Focus Mode
Info Data Leak

Cyber Briefing: January 8, 2025

admin
Cyber Briefing: January 8, 2025
This article discusses the latest trends in cybersecurity, including the Mirai botnet exploiting vulnerabilities in Four-Faith routers, critical flaws in Mitel and Oracle systems, and various cyber incidents such as data breaches at Green Bay Packers and Casio. It also highlights the launch of the U.S. Cyber Trust Mark for IoT devices and legal actions against T-Mobile. Affected: Mirai Botnet, Four-Faith Routers, Mitel MiCollab, Oracle WebLogic Server, Illumina iSeq 100, IBM Concert Software, PHP servers, Green Bay Packers, ICAO, Orange Finance, Casio, PowerSchool, U.S. Cyber Trust Mark, T-Mobile, Telegram, Veracode, Meta.

Keypoints :

  • Mirai botnet variant “gayfemboy” targets Four-Faith routers for DDoS attacks.
  • CISA adds critical vulnerabilities in Mitel and Oracle to its catalog.
  • Illumina iSeq 100 DNA sequencer has severe vulnerabilities due to outdated firmware.
  • IBM Concert Software faces multiple critical vulnerabilities threatening data integrity.
  • PHP server flaw exploited for injecting cryptocurrency mining malware.
  • Green Bay Packers’ online store breached, leading to theft of customer data.
  • ICAO confirms breach affecting over 40,000 recruitment records.
  • Orange Finance hacked, resulting in a loss of approximately $787,000 in cryptocurrency.
  • Casio confirms personal data leakage following a ransomware attack.
  • PowerSchool breach affects sensitive information of families and educators in Georgia.
  • U.S. Cyber Trust Mark launched to enhance security for IoT devices.
  • Washington state sues T-Mobile over inadequate data protection during a breach.
  • Telegram shares user data with authorities, fulfilling numerous government requests.
  • Veracode acquires Phylum to enhance software supply chain security.
  • Meta replaces its fact-checking program with a community-driven notes system.

MITRE Techniques :

  • Initial Access (T1078) – Exploitation of vulnerabilities in Four-Faith routers by Mirai botnet.
  • Exploitation for Client Execution (T1203) – Exploitation of PHP server vulnerability (CVE-2024–4577) for remote code execution.
  • Data Encrypted for Impact (T1486) – Ransomware attack on Casio leading to data leakage.
  • Credential Dumping (T1003) – Unauthorized access during the PowerSchool breach.
  • Denial of Service (T1499) – DDoS attacks orchestrated by the Mirai botnet.

Full Research: https://cybermaterial.medium.com/cyber-briefing-2025-01-08-3c02060afd56?source=rss——infosec-5

Tags: VULNERABILITY, CRYPTO, FINANCIAL, WINDOWS, LEAK, CVE, INITIAL ACCESS, MOBILE