{"id":35758,"date":"2020-06-26T13:00:22","date_gmt":"2020-06-26T13:00:22","guid":{"rendered":"https:\/\/blog.trendmicro.com\/?p=544218"},"modified":"2020-06-26T13:00:22","modified_gmt":"2020-06-26T13:00:22","slug":"this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/","title":{"rendered":"This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"300\" src=\"https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/02\/Week-in-Security-News-Logo_RGB-300x300.jpg\" class=\"attachment-medium size-medium wp-post-image\" alt=\"week in security\" srcset=\"https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/02\/Week-in-Security-News-Logo_RGB-300x300.jpg 300w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/02\/Week-in-Security-News-Logo_RGB-768x768.jpg 768w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/02\/Week-in-Security-News-Logo_RGB-1024x1024.jpg 1024w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/02\/Week-in-Security-News-Logo_RGB-640x640.jpg 640w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/02\/Week-in-Security-News-Logo_RGB-900x900.jpg 900w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/02\/Week-in-Security-News-Logo_RGB-440x440.jpg 440w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/02\/Week-in-Security-News-Logo_RGB-380x380.jpg 380w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\"><\/p>\n<p>Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about two recently detected variants of existing Linux botnet malware types targeting exposed Docker servers. Also, read about a group of vulnerabilities dubbed Ripple20 that have the potential to critically impact millions of IoT devices across many different industries.<\/p>\n<p>Read on:<\/p>\n<p><a href=\"https:\/\/blog.trendmicro.com\/leads-to-cloud-failures\/\"><strong>The Fear of Vendor Lock-in Leads to Cloud Failures<\/strong><\/a><\/p>\n<p><em>Vendor lock-in, the fear that by investing too much with one vendor an organization reduces their options in the future, has been an often-quoted risk since the mid-1990s. Organizations continue to walk a fine line with their technology vendors. Ideally, you select a set of technologies that not only meet your current needs but that align with your future vision as well.<\/em><\/p>\n<p><a href=\"https:\/\/www.helpnetsecurity.com\/2020\/06\/23\/select-mobile-security-solution\/\"><strong>How Do I Select a Mobile Security Solution for My Business?<\/strong><\/a><\/p>\n<p><em>The percentage of companies admitting to suffering a mobile-related compromise has grown, despite a higher percentage of organizations deciding not to sacrifice the security of mobile devices to meet business targets. To make things worse, the C-suite is the most likely group within an organization to ask for relaxed mobile security protocols \u2013 despite also being highly targeted by cyberattacks.<\/em><\/p>\n<p><a href=\"https:\/\/blog.trendmicro.com\/azure-avoiding-misconfigurations\/\"><strong>Knowing Your Shared Security Responsibility in Microsoft Azure and Avoiding Misconfigurations<\/strong><\/a><\/p>\n<p><em>Trend Micro is excited to launch new Trend Micro Cloud One\u2122 \u2013 Conformity capabilities that will strengthen protection for Azure resources. As with any launch, there is a lot of new information, so we held a Q&amp;A with one of the founders of Conformity, Mike Rahmati. In the interview, Mike shares how these new capabilities can help customers prevent or easily remediate misconfigurations on Azure.<\/em><\/p>\n<p><a href=\"https:\/\/www.zdnet.com\/article\/fbi-warns-k12-schools-of-ransomware-attacks-via-rdp\/\"><strong>FBI Warns K-12 Schools of Ransomware Attacks via RDP<\/strong><\/a><\/p>\n<p><em>The US Federal Bureau of Investigation (FBI) this week sent out a security alert to K-12 schools about the increase in ransomware attacks during the coronavirus pandemic, and especially about ransomware gangs that abuse RDP connections to break into school systems.<\/em><\/p>\n<p><a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/xorddos-kaiji-botnet-malware-variants-target-exposed-docker-servers\/\"><strong>XORDDoS, Kaiji Botnet Malware Variants Target Exposed Docker Servers<\/strong><\/a><\/p>\n<p><em>Trend Micro recently detected variants of two existing Linux botnet malware types targeting exposed Docker servers: XORDDoS malware and Kaiji DDoS malware. Having Docker servers as their target is a new development for both XORDDoS and Kaiji; XORDDoS was known for targeting Linux hosts on cloud systems, while recently discovered Kaiji was first reported to affect internet of things (IoT) devices.<\/em><\/p>\n<p><a href=\"https:\/\/www.scmagazine.com\/home\/security-news\/database-security\/frost-sullivan-employee-customer-data-for-sale-on-dark-web\/\"><strong>Frost &amp; Sullivan Employee, Customer Data for Sale on Dark Web<\/strong><\/a><\/p>\n<p><em>A group is hawking records of more than 12,000 Frost &amp; Sullivan employees and customers on a hacker folder. According to Cyble CEO Beenu Arora the breach was a result of a misconfigured backup directory on one of Frost &amp; Sullivan\u2019s public-facing servers. The KelvinSecurity Team said they put the information \u2013 which includes names, email addresses, company contacts, login names and hashed passwords \u2013 for sale in a hacking forum to sound the \u201calarm\u201d after Frost &amp; Sullivan didn\u2019t respond to the group\u2019s attempt to alert it to the exposed database.<\/em><\/p>\n<p><a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/internet-of-things\/millions-of-iot-devices-affected-by-ripple20-vulnerabilities\"><strong>Millions of IoT Devices Affected by Ripple20 Vulnerabilities<\/strong><\/a><\/p>\n<p><em>Israeli cybersecurity firm JSOF has released information on a group of vulnerabilities dubbed Ripple20. These vulnerabilities have the potential to critically impact millions of internet of things (IoT) devices across many different industries \u2014 crucial machines in the medical, oil and gas, transportation, power, and manufacturing industries can be affected by these bugs.<\/em><\/p>\n<p><a href=\"https:\/\/threatpost.com\/nvidia-windows-gamers-graphics-driver-bugs\/156911\/\"><strong>Nvidia Warns Windows Gamers of Serious Graphics Driver Bugs<\/strong><\/a><\/p>\n<p><em>Graphics chipmaker Nvidia has fixed two high-severity flaws in its graphics drivers. Attackers can exploit the vulnerabilities to view sensitive data, gain escalated privileges or launch denial-of-service (DoS) attacks in impacted Windows gaming devices.