Skip to main content

Linux DDoS Bot Found in Amazon Cloud

posted onJuly 29, 2014
by l33tdawg

Threat actors are actively exploiting a vulnerability in an older version of Elasticsearch software in order to add distributed denial-of-service (DDoS) malware in Amazon Elastic Compute Cloud (EC2) services.

Elasticsearch is an open source search server that can be used to look for various types of documents; its advantages include scalability, almost real-time search and support for multi-latency.

The security flaw, CVE-2014-3120, exists in the scripting capability of the software, which can be exploited to execute arbitrary code remotely on the server it is installed on. One solution for administrators that cannot perform an update would be to turn off this functionality, if possible.

Source

Tags

Linux Amazon DDoS cloud

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th