18th June, 2018
1 Min read
Book a Demo
This week, security experts observed a surge in port 8000 scan activity, researchers at Qihoo 360 Netlab determined that the unusual activity was associated with Satori IoT botnet.
Reduce your AWS costs by over 50%
Discover your Cloud Saving Potential – Answer just 5 simple questions. AppsFlyer, Playtika, Lufthansa, IBM, top leading companies are already using our FinOps services.
Experts from Qihoo 360 Netlab discovered that the author of the Satori botnet have integrated a the proof-of-concept (PoC) code for the XionMai web server software package after it was published on June 8.
The code recently included in the Satori botnet exploits a buffer overflow vulnerability, tracked as CVE-2018-10088, in XionMai uc-httpd 1.0.0. The exploit could be used by remote attackers to execute arbitrary code by sending a malformed package via ports 80 or 8000.
Data collected by security experts demonstrate the evolution of the Satori botnet, its author continues to include new exploit to make the botnet resilient to the takedown of law enforcement and security firm.
Read more: Security Affairs
Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.