"Mirai variant Murdoc_Botnet exploits AVTECH IP cameras and Huawei routers."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 21 January 2025, 1426 UTC.

Content and Source compiled by https://feedly.com.

 https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security News Bundle

23

Most popular

Mirai Variant Murdoc_Botnet Exploits AVTECH IP Cameras and Huawei Routers

5 TTPs

•

The Hacker News / 12min

Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc_Botnet. The ongoing activity "demonstrates enhanced capabilities, exploiting vulnerabilities to compromise devices and establish expansive botnet networks," Qualys security researcher Shilpesh

How to troubleshoot Linux app startup issues with the journalctl command

ZDNet | Security / 3h

On the rare occasion that you find a Linux app or service isn't starting properly, there's a handy command ready to help you suss out the problem.

Students, Educators Impacted by PowerSchool Data Breach

PowerSchool suffers major data breach

•

SecurityWeek / 1h

PowerSchool says the personal information of students and educators was stolen in a December 2024 data breach. The post appeared first on SecurityWeek .

Today

Ransomware Groups Abuse Microsoft Services for Initial Access

11 TTPs

•

SecurityWeek / 35min

•

Russian hackers use Teams for ransomware

Sophos warns of two ransomware groups abusing Microsoft 365 services and default configurations to contact internal enterprise users. The post appeared first on SecurityWeek .

Cyber Insights 2025: Attack Surface Management

SecurityWeek / 35min

SecurityWeek's Cyber Insights 2025 examines expert opinions to gain their opinions on what to expect in Attack Surface Management in 2025. The post appeared first on SecurityWeek .

HPE probes IntelBroker's bold data theft boasts

HPE data breach for sale

•

The Register – Security / 56min

Incident response protocols engaged following claims of source code burglary Hewlett Packard Enterprise (HPE) is probing assertions made by prolific Big Tech intruder IntelBroker that they broke into the US corporation's systems and accessed source code, among other things.…

Linux Kernel 6.13 isn't a major release but's it still important - here's why

Linux Kernel 6.13 released with improvements

•

ZDNet | Security / 1h

Linus Torvalds also announced he would award five random Linux kernel developers with his handmade guitar effect pedals. What, you may ask?

13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks

IoC > 1 IP

•

64The Hacker News / 1h

•

14 TTPs

A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices. The activity "take[s] advantage of misconfigured DNS records to pass email protection techniques," Infoblox security researcher David Brunsdon said in a technical report published last week. "This

Medusa ransomware: what you need to know

4 TTPs

•

Graham Cluley / 1h

Medusa is a ransomware-as-a-service (RaaS) platform that has targeted organisations around the world. Read more about it in my article on the Tripwire State of Security blog.

CERT-UA warned of scammers impersonating the agency using fake AnyDesk requests

2 TTPs

•

Security Affairs / 1h

•

CERT-UA warns of AnyDesk scams

CERT-UA warned of scammers impersonating the agency, using fake AnyDesk requests to conduct fraudulent security audits. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of cyber scams involving threat actors impersonating the agency by sending fraudulent AnyDesk connection requests under the guise of security audits. CERT-UA pointed out that it uses the software AnyDesk in some ca

Ex-CIA Analyst Pleads Guilty to Sharing Top-Secret Data with Unauthorized Parties

CIA analyst pleads guilty to leaks

•

30The Hacker News / 2h

A former analyst working for the U.S. Central Intelligence Agency (CIA) pleaded guilty to transmitting top secret National Defense Information (NDI) to individuals who did not have the necessary authorization to receive it and attempted to cover up the activity. Asif William Rahman, 34, of Vienna, was an employee of the CIA since 2016 and had a Top Secret security clearance with access to

HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects

The Hacker News / 3h

Imagine receiving a penetration test report that leaves you with more questions than answers. Questions like, "Were all functionalities of the web app tested?" or " Were there any security issues that could have been identified during testing?" often go unresolved, raising concerns about the thoroughness of the security testing. This frustration is common among many security teams. Pentest

Yesterday

Why some companies are backing away from the public cloud

ZDNet | Security / 4h

Many business leaders are taking a clear-eyed view of the cloud's benefits and drawbacks. Technical debt may be at the root of many repatriation decisions.

Experts found multiple flaws in Mercedes-Benz infotainment system

7 TTPs

•

Security Affairs / 4h

Kaspersky researchers shared details about multiple vulnerabilities impacting the Mercedes-Benz MBUX infotainment system. Kaspersky published research findings on the first-generation Mercedes-Benz User Experience (MBUX) infotainment system, specifically focusing on the Mercedes-Benz Head Unit. The researchers started from the results of another study conducted by KeenLab on the MBUX internals. T

UK government proposes ransomware payment ban for public sector

Graham Cluley / 5h

The UK government has proposed extending its ban on ransomware payments to cover the entire public sector in an attempt to deter cybercriminal attacks and protect taxpayers. But is a ban a good idea? Read more in my article on the Exponential-e blog.

Breaking free from reactive security

The Register – Security / 5h

Why not adopt a new approach for 2025? Webinar In today's digital landscape, cybersecurity teams can often find themselves trapped in an endless cycle of responding to threats.…

Investigating A Web Shell Intrusion With Trend Micro Managed XDR

IoC > 4 URLs, 6 hashes, and 3 IPs

•

Trend Micro Research, News and Perspecti... / 5h

•

24 TTPs

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data.

World Tour Survey: Cloud Engineers Wrestle with Risk

Trend Micro Research, News and Perspecti... / 7h

Trend surveyed 750 cybersecurity professionals in 49 countries to learn more about the state of cybersecurity, from job pressures to the need for more advanced tools. Explore what cloud security engineers teams had to say.

Trend Micro™ Managed XDR Analysis of Infection From Fake Installers and Cracks

IoC > 13 URLs, 21 hashes, and 1 domain

•

Trend Micro Research, News and Perspecti... / 7h

•

21 TTPs

Our research shows how attackers use platforms like YouTube to spread fake installers via trusted hosting services, employing encryption to evade detection and steal sensitive browser data.

Trend Micro Managed XDR Analysis of Infection From Fake Installers and Cracks

IoC > 13 URLs, 21 hashes, and 1 domain

•

Trend Micro Research, News and Perspecti... / 7h

•

21 TTPs

Our research shows how attackers use platforms like YouTube to spread fake installers via trusted hosting services, employing encryption to evade detection and steal sensitive browser data.

PNGPlug Loader Delivers ValleyRAT Malware Through Fake Software Installers

12 TTPs

•

62The Hacker News / 7h

•

APT Silver Fox targets Chinese organizations

Cybersecurity researchers are calling attention to a series of cyber attacks that have targeted Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China with a known malware called ValleyRAT. The attacks leverage a multi-stage loader dubbed PNGPlug to deliver the ValleyRAT payload, Intezer said in a technical report published last week. The infection chain commences with a phishing

CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits

10 TTPs

•

43The Hacker News / 8h

•

CERT-UA warns of AnyDesk scams

The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of ongoing attempts by unknown threat actors to impersonate the cybersecurity agency by sending AnyDesk connection requests. The AnyDesk requests claim to be for conducting an audit to assess the "level of security," CERT-UA added, cautioning organizations to be on the lookout for such social engineering attempts that seek to

Banks must keep ahead of risks and reap AI rewards

The Register – Security / 11h

AI has transformed banking across APAC. But is this transformation secure? Partner Content The banking industry in Asia Pacific (APAC) is thriving, with strong financial performance underpinning its technological ambitions.…

End of feed