The new attack vector doesn’t require the attackers to log into a Plex server, they only have to scan the internet for Plex Media Server instances with UDP port 32414 enabled.
The company said the attackers possibly compromised personal and technical data for some of its customers.
A weekly vulnerability digest.
The flaw is described as a heap-based overflow issue in V8 JavaScript engine in Google Chrome.
The researchers have linked the fake WhatApp version to an Italian surveillance company Cy4Gate.
The new botnet reuses the Mirai framework and hunts for Android devices that have ADB interface enabled and exposed on the internet.
The criminal network used shell companies to steal over €12 million from 50 US financial institutions.
The malware is small, yet complex and is portable to many operating systems including Linux, BSD, Solaris, and possibly AIX and Windows.
The hackers used the vulnerability within SolarWinds software to compromise networks of US government agencies.
ESET informed BigNox of a security breach, but the company denied it was hacked.
Showing elements 3361 - 3370