FTC warns of online task job scams hooking victims like gambling

December 13, 2024 at 02:58PM The FTC warns of a significant rise in online job scams, particularly “task scams,” which lure victims with promises of easy money through simple tasks. Reports soared from 5,000 in 2023 to 20,000 in 2024, causing losses exceeding $220 million, with a notable increase attributed to these scams. ### Meeting … Read more

CISA warns water facilities to secure HMI systems exposed online

December 13, 2024 at 02:36PM CISA and the EPA have issued a warning to water facilities to protect Internet-exposed Human Machine Interfaces (HMIs) from potential cyberattacks, emphasizing the importance of security measures to safeguard these critical systems. **Meeting Takeaways:** 1. **Warning Issued**: CISA and the EPA have issued a warning regarding the security of water … Read more

Russia blocks Viber in latest attempt to censor communications

December 13, 2024 at 01:17PM Russian telecom authority Roskomnadzor has blocked the Viber app for violating local laws, citing concerns over terrorism, drug sales, and illegal content. This follows a court ruling and ongoing restrictions on various foreign messaging apps. Viber had over 1 billion downloads on Android before the ban. ### Meeting Takeaways 1. … Read more

Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection

December 13, 2024 at 12:57PM A critical vulnerability (CVE-2024-54143) in OpenWrt’s Attended Sysupgrade could allow attackers to inject malicious firmware by exploiting command injection and hash collision issues. Patched in version 920c8a1, the flaw poses a severe supply chain risk as no authentication is required for exploitation. Users are urged to update immediately. ### Meeting … Read more

Russian cyberspies target Android users with new spyware

December 13, 2024 at 12:49PM Russian cyberspies Gamaredon are using two Android spyware families, BoneSpy and PlainGnome, to target Russian-speaking individuals in former Soviet states. BoneSpy has been active since 2021, while PlainGnome emerged in 2024. Both malware types collect extensive data from mobile devices, highlighting Gamaredon’s evolved tactics in digital surveillance. **Meeting Takeaways:** 1. … Read more

Germany blocks BadBox malware loaded on 30,000 Android devices

December 13, 2024 at 11:49AM Germany’s Federal Office for Information Security (BSI) has successfully disrupted the BadBox malware operation, which was pre-installed in over 30,000 sold Android IoT devices in the country. **Meeting Takeaways:** 1. **Operation Disruption**: Germany’s Federal Office for Information Security (BSI) successfully disrupted the BadBox malware operation. 2. **Affected Devices**: The malware … Read more

DoJ Indicts 14 North Koreans for $88M IT Worker Fraud Scheme Over Six Years

December 13, 2024 at 11:45AM The U.S. Department of Justice has indicted 14 North Korean nationals for allegedly violating sanctions through a scheme involving wire fraud, money laundering, and identity theft. They illegally sought remote IT jobs while generating at least $88 million for the North Korean regime, utilizing various deceptive tactics to conceal their … Read more

Critical Vulnerabilities Found in Ruijie Reyee Cloud Management Platform

December 13, 2024 at 10:54AM Cybersecurity firm Claroty warns of vulnerabilities in the Reyee cloud management platform that could enable attackers to take control of 50,000 devices. Using device serial numbers, hackers can generate credentials, execute denial-of-service attacks, and potentially steal sensitive data. Ruijie has reportedly fixed all identified security issues. **Meeting Takeaways: Vulnerabilities in … Read more

US Updates a Science and Technology Pact With China to Reflect Growing Rivalry and Security Threats

December 13, 2024 at 10:40AM The U.S. has revised its science and technology agreement with China, narrowing its scope and enhancing security measures amid rising tensions. The deal, effective for five years, focuses on basic research, safeguarding intellectual property, and limiting cooperation on critical technologies like AI and quantum computing, reflecting the current geopolitical landscape. … Read more

Germany sinkholes BadBox malware pre-loaded on Android devices

December 13, 2024 at 10:22AM Germany’s Federal Office for Information Security (BSI) has successfully disrupted the BadBox malware operation, which was pre-loaded in more than 30,000 Android IoT devices sold in the country. This action aims to enhance cybersecurity for affected devices and protect users from potential threats. **Meeting Takeaways:** 1. **Disruption of BadBox Malware**: … Read more