘀𝘁𝗼𝗼𝗱 𝗼𝘂𝘁. 🛫 A major airline was hit by bots not on its main site, but on a server for images and scripts. The bots hoped to blend in by using a CDN. Didn’t work-we caught them.

📊 Online retail, betting, and real estate saw the most bot traffic. Most bots were simple scripts, but API bots are catching up.

If you want to know what bots are up to in 2025, take a look at our full report: https://qrator.net/blog/details/q1-2025-ddos-bots-and-bgp-incidents-statistics-and

24/04/2025

🤝 🇪🇺 𝗤𝗿𝗮𝘁𝗼𝗿 𝗟𝗮𝗯𝘀 𝗶𝘀 𝗴𝗿𝗼𝘄𝗶𝗻𝗴 𝗶𝘁𝘀 𝗽𝗿𝗲𝘀𝗲𝗻𝗰𝗲 𝗶𝗻 𝗦𝗼𝘂𝘁𝗵𝗲𝗿𝗻 𝗘𝘂𝗿𝗼𝗽𝗲
Today, we announce a strategic partnership with geevo®, a leading Managed Security Services Provider in Cyprus. This collaboration is the result of the hard work of our Cyprus office, and especially Kirill Eshchenko.

geevo® is a top MSSP in Cyprus, focused on cybersecurity, data protection, privacy, and risk management. They are recognized by SWIFT as a CSSP and CSP Assessment Provider.

🌐 With this partnership, geevo® will represent Qrator Labs in Cyprus, Greece, and Malta, making sure our services fit the needs of these countries.

Our thanks go to Christodoulos Papadopoulos, Founder & CEO of geevo®, for his support. We’re not just joining forces — we want to work closely together, combining our technology with local knowledge to solve real cybersecurity problems.

24/04/2025

📊 Unveil 𝗤𝟭 𝟮𝟬𝟮𝟱’𝘀 𝗰𝘆𝗯𝗲𝗿 𝘁𝗵𝗿𝗲𝗮𝘁 𝗹𝗮𝗻𝗱𝘀𝗰𝗮𝗽𝗲 𝘄𝗶𝘁𝗵 𝗼𝘂𝗿 𝗹𝗮𝘁𝗲𝘀𝘁 𝗿𝗲𝗽𝗼𝗿𝘁, highlighting key shifts in DDoS and BGP activity https://blog.qrator.net/en/q1-2025-ddos-bots-and-bgp-incidents-statistics-and_211/

As we kicked off 2025, the cyber ecosystem showed dramatic changes:

▸ DDoS Attack Explosion: L3-L4 attacks more than doubled (+110%), mainly targeting IT&Telecom (26.8%), FinTech (22.3%), and E-commerce (21.5%).
▸ Massive Botnet Uncovered: A record-breaking botnet of 1.33 million devices launched a 2.5-hour attack on betting shops, nearly six times larger than last year’s biggest.
▸ FinTech Under Fire: Over half (54%) of L7 attacks hit this sector, with banks absorbing 31.6% of those assaults.
▸ BGP Stability Improves: Global BGP incidents dropped sharply, with only 3 route leaks and no hijacks recorded—thanks to wider RPKI adoption.

Dive into the full report for detailed insights and stay ahead in the evolving cyber battle!

🔍 Check out Qrator Labs' full report here: https://blog.qrator.net/en/q1-2025-ddos-bots-and-bgp-incidents-statistics-and_211/

01/04/2025

🌎 Qrator Labs was happy to support LACNIC's recent study on routing incidents in Latin America and the Caribbean. We shared our expertise and statistical data to help analyze route hijacks, leaks, and bogon announcements from October 2023 to October 2024.

📊 The findings highlight the need for better security measures like RPKI and MANRS across the region. We fully support this initiative, which matches our work to make internet routing more reliable.

We look forward to continuing our work with regional partners to improve routing security.

The original report is available only in Spanish, but you can read the key findings in this article: https://blog.lacnic.net/en/routing-incidents/

By Erika Vega and Guillermo Cicileo The continued growth of the Internet ecosystem in Latin America and the Caribbean (LAC) has increased network interconnection but has also increased the region’s exposure to routing issues that affect the stability and security of online traffic. These incidents...

25/03/2025

🔒 Malaysia faces 74,000 cyberattacks daily. Our new research in The Edge Malaysia shows small and medium regional businesses the basic protection steps.

Here's what businesses should do:
🔹Write a ready-made plan for handling common attacks like DDoS and ransomware
🔹Train all employees regularly on security basics
🔹Match or exceed what competitors spend on cybersecurity
🔹Use several layers of security, especially for computers and devices
🔹Follow rules like PDPA and the new Cybersecurity Bill 2024
🔹Identify types of attacks typical for your industry

With a severe talent shortage in Malaysia (15,248 professionals vs 27,000 needed), businesses must take action themselves.
Read more: https://theedgemalaysia.com/node/748656

In 2023, businesses across Malaysia experienced an average of 74,000 cyberattacks per day, totalling around 26.85 million attacks for the entire year. Additionally, Malaysia ranked as the eighth most breached country in the world. The trend continued upward in 2024, with businesses and ...

21/03/2025

🤔 How Much Will a 5-Minute DDoS Attack Cost You?
A DDoS attack is a very inconvenient experience. 🚧 It causes chaos – users report downtime, the IT team rushes to fix everything, and red alerts on the screen raise your stress levels.

