Used of Plex Media Servers – Be advised – Attackers are using Plex to make attacks more potent

LINK Misconfigurations of the Plex Media server is enabling attackers to use Plex to amplify DDoS attacks. In some cases—such as when the server uses the Simple Service Discovery Protocol to locate universal plug-and-play gateways on end users’ broadband modems—the Plex service registration responder gets exposed to the general Internet. Responses range from 52 bytes […]

Vietnam Govt subject to a Supply Chain Attack

Looks like an app that was put together by the Vietnam Government Certification Authority (VGCA) that is required to be used that can be used to electronically sign official documents. ESET says that between July 23 and August 5, this year, the two files contained a backdoor trojan named PhantomNet, also known as Smanager. LINK

Active DDoS on Citrix Netscalers using DTLS on UDP:443

At this time it looks like someone is targetting Citrix Netscalers with a DDoS using DTLS. Datagram Transport Layer Security (DTLS) is a communications protocol for securing delay-sensitive apps and services that use datagram transport. Only a small number of customers are being targetted. The following sites are confirmed in the attack: 45.200.42.0/24220.167.109.0/2445.248.9.195206.71.159.13146.229.195.108117.27.239.15413.69.68.47 Citrix confirmed […]