<\/em><\/p>\n<p><a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/managed-detection-and-response\/cyberattacks-from-the-frontlines-incident-response-playbook-for-beginners\"><strong>Cyberattacks from the Frontlines: Incident Response Playbook for Beginners<\/strong><\/a><\/p>\n<p><em>For enterprises, staying competitive in an ever-changing market involves keeping up with the latest technological trends. However, without the parallel development of security infrastructure and robust response, new technology could be used as a conduit for cyberthreats that result in losses.<\/em> <em>Organizations should aim to prevent these breaches from happening \u2014 but having protocols for reducing a breach lifecycle is an essential and realistic approach for dealing with current threats.<\/em><\/p>\n<p><a href=\"https:\/\/www.scmagazine.com\/home\/security-news\/database-security\/oneclass-unsecured-s3-bucket-exposes-pii-on-more-than-one-million-students-instructors\/\"><strong>OneClass Unsecured S3 Bucket Exposes PII on More than One Million Students, Instructors<\/strong><\/a><\/p>\n<p><em>An unsecured database belonging to remote learning platform OneClass has exposed information associated with more than a million students in North America who use the platform to access study guides and educational assistance. Data exposed includes full names, email addresses (some masked), schools and universities attended, phone numbers, school and university course enrollment details and OneClass account details.<\/em><\/p>\n<p><a href=\"https:\/\/www.trendmicro.com\/us\/iot-security\/news\/5942\/Guidelines_Related_to_Security_in_Smart_Factories_Part_1_Concepts_and_Management_Systems_of_IEC62443\"><strong>Guidelines Related to Security in Smart Factories (Part 1) Concepts and Management Systems of IEC62443<\/strong><\/a><\/p>\n<p><em>During the past decade, various countries and industries have actively developed guidelines and frameworks for OT security.<\/em> <em>Recently, multiple guidelines have been integrated, and two standards as global standards are IEC62443 and the NIST CSF, SP800 series, from the viewpoint of security in smart factories. In this series, Trend Miro explains the overviews of IEC62443 and NIST CSF, in order to understand their concepts required for security in smart factories.<\/em><\/p>\n<p><em>&nbsp;<\/em><a href=\"https:\/\/blog.trendmicro.com\/8-cloud-myths-debunked\/\"><strong>8 Cloud Myths Debunked<\/strong><\/a><\/p>\n<p><em>Many businesses have misperceptions about cloud environments, providers, and how to secure it all. In order to help separate fact from fiction when it comes to your cloud environment, Trend Micro debunks 8 myths to help you confidently take the next steps in the cloud.<\/em><\/p>\n<p>Does your organization have an incident response playbook for potential breaches? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: <a href=\"https:\/\/twitter.com\/jonlclay\">@JonLClay.<\/a><\/p>\n<p> Read More <a href=\"https:\/\/blog.trendmicro.com\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about two recently detected variants of existing Linux botnet malware types targeting exposed Docker servers. Also, read about a group of vulnerabilities dubbed Ripple20 that have&#8230;<br \/>\nThe post This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices appeared first on . Read More HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":35759,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[61],"tags":[399,307,8301],"class_list":["post-35758","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-trendmicro","tag-industry-news","tag-security","tag-this-week-in-security-news"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-06-26T13:00:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"300\" \/>\n\t<meta property=\"og:image:height\" content=\"300\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices\",\"datePublished\":\"2020-06-26T13:00:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/\"},\"wordCount\":951,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices.jpg\",\"keywords\":[\"Industry News\",\"Security\",\"This week in security news\"],\"articleSection\":[\"TrendMicro\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/\",\"name\":\"This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices.jpg\",\"datePublished\":\"2020-06-26T13:00:22+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/#primaryimage\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices.jpg\",\"width\":300,\"height\":300},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Industry News\",\"item\":\"https:\/\/www.threatshub.org\/blog\/tag\/industry-news\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/","og_locale":"en_US","og_type":"article","og_title":"This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-06-26T13:00:22+00:00","og_image":[{"width":300,"height":300,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices","datePublished":"2020-06-26T13:00:22+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/"},"wordCount":951,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices.jpg","keywords":["Industry News","Security","This week in security news"],"articleSection":["TrendMicro"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/","url":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/","name":"This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices.jpg","datePublished":"2020-06-26T13:00:22+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/06\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices.jpg","width":300,"height":300},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-xorddos-and-kaiji-botnet-malware-variants-target-exposed-docker-servers-and-ripple20-vulnerabilities-could-impact-millions-of-iot-devices\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Industry News","item":"https:\/\/www.threatshub.org\/blog\/tag\/industry-news\/"},{"@type":"ListItem","position":3,"name":"This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/35758","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=35758"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/35758\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/35759"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=35758"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=35758"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=35758"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}