Kaspersky security researchers had lifted the lid on a multi-platform botnet written in Java targeting machines running Windows, Mac OS, and Linux.Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.
Threat actors control the botnet over IRC to carry out DDoS attacks against victims via HTTP or UDP floods. They can also target a specific IP address and port, and vary the duration and volume of attack threads.
In fact that Oracle patched the vulnerability in June 2013, the fact that this botnet marches on is yet more evidence that enterprises do not or more likely given their current technology, cannot manually scan their network traffic logs for signs of suspicious or unauthorized traffic.
No comments:
Post a Comment