1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. OS Attack: WatchBog Malware RDP Scanning Activity

OS Attack: WatchBog Malware RDP Scanning Activity

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects Watchbog malware scanning activity.

Additional Information

Watchbog is a linux malware that employs various exploits to target vulnerable instances of software including but not limited to Exim, Jira, Nexus Repository Manager 3, ThinkPHP, and Solr. It has also includes a scanner for CVE-2019-0708 (Bluekeep).

Affected

  • Various Platforms.

Response


  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube