August 31, 2024 at 02:28PM
An outdated series of IP cameras has been exploited to create a new Mirai botnet. Akamai reported the active campaign leveraging the remote code execution (RCE) vulnerability in AVTECH AVM1203 IP cameras, which have been discontinued since 2019. The botnet also exploits other old vulnerabilities, emphasizing the importance of maintaining updated software and hardware. Additionally, CISA has launched a new incident reporting portal to streamline cyber incident reporting.
From the meeting notes provided:
– A new Mirai botnet has been created by exploiting vulnerabilities in several old and outdated devices, including AVTECH AVM1203 IP cameras, Hadoop YARN, Realtek SDK, and Huawei HG532 routers.
– There are two critical CVEs under active exploitation: CVE-2024-38856 in Apache OFBiz and CVE-2024-7965 in Google Chrome V8.
– The Texas Dow Employees Credit Union reported a data breach involving 500,474 customers due to the compromise of MOVEit in May 2023.
– The US Secret Service is offering a $2.5 million bounty for information leading to the apprehension of Volodymyr Kadariya, an associate of the recently-arrested Maksim Silnikau, for his alleged involvement in a malvertising ring.
– The owners of Backpage, a website involved in illegal activities, have been sentenced to prison.
– CISA has launched a new incident reporting portal to streamline the cyber incident reporting process.
Let me know if I can provide any further assistance.