Crooks exploit exposed Docker APIs to build AESDDoS botnet
Security Affairs
JUNE 15, 2019
“In this new attack, the threat actor first externally scans a given IP range by sending a TCP SYN packet to port 2375, the default port used for communicating with the Docker daemon.” “The output of this command is saved into a file named ips.txt, which is then fed into the Docker.exe file.
Let's personalize your content