December 13, 2024 at 02:15AM The U.S. Department of Justice shut down the Rydox marketplace, arresting its Kosovo administrators for selling stolen personal information and cybercrime tools. Rydox facilitated over 7,600 sales, generating $230,000. Additionally, Nigerian national Abiola Kayode was extradited for his role in a $6 million email fraud scheme. ### Meeting Takeaways 1. … Read more
December 13, 2024 at 02:06AM Dubai Police are being impersonated by fraudsters in a phishing campaign targeting mobile users in the UAE. The attackers send messages with fake URLs, aiming to harvest personal and financial information. Cybercriminals exploit the UAE’s digital vulnerabilities, urging organizations to enhance cybersecurity measures and cooperate with law enforcement against evolving … Read more
December 12, 2024 at 07:35PM North Korean scammers have reportedly earned $88 million over six years by posing as IT workers in remote jobs. The U.S. Department of Justice identified two companies employing these operatives, revealing a network that included fraudulent identities and extortion. A $5 million reward has been offered for disrupting these activities. … Read more
December 12, 2024 at 05:38PM A newly discovered Linux rootkit malware, Pumakit, incorporates stealth and privilege escalation techniques. It consists of multiple components, including a dropper and kernel/userland rootkits. Discovered by Elastic Security, it targets older Linux kernels for espionage and theft, employing sophisticated infection methods and hiding capabilities from system tools and logs. ### … Read more
December 12, 2024 at 05:19PM Researchers found over 296,000 exposed Prometheus servers and exporters on the web, revealing sensitive data like plaintext passwords and enabling potential denial of service attacks. Vulnerabilities also posed risks for repojacking attacks, where attackers exploit deleted usernames to execute malicious code. Users are urged to secure their installations. ### Meeting … Read more
December 12, 2024 at 05:16PM An international law enforcement operation has shut down the Rydox cybercrime marketplace, leading to the arrest of three administrators involved in its operations. **Meeting Takeaways:** 1. **Operation Overview**: An international law enforcement operation successfully targeted the Rydox cybercrime marketplace. 2. **Outcome**: The operation resulted in the seizure of the Rydox … Read more
December 12, 2024 at 04:35PM EagleMeSpy, a surveillance tool developed by a Chinese company for law enforcement, has been scraping sensitive data from Android devices since 2017. It requires physical access to install and is not available in app stores. Researchers indicate potential iOS versions exist, and the spyware is continuously developed to avoid detection. … Read more
December 12, 2024 at 04:13PM Ruijie Networks has patched 10 vulnerabilities in its Reyee cloud management platform, potentially allowing control of thousands of devices. Researchers from Claroty, who developed the “Open Sesame” attack, highlighted weaknesses in device authentication. This could enable attackers to impersonate the cloud platform and exploit connected devices, raising IoT security concerns. … Read more
December 12, 2024 at 03:48PM Iranian threat actors are deploying a new malware, IOCONTROL, to attack IoT devices and critical infrastructure systems in Israel and the U.S. It targets various devices, including routers and fuel management systems, potentially causing disruptions. Linked to the CyberAv3ngers group, it is difficult to detect with current antivirus tools. ### … Read more
December 12, 2024 at 03:26PM The U.S. State Department is offering up to $5 million for information on North Korean front companies involved in illegal remote IT work, generating millions to support nuclear programs. Fourteen “IT warriors” were indicted for identity theft and fraud, highlighting ongoing risks of North Korean infiltration in U.S. businesses. **Meeting … Read more