December 13, 2024 at 06:03AM A state-sponsored Iranian hacking group, CyberAv3ngers, has employed custom malware, IOCONTROL, to target IoT and operational technology devices in the U.S. and Israel. This malware exploits vulnerabilities in industrial control systems, leading to significant disruptions. The U.S. government offers a $10 million reward for information on the group. ### Meeting … Read more
December 13, 2024 at 04:45AM Researchers have identified a sophisticated Linux rootkit named PUMAKIT, capable of privilege escalation and evasion from detection. It uses multi-stage architecture, advanced stealth techniques, and hooks into system calls to conceal its presence while communicating with command-and-control servers. This highlights increasing malware complexity on Linux systems. **Meeting Takeaways from December … Read more
December 13, 2024 at 04:11AM GitGuardian addresses the growing security concern of managing secrets across multiple vaults for Non-Human Identities (NHIs) in enterprises, which now outnumber human users 100 to one. Their new multi-vault integrations provide centralized visibility, automate detection, and streamline management, enhancing security and compliance while reducing operational costs. ### Meeting Takeaways: 1. … Read more
December 13, 2024 at 03:04AM Trend Micro researchers examined a social engineering attack where an attacker impersonated a client during a Microsoft Teams call. The victim was tricked into downloading AnyDesk, allowing remote access, which facilitated the installation of DarkGate malware. The attack was ultimately stopped before any data exfiltration occurred, highlighting security vulnerabilities. **Meeting … Read more
December 13, 2024 at 02:15AM The U.S. Department of Justice shut down the Rydox marketplace, arresting its Kosovo administrators for selling stolen personal information and cybercrime tools. Rydox facilitated over 7,600 sales, generating $230,000. Additionally, Nigerian national Abiola Kayode was extradited for his role in a $6 million email fraud scheme. ### Meeting Takeaways 1. … Read more
December 13, 2024 at 02:06AM Dubai Police are being impersonated by fraudsters in a phishing campaign targeting mobile users in the UAE. The attackers send messages with fake URLs, aiming to harvest personal and financial information. Cybercriminals exploit the UAE’s digital vulnerabilities, urging organizations to enhance cybersecurity measures and cooperate with law enforcement against evolving … Read more
December 12, 2024 at 07:35PM North Korean scammers have reportedly earned $88 million over six years by posing as IT workers in remote jobs. The U.S. Department of Justice identified two companies employing these operatives, revealing a network that included fraudulent identities and extortion. A $5 million reward has been offered for disrupting these activities. … Read more
December 12, 2024 at 05:38PM A newly discovered Linux rootkit malware, Pumakit, incorporates stealth and privilege escalation techniques. It consists of multiple components, including a dropper and kernel/userland rootkits. Discovered by Elastic Security, it targets older Linux kernels for espionage and theft, employing sophisticated infection methods and hiding capabilities from system tools and logs. ### … Read more
December 12, 2024 at 05:19PM Researchers found over 296,000 exposed Prometheus servers and exporters on the web, revealing sensitive data like plaintext passwords and enabling potential denial of service attacks. Vulnerabilities also posed risks for repojacking attacks, where attackers exploit deleted usernames to execute malicious code. Users are urged to secure their installations. ### Meeting … Read more
December 12, 2024 at 05:16PM An international law enforcement operation has shut down the Rydox cybercrime marketplace, leading to the arrest of three administrators involved in its operations. **Meeting Takeaways:** 1. **Operation Overview**: An international law enforcement operation successfully targeted the Rydox cybercrime marketplace. 2. **Outcome**: The operation resulted in the seizure of the Rydox … Read more