#CyberThreats

Over 145,000 Industrial Control Systems Across 175 Countries Found Exposed Online

by

November 21, 2024 at 06:11AM New research reveals over 145,000 internet-exposed Industrial Control Systems (ICS) in 175 countries, with the U.S. having the highest exposure. Key protocols used are outdated, increasing vulnerability. Cyber attacks targeting ICS are rare but rising, necessitating enhanced security measures. The analysis underscores the importance of monitoring and securing critical infrastructure. … Read more

‘Water Barghest’ Sells Hijacked IoT Devices for Proxy Botnet Misuse

by

November 20, 2024 at 09:39AM The cybercriminal group “Water Barghest” exploits vulnerabilities in IoT devices to create proxy botnets, already compromising over 20,000 devices. Using automated scripts and proprietary malware, they sell these devices on a residential proxy marketplace. This poses significant security challenges, prompting the need for enhanced IoT protection measures. **Meeting Takeaways:** 1. … Read more

Amazon and Audible flooded with ‘forex trading’ and warez listings

by

November 20, 2024 at 08:49AM Amazon, Amazon Music, and Audible have experienced an influx of fake listings promoting dubious forex trading sites, pirated software, and spammy links. These listings, including zero-second audio episodes, exploit the platforms for SEO manipulation. The issue highlights a broader problem of spam in digital content distribution. ### Meeting Takeaways: 1. … Read more

China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks

by

November 20, 2024 at 02:27AM A new China-linked cyber espionage group named Liminal Panda targets telecommunications entities in South Asia and Africa, employing advanced tools for unauthorized access and data extraction. CrowdStrike highlights prior misattribution and notes that these activities exploit trust relationships among telecom providers, underscoring vulnerabilities in critical infrastructure to state-sponsored attacks. ### … Read more

America’s drinking water systems have a hard-to-swallow cybersecurity problem

by

November 19, 2024 at 03:02PM A recent EPA study found that nearly one-third of U.S. drinking water systems have cybersecurity vulnerabilities, affecting approximately 82.7 million people. The agency lacks a tracking system for potential attacks, relies on DHS for incident reporting, and faces ongoing challenges in enhancing cybersecurity amidst aging infrastructure. ### Meeting Takeaways: 1. … Read more

Russian Ransomware Gangs on the Hunt for Pen Testers

by

November 19, 2024 at 01:57PM Ransomware gangs like Apos, Lynx, and Rabbit Hole are recruiting pen testers to enhance their operations, reflecting the professionalization of Russian cybercrime. A Cato Networks report highlights the growing threat of ransomware, unauthorized AI, and underutilization of Transport Layer Security (TLS) in cybersecurity practices. ### Meeting Takeaways 1. **Ransomware Gangs … Read more

Botnet fueling residential proxies disrupted in cybercrime crackdown

by

November 19, 2024 at 10:40AM The Ngioweb botnet, essential for the NSOCKS proxy service with 35,000 bots, is facing disruption as security firms block traffic to and from its two networks. **Meeting Notes Takeaways:** 1. **Ngioweb Botnet Overview**: The Ngioweb botnet comprises approximately 35,000 bots that are primarily utilized in the NSOCKS proxy service, which … Read more

Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices

by

November 19, 2024 at 09:42AM The Ngioweb malware powers the NSOCKS residential proxy service, with 80% of its bots originating from the Ngioweb botnet. This operation, involving over 20,000 IoT devices, allows users to proxy malicious traffic globally, facilitating attacks while obscuring identities. The underground proxy market is expected to grow significantly. ### Meeting Takeaways: … Read more

Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts

by

November 19, 2024 at 09:42AM Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to facilitate sports piracy by hijacking unauthenticated notebooks. They use FFmpeg to capture and illegally stream live sports events. The campaign poses serious risks, including data theft and operational disruption, according to a report by Aqua’s threat intelligence director. **Meeting Takeaways … Read more

New ‘Helldown’ Ransomware Variant Expands Attacks to VMware and Linux Systems

by

November 19, 2024 at 05:45AM Cybersecurity researchers have identified a new Linux variant of the Helldown ransomware, derived from LockBit 3.0. This group targets virtualized infrastructures, exploiting Zyxel security flaws. Helldown employs double extortion tactics, attacking various sectors. Additionally, a new ransomware, Interlock, has emerged, targeting similar sectors with advanced operations. ### Meeting Takeaways on … Read more