This Week in Security: The X DDoS, The ESP32 Basementdoor, and the camelCase RCE

A X Distributed Denial of Service (DDoS) attack has been in progress this week, with threat group ‘Dark Storm’ claiming responsibility for the attack.
While it is still unclear who was behind the attacks, the IP addresses on the packets are often untrustworthy, making it difficult to attribute DDoS attacks.
There are two main tactics for large-scale DDoS attacks: botnets and reflection or amplification attacks.
Botnets involve remotely controlling computers, routers, servers, and cameras to create massive botnets, while reflection or amplification attacks involve manipulating public servers to send unsolicited traffic to victim IPs.
A recent development reveals that a ‘backdoor’ was not found in the ESP32 Bluetooth chip, as initially reported.
Instead, a set of undocumented vendor-specific commands were exposed over the Host Controller Interface (HCI) interface, which can be considered a backdoor in some ESP32 use cases.
This week’s Patch Tuesday from Microsoft includes six 0-day exploits, several of which are filesystem problems and at least one is an NTFS vulnerability that can be triggered by plugging in a USB drive.

Fast Feed