CISA Adds New Vulnerabilities; Mirai Targets IoT; Massive Android Malware Outbreak and Major Data Breach
December 22, 2024Moreover, CERT-UA reported that a Russian-linked group has been abusing Cloudflare Workers to launch attacks against the Ukrainian army, showcasing the use of legitimate services for malicious purposes.
Lastly, Sophos has addressed critical vulnerabilities in its firewall product, underscoring the importance of timely security updates for software.
The latest edition of the Security Affairs Malware Newsletter, published on December 22, 2024, highlights significant updates and articles on cybersecurity and cybercrime.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added several vulnerabilities to its Known Exploited Vulnerabilities catalog, including a software flaw in BeyondTrust, a Microsoft Windows Kernel-Mode Driver issue, and vulnerabilities in Adobe ColdFusion.
On the legal front, a Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, which resulted in millions in ransom payments.
In a related warning, Juniper Networks has alerted organizations about the Mirai botnet now targeting SSR devices, raising concerns about the security of Internet of Things (IoT) devices.
Additionally, the BadBox malware has rapidly infected around 190,000 Android devices, indicating a growing threat to mobile security.
In the realm of educational institutions, Texas Tech University experienced a significant data breach affecting 1.4 million individuals, underscoring vulnerabilities in this sector.
Furthermore, a dual Russian and Israeli national has been charged in the U.S. as a developer for the LockBit ransomware, illustrating ongoing international efforts to combat cybercrime.
The FBI has also issued warnings about HiatusRAT scanning campaigns targeting Chinese-branded web cameras and DVRs, emphasizing the need for heightened awareness of potential cybersecurity risks.
In another development, Fortinet has issued warnings regarding a critical flaw in its Wireless LAN Manager, highlighting the necessity for organizations to secure their wireless networks.
The U.S. government is considering a ban on TP-Link routers due to cybersecurity concerns, reflecting a proactive approach to mitigating potential threats from specific hardware.
Summary based on 2 sources
Get a daily email with more Tech stories
Sources
Security Affairs • Dec 22, 2024
Security Affairs newsletter Round 503 by Pierluigi Paganini – INTERNATIONAL EDITIONSecurity Affairs • Dec 22, 2024
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 25