A recent report reveals that multiple cybersecurity firms have had their account credentials leaked and are being sold on the dark web. This poses risks not only to the companies involved but also to their customers. Additionally, the Ministry of Industry and Information Technology highlights the ongoing threat of the Androxgh0st botnet, which targets IoT devices and network infrastructure. Affected: cybersecurity firms, IoT devices, network infrastructure
Keypoints :
- Multiple cybersecurity vendors’ credentials leaked to the dark web.
- Credentials from at least 14 security providers were found, including CrowdStrike and McAfee.
- Leaked credentials available for as low as in cybercrime marketplaces.
- Androxgh0st botnet actively targets IoT devices, leading to sensitive information leaks and ransomware attacks.
- Cybersecurity measures recommended include patching systems and enhancing monitoring protocols.
MITRE Techniques :
- Credential Dumping (T1003) – Credentials from services and applications were compromised and sold online.
- Supply Chain Compromise (T1195) – Compromise of cybersecurity providers leading to broader impacts on their users.
- Exploitation of Public-Facing Application (T1190) – Use of known vulnerabilities in IoT and network infrastructure as entry points for the Androxgh0st botnet.
Full Story: https://www.aqniu.com/homenews/108150.html