We are releasing a new daily IP feed of compromised IoT devices discovered in our non-HTTP scans, attacks against sensors we map to devices. Includes compromised SSH instances obtained via external sources. See: shadowserver.org/what-we-do/n...dashboard.shadowserver.org/statistics/c...
Data in Vulnerable HTTP report: shadowserver.org/what-we-do/n...support.broadcom.com/web/ecx/supp...
We added VMware vCenter Server CVE-2024-38812 (heap-overflow vulnerability in implementation of the DCERPC protocol, CVSS 9.8 RCE) to our scans. 1159 unpatched instances found 2024-09-19, of those 446 have DCERPC service exposed, so likely exploitable dashboard.shadowserver.org/statistics/c...
End of last week we sinkholed a number of domains associated with the Android Vo1d malware that infects Android-based TV boxes. Over 580K infected devices on 2024-09-15. Top infected is Brazil with over 203K, but wide range of countries impacted. Stats: dashboard.shadowserver.org/statistics/c...
If you believe in our mission and see our work as impactful please consider supporting us through the Alliance or other forms of sponsorships! www.shadowserver.org/partner/
If you are interested in how Shadowserver works as a non-profit with a mission of making the Internet more secure for all and on our search for sustainability, check out our presentation at the AUSCERT 2024 conference this year. www.youtube.com/watch?app=de...
YouTube video by AUSCERT
If you believe in our mission and see our work as impactful please consider supporting us through the Alliance or other forms of sponsorships! www.shadowserver.org/partner/
First daily reports will be received tomorrow. If you have code/systems still using the expired whois.dotmobiregistry.netwhois.nic.mobi
Great research from WatchTowr on dangers of expired domain names (.mobi), happy to support by sinkholing: labs.watchtowr.com/we-spent-20-... Events reported from 2024-09-11 in our free daily event4_sinkhole network reports type:sinkhole infection:non-authoritative-whois and tag:mobi
Welcome back to another watchTowr Labs blog. Brace yourselves, this is one of our most astounding discoveries. Summary What started out as a bit of fun between colleagues while avoiding the Vegas h...