This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges

December 5, 2024 at 11:15AM A new Android remote access trojan (RAT) called DroidBot targets 77 banking institutions and organizations. Disguised as security apps, it utilizes keylogging and UI monitoring. Active since June 2024, it operates on a Malware-as-a-Service model, with affiliates customizing the malware for attacks predominantly across Europe. ### Meeting Takeaways – December … Read more

‘Earth Minotaur’ Exploits WeChat Bugs, Sends Spyware to Uyghurs

December 5, 2024 at 11:12AM Researchers at Trend Micro have identified a cyber-threat operation, Earth Minotaur, targeting the Tibetan and Uyghur communities using the Moonshine exploit kit. This operation delivers the DarkNimbus spyware to Android and Windows devices, stealing personal data and monitoring activities. Users are advised to exercise caution and update applications regularly. **Meeting … Read more

Latrodectus malware and how to defend against it with Wazuh

December 5, 2024 at 10:41AM Latrodectus is a sophisticated malware family targeting corporate networks and financial institutions, leveraging advanced tactics like phishing and dynamic API resolution for data theft while evading detection. It utilizes a modular design for adaptability and persistence. Effective defenses include employee training, endpoint security, network segmentation, and regular updates. ### Meeting … Read more

Mitel MiCollab zero-day flaw gets proof-of-concept exploit

December 5, 2024 at 10:41AM A zero-day vulnerability in Mitel MiCollab allows unauthorized file access on servers. Discovered by watchTowr, it remains unpatched after 90 days. Users are urged to implement security measures and monitor for suspicious activity until a fix is available, as Mitel plans to address the issue in December 2024. **Meeting Takeaways:** … Read more

Vulnerability Management Challenges in IoT & OT Environments

December 5, 2024 at 10:28AM The rise of IoT and OT devices in critical sectors introduces unique security challenges due to their diversity, limited patching options, operational disruptions, inadequate security protocols, and limited visibility. Tailored strategies, such as risk-based approaches, strict access controls, and specialized monitoring tools, are essential for effective vulnerability management in these … Read more

Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access

December 5, 2024 at 10:27AM Cybersecurity researchers revealed a proof-of-concept exploit for a critical vulnerability (CVE-2024-41713) in Mitel MiCollab, enabling unauthorized file access via a path traversal attack. The flaw has been patched in versions 9.8 SP2 and later. Additionally, several vulnerabilities were found in Lorex security cameras, allowing remote code execution. ### Meeting Takeaways … Read more

Europol Shuts Down Manson Market Fraud Marketplace, Seizes 50 Servers

December 5, 2024 at 10:27AM Europol has shut down Manson Market, a major online fraud marketplace, seizing over 50 servers and arresting two suspects. Launched in 2022, the site traded stolen data from phishing schemes. Authorities from multiple countries collaborated to dismantle the network, collecting over 200 terabytes of digital evidence. ### Meeting Takeaways – … Read more

Hackers Target Uyghurs and Tibetans with MOONSHINE Exploit and DarkNimbus Backdoor

December 5, 2024 at 08:39AM The Earth Minotaur threat cluster uses the MOONSHINE exploit kit and the DarkNimbus backdoor to target Tibetans and Uyghurs through social engineering and phishing methods. It exploits Chromium vulnerabilities, facilitating long-term surveillance on Android and Windows devices, while affecting numerous countries and employing advanced malware tools. ### Meeting Takeaways on … Read more

‘DroidBot’ Android Trojan Targets Banking, Cryptocurrency Applications

December 5, 2024 at 08:29AM A new Android remote access trojan (RAT) named DroidBot targets 77 banks and exchanges, primarily in Europe, with plans to expand to Latin America. It features advanced capabilities like keylogging and overlay attacks, distributed via fake security apps. Offered as malware-as-a-service, affiliates can manage infected devices for various malicious actions. … Read more

50 Servers Linked to Cybercrime Marketplace and Phishing Sites Seized by Law Enforcement

December 5, 2024 at 08:15AM Europol announced the dismantling of the Manson Market cybercrime marketplace and associated phishing websites by law enforcement in Germany and other European countries. Investigations revealed thousands of users bought stolen financial data. Authorities seized over 50 servers and arrested key suspects. This follows other recent takedowns of online criminal networks. … Read more