Category: General|Feb 7, 2021 | Author: Admin

Warns against popular media program: - Abused in DDoS attacks

Share on

Do you have Plex installed and Universal Plug and Play (UPnP) enabled in your router? The latter is often enabled by default, so you may have been involved in DDoS attacks without being aware of it.

Netscout warns against using Plex in combination with UPnP
What Plex does that is not good is to connect to UDP port 32414, a port that is visible online in the form of the Plex Media SSDP service. Note that this port is permanently connected to the service (port forwarding) and not random, which makes it easier to utilize many installations at the same time.

Hopefully, the security improvements are enough, otherwise, these attacks will increase in scope
The same security company searched online and found 27 0000 Plex Media servers that can be exploited in DDoS attacks. So far, no attacks larger than 2 to 3 Gbps have been detected, but with so many potential victims, it is clear that this can increase a lot in scope, quickly.

An update to Plex to add an extra layer of protection will be released soon.

Sponsored Ads:

Comments:


Discord blocked in Russia and Turkey for spreading illegal content

Category: IT|Oct 9, 2024 | Author: Admin

Google ordered to open up the Play Store in Epic Games antitrust ruling

Category: Google|Oct 8, 2024 | Author: Admin

Recently patched CUPS flaw can be used to amplify DDoS attacks

Category: IT|Oct 7, 2024 | Author: Admin

Google removes Kaspersky's antivirus software from Play Store

Category: Google|Oct 6, 2024 | Author: Admin

UK nuclear site Sellafield fined $440,000 for cybersecurity shortfalls

Category: IT|Oct 5, 2024 | Author: Admin

Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps

Category: IT|Oct 4, 2024 | Author: Admin

Microsoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues

Category: Microsoft|Oct 3, 2024 | Author: Admin

Microsoft Office 2024 now available for Windows and macOS users

Category: Microsoft|Oct 2, 2024 | Author: Admin

HPE Aruba Networking fixes critical flaws impacting Access Points

Category: IT|Oct 1, 2024 | Author: Admin

Verizon outage: iPhones, Android devices stuck in SOS mode

Category: Apple|Sep 30, 2024 | Author: Admin

Urgent warning issued to Android users over malicious threat affecting millions of devices

Category: Google|Sep 29, 2024 | Author: Admin

Windows Recall now can be removed, is more secure

Category: Microsoft|Sep 28, 2024 | Author: Admin

CUPS flaws enable Linux remote code execution, but there’s a catch

Category: IT|Sep 27, 2024 | Author: Admin

Infostealer malware bypasses Chrome’s new cookie-theft defenses

Category: Google|Sep 26, 2024 | Author: Admin

The "Llama" is freed: Winamp goes open source after 27 years

Category: IT|Sep 25, 2024 | Author: Admin
more