• WebKeeper

FreakOut Botnet Targets Linux Users

A highly-sophisticated botnet known as FreakOut is targeting applications running on Linux operating systems — immediate patching is required.

FreakOut Botnet Exploiting Linux Vulnerabilities

A highly-sophisticated botnet known as FreakOut is targeting applications running on Linux operating systems which require immediate patching. Initial reports indicate this is primarily impacting Linux systems which have not been patched.

During a Weaponized attack, the botnet talks back to a remote system from where the Linux device becomes a slave, and the attacker has full access to the victim to deliver ransomware or perform data theft.

Syxscore Risk Alert

The following vulnerabilities have been identified as important vulnerabilities to remediate in order to reduce the risk of the botnet becoming weaponized; we recommend to deploy at least one or preferably all three if they are detected on any of your systems.

1. CVE-2020-28188 – RCE in TerraMaster management panel (disclosed on December 24, 2020) CVSS Score: Critical 9.8 Attack Vector: Network Vector Complexity: Low Privileges Required: None User Interaction: None Jump Point (Scope): No 2. CVE-2021-3007 – Deserialization bug in the Zend Framework (disclosed on January 3, 2021) CVSS Score: Critical 9.8 Attack Vector: Network Vector Complexity: Low Privileges Required: None User Interaction: None Jump Point (Scope): No 3. CVE-2020-7961 – Deserialization bug in the Liferay Portal (disclosed on March 20, 2020) CVSS Score: Critical 9.8 Attack Vector: Network Vector Complexity: Low Privileges Required: None User Interaction: None Jump Point (Scope): No


Tuearis' Vulnerability Management Program with Patch Management can help keep your organization ahead of these and many other threats. Contact us today and REST SECURED.



4 views0 comments

Recent Posts

See All