Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.

CVE-2022-27931: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join.

CVE-2022-26656: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27.x before 27.3 has Improper Input Validation. The client API allows remote attackers to trigger a software abort via a gateway call into Teams.

CVE-2022-26655: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.

CVE-2022-27933: Pexip security bulletins | Pexip Infinity Docs

CVE-2022-26657: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323.

CVE-2022-27936: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed.

CVE-2022-27930: Pexip security bulletins | Pexip Infinity Docs

CVE-2022-27932: Pexip security bulletins | Pexip Infinity Docs

By Waqas
Mantis Botnet launched 3,000 DDoS attacks in one month using only 5,000 small bots after which Cloudflare dubbed…
This is a post from HackRead.com Read the original post: Tiny Mantis Botnet Can Launch More Powerful DDoS Attacks Than Mirai

****Mantis Botnet launched 3,000 DDoS attacks in one month using only 5,000 small bots after which Cloudflare dubbed the botnet as “the most powerful botnet to date.”****

According to Cloudflare content distribution network, a botnet named after a small shrimp is so powerful that it has launched the biggest ever DDoS attacks. Dubbed Mantis, the botnet has thus far targeted around 1,000 Cloudflare customers within the past few weeks.

The company revealed that it thwarted a brief but record-shattering DDoS attack peaking at 26 million rps (requests per second) in June. Ever since that attack, the internet infrastructure company has been tracking Mantis.

If you wonder why Cloudflare named it after the laser-legged Mantis, the company revealed that the botnet is similar to Meris, therefore the name reflects its origin and the capability to hit hard and fast.

**Mantis Doesn’t Use IoTs**

Cloudflare explained in its blog post that the Mantis botnet comprises nearly five thousand compromised machines. It mainly hijacks virtual servers and machines hosted by cloud firms instead of using low-bandwidth IoT devices like routers and DVRs.

It is worth noting that the Meris botnet used IoT devices, including hijacked MikroTik routers to attack popular websites. The botnet was also behind the massive DDoS attack on Yandex, a popular Russian search engine and technology firm.

In the same manner, the Mantis botnet operates through a “small fleet of” bots that can quickly generate massive force and launch large-scale HTTP DDoS attacks, which are actually more “computationally expensive” as the attacker has to establish an encrypted transport layer security connection. Thus, it seems like the beginning of the next phase in Meris botnet evolution.

> “Mantis has branched out to include a variety of VM platforms and supports running various HTTP proxies to launch attacks.”
> 
> Cloudflare

**Targets of Mantis Botnet**

Cloudflare reported that in June, the Mantis botnet launched more than 3,000 HTTP DDoS attacks, and 36% of these attacks were targeted against the telco and internet sectors, game publishers, and news organizations. Additionally, it targeted French organizations’ websites, gambling sites, and e-commerce platforms.

Industry targeted by the Mantis botnet

Furthermore, nearly 20% of Mantis botnet targets were organizations in the US, and 15% were Russian organizations. Around 5% of the targets were identified in:

1.  India
2.  China
3.  Brazil
4.  Latvia
5.  Turkey
6.  France
7.  Poland
8.  Ukraine
9.  Cyprus
10.  Canada
11.  Sweden
12.  Vietnam
13.  Germany
14.  Philippines
15.  Hong Kong
16.  Netherlands
17.  United Kingdom

**Mantis vs Mirai**

Mired in controversy, the Mirai botnet has made headlines time and again. The Mirai botnet was introduced to the world after its first-ever attack harnessed over 100,000 devices to launch a massive DDoS against Dyn, a company that provides DNS services. The DDoS attack on Dyn was the largest DDoS attack on record at that time, clocking in at 1.2 Tbps.

However, the Mantis botnet is different from Mirai in that it relies on vulnerabilities in routers and other connected devices rather than hijacked IoT devices. This makes it more difficult to defend against, as there are many more potential targets.

However, Cloudflare was able to identify and block malicious traffic before it reached its targets. This successful defense against the Mantis botnet shows that companies are beginning to learn from the Mirai attack and are taking steps to protect themselves.

**More DDoS Attacks and Botnet News**

*   Cloudflare Thwarted Largest Ever HTTPS DDoS Attack
*   DDoS Attack and Data Wiper Malware hit Computers in Ukraine
*   Microsoft Azure customer hit by largest ever 3.47 Tbps DDoS attack
*   New malware attack turns Elasticsearch databases into DDoS botnet
*   DDoS attacks on Minecraft event crippled the internet of a European country

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Tiny Mantis Botnet Can Launch More Powerful DDoS Attacks Than Mirai

Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes.

**Dmitri Shuralyov**

unread,

Jun 1, 2022, 11:00:01 PMJun 1

to golan...@googlegroups.com

Hello gophers,

We have just released Go versions 1.18.3 and 1.17.11, minor point releases.

These minor releases include 4 security fixes following the security policy:

*   crypto/rand: rand.Read hangs with extremely large buffers
    
    On Windows, rand.Read will hang indefinitely if passed a buffer larger than 1 << 32 - 1 bytes.
    
    Thanks to Davis Goodin and Quim Muntal, working at Microsoft on the Go toolset, for reporting this issue.
    
    This is CVE-2022-30634 and Go issue https://go.dev/issue/52561.
    

*   crypto/tls: session tickets lack random ticket\_age\_add
    
    Session tickets generated by crypto/tls did not contain a randomly generated ticket\_age\_add. This allows an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.
    
    Thanks to GitHub user @nervuri for reporting this.
    
    This is CVE-2022-30629 and Go issue https://go.dev/issue/52814.
    

*   os/exec: empty Cmd.Path can result in running unintended binary on Windows
    
    If, on Windows, Cmd.Run, cmd.Start, cmd.Output, or cmd.CombinedOutput are executed when Cmd.Path is unset and, in the working directory, there are binaries named either "..com" or "..exe", they will be executed.
    
    Thanks to Chris Darroch (chris...@github.com), brian m. carlson (bk2...@github.com), and Mikhail Shcherbakov (https://twitter.com/yu5k3) for reporting this.
    
    This is CVE-2022-30580 and Go issue https://go.dev/issue/52574.
    

*   path/filepath: Clean(\`.\\c:\`) returns \`c:\` on Windows
    
    On Windows, the filepath.Clean function could convert an invalid path to a valid, absolute path. For example, Clean(\`.\\c:\`) returned \`c:\`.
    
    Thanks to Unrud for reporting this issue.
    
    This is CVE-2022-29804 and Go issue https://go.dev/issue/52476.
    

View the release notes for more information:  
https://go.dev/doc/devel/release#go1.18.minor

You can download binary and source distributions from the Go web site:  
https://go.dev/dl/

To compile from source using a Git clone, update to the release with  
"git checkout go1.18.3" and build as usual.

Thanks to everyone who contributed to the releases.

Cheers,  
Dmitri and Alex for the Go team

Tag

#microsoft