💵 We can't measure stress, but we can count the money. A typical DDoS attack costs enterprise businesses about $6,000 per minute. So, a five-minute attack could result in a direct financial loss of around $30,000. In contrast, if your resources aren't protected, a 5-minute DDoS attack might cost hackers as little as $5 (with protection in place that cost can rise to $400).

What can you do? Ensure your infrastructure can withstand a DDoS storm – use protection services or at least have an incident response plan and tools ready.

Qrator Labs can protect you within 15 minutes. We redirect your traffic to Qrator Labs' IP and mitigate all DDoS attacks with guaranteed uptime and no performance impact. Learn more at https://qrator.net/services/antiddos

11/03/2025

📣 𝗪𝗲𝗯𝗶𝗻𝗮𝗿! On March 27, 2025, Qrator Labs and NimbusDDOS are working together on a webinar called "Beyond Firewalls: Proactive DDoS Defense for a Stronger Cybersecurity Posture." 🌐 This webinar is hosted by KuppingerCole Analysts AG, a global industry analyst firm specializing in identity and access management, governance, fraud, risk, and cybersecurity.

🕒 𝗗𝗮𝘁𝗲 𝗮𝗻𝗱 𝗧𝗶𝗺𝗲: March 27, 2025, at 4:00 PM CET (11:00 AM EDT, 8:00 AM PDT).
👥 𝗣𝗿𝗲𝘀𝗲𝗻𝘁𝗲𝗿𝘀:
Osman Celik, a research analyst at KuppingerCole, will talk about his recent report on protecting websites with integrated DDoS defense.
Andrey Leskin, our CTO, will show how to create a complete and effective DDoS protection plan for your company's infrastructure.
Andy Shoemaker, CEO at NimbusDDOS, will discuss why regular testing and training are important for cybersecurity.
📝 𝗙𝗿𝗲𝗲 𝗥𝗲𝗴𝗶𝘀𝘁𝗿𝗮𝘁𝗶𝗼𝗻: You can sign up through the KuppingerCole website: https://www.kuppingercole.com/events/2025/03/beyond-firewalls

Don't miss this opportunity to learn from the best and ensure your digital assets are secure.

06/03/2025

𝟱 𝗦𝗻𝗲𝗮𝗸𝘆 𝗧𝗿𝗶𝗰𝗸𝘀 𝗕𝗼𝘁𝘀 𝗨𝘀𝗲 𝘁𝗼 𝗢𝘂𝘁𝘀𝗺𝗮𝗿𝘁 𝗬𝗼𝘂𝗿 𝗢𝗻𝗹𝗶𝗻𝗲 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆
👀 Bots make up half or more of internet traffic. These sneaky digital agents are always looking for ways to slip past our online defenses.
Here's how they do it:

1️⃣ 𝗦𝗢𝗖𝗞𝗦𝟱 𝗽𝗿𝗼𝘁𝗼𝗰𝗼𝗹: Bots use SOCKS5 to hide who they are online. This is an internet protocol that routes network traffic between a client (like a bot) and a server through a proxy server. IP addresses used by proxies often look like regular home internet or cell phone connections. This makes it hard to block them entirely without also blocking normal users.
The digital equivalent of sending mail ✉️ through a middleman who erases your return address.

2️⃣ 𝗗𝗮𝘁𝗮 𝗲𝘅𝗽𝗼𝘀𝘂𝗿𝗲: Bots look for data you left out by mistake to access systems. They search cleverly, look through code, and check website details.
It's like finding a key 🗝️ you dropped outside your house - it lets them in easily.

3️⃣ 𝗔𝗜-𝗽𝗼𝘄𝗲𝗿𝗲𝗱 𝗯𝗼𝘁𝘀: Bots can mimic humans, making automated interactions seem genuine. They're so good at it that it's hard to tell them apart from real users.
Imagine a chameleon 🦎 that mimics its environment perfectly.

4️⃣ 𝗔𝗱𝘃𝗮𝗻𝗰𝗲𝗱 𝗦𝗦𝗛 𝘁𝗲𝗰𝗵𝗻𝗶𝗾𝘂𝗲𝘀: Bots use SSH to create encrypted pathways. This helps them get past firewalls and reach protected parts of systems. They can even combine this with other tools like Tor for extra anonymity.
It's like they're building a network of hidden passages 🚇 into your system.

5️⃣ 𝗦𝗮𝗻𝗱𝗯𝗼𝘅𝗶𝗻𝗴: It involves running code in a controlled, isolated environment that mimics a natural system but doesn't affect the actual system.
It's like a practice area where they can try out their tricks safely. They use what they learn there to get past real security later. It's a smart way to beat even tough security systems.

🐱🐭 It's a constant game of digital cat and mouse. As we build higher walls, they craft longer ladders.
What's your strategy for staying one step ahead? Share your thoughts!

05/03/2025

𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗷𝗼𝗯 𝗺𝗮𝗿𝗸𝗲𝘁: 𝗲𝘅𝗽𝗲𝗰𝘁𝗮𝘁𝗶𝗼𝗻 🆚 𝗿𝗲𝗮𝗹𝗶𝘁𝘆. The global cybersecurity workforce needs to grow by 3.4 million professionals to meet demand. Yet ghost jobs, budget cuts, and misaligned expectations explain why this career ladder 🪜 is missing a few rungs. Dark Reading's fresh take on hiring practices might make you laugh 😂... or cry 😭: https://www.darkreading.com/cybersecurity-operations/cybersecurity-jobs-hard-find-amid-worker-shortage

The cybersecurity job market nowadays is facing an unusual paradox: Many roles seem open, but competition and hiring practices can make securing a position a real challenge.