all InfoSec news
Prophetic Post by Intern on CVE-2023-1389 Foreshadows Mirai Botnet Expansion Today, (Thu, Nov 30th)
Malware Analysis, News and Indicators - Latest topics malware.news
Last week, Jonah Latimer posted here about traffic he saw to his own EC2 web honeypot exploiting %%cve:2023-1389%%. I found this looking at new URL strings to our honepot network, and so for on 29 Nov 23, there have been about 300 detections for this vulnerability pulling a shell script from %%ip:45.95.146.26%% a quick little shell script that does little more than figure out the architecture of the victim device and then attempt to download a architecture-specific variant of Mirai. …
botnet cve cve-2023-1389 detections ec2 expansion exploiting found honeypot intern mirai mirai botnet network nov own strings today traffic url vulnerability web week