TeamViewer breach and Atlassian Jira outage
Threat actor breaches TeamViewer to deploy ransomware, Atlassian’s Jira suffers outage affecting multiple services, and Microsoft executives email hack. Catch all this and more in this week’s edition of Cybersecurity Weekly.
See Infosec IQ in action
1. Ransomware actor breaches TeamViewer to gain initial access to corporate networks
Hackers are using TeamViewer to deploy ransomware, reports cybersecurity firm Huntress. They identified two incidents affecting both active and inactive endpoints. In both cases, swift intervention and antivirus software thwarted the attacks. Researchers say this recent ransomware closely mirrors the previously exploited LockBit Black malware.
2. Atlassian’s Jira goes down, affecting multiple cloud services
Atlassian's project management tool Jira recently suffered an outage affecting multiple services. The incident sparked a flurry of reports on X, as users struggled to begin or finish tasks. Reports from DownDetector revealed the outage was global and impacted users from various countries. Atlassian later announced a fix and said Jira should be usable again.
3. Microsoft says Russian nation-state hackers behind executives’ email breach
Microsoft says a Russian state-sponsored group known as Midnight Blizzard hacked its systems on January 12. The group used a password spray attack to gain entry and breach a portion of corporate emails. Since then, Microsoft has blocked their access and highlighted the continuous threat from such nation-state actors. The action aligns with new SEC regulations requiring prompt cyberattack disclosures by public companies.
4. FBI warns Androxgh0st malware spoofs important cloud credentials
CISA and the FBI warn about Androxgh0st malware building a botnet for cloud credential theft. Initially detected in 2022, the malware exploits flaws in key web frameworks to steal Office 365 and AWS credentials. Threat actors behind Androxgh0st use these credentials to conduct further attacks. Federal agencies advise updating systems and software and enhancing security measures to counter this threat.
5. 170,000 Android TV boxes hit by BigPanzi botnet for financial extortion
Beijing's Qianxin Xlabs reveals that a cybercrime group named Bigpanzi has been targeting Android TV and eCos set-top boxes since 2015. Using deceptive firmware updates and backdoored apps, Bigpanzi created a botnet with 170,000 daily bots and 1.3 million unique IPs. The group uses these devices to serve illegal media streams, DDoS attacks, and more. Despite extensive research, Xlabs has yet to disclose attribution details.
See Infosec IQ in action
In this Series
- TeamViewer breach and Atlassian Jira outage
- Canada Flipper Zero ban and new RustDoor macOS malware
- AnyDesk hack and iPhone patched kernel flaw
- Tesla Pwn2Own hacks and iOS push alerts abuse
- Moscow ISP revenge hack and Microsoft Sharepoint bug warning
- X verified accounts hack and SpectralBlur macOS malware
- CISA default password alert and SOHO KV-botnet campaign
- New 5G modem flaws and Apple’s data breach report
- Staples cyberattack, Agent Racoon backdoor and other news
- British Library ransomware attack, Windows fingerprint authentication bypass
- Samsung UK data breach and ransomware actor’s SEC complaint
- ICBC ransomware attack and ChatGPT outage
- Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware
- Octo Tempest hacking group and new iLeakage attack
- Okta support system breach and Google Ads fake KeePass campaign
- Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning
- 23andMe data theft, MGM’s $100M ransomware loss and the Azure VM breach
- Malicious Bing Chat ads and FBI’s dual ransomware warning
- T-Mobile app glitch and fake Booking.com pages
- Airbus data leak, Cisco Webex ad malware and €345 million TikTok fine
- New Apple iMessage exploit and CISA’s Apache RocketMQ warning
- Forever 21 data breach and Android BadBazaar espionage
- Duolingo data leak and the Met Police IT hack
- Discord.io data breach and Ivanti Avalanche vulnerabilities
- UK Electoral Commission hack and Microsoft’s role in China email breach
- Salesforce email zero-day exploit and Microsoft Power Platform criticism
- Airlines disclose pilot data breach and the Microsoft Teams bug
- GravityRAT Android Trojan and new MOVEit Transfer flaw
- University of Manchester hack and Honda API flaws
- MOVEit zero-day exploit and the U.S. iPhone hack accusation
- Daam Android virus and Barracuda zero-day flaw
- TP-Link router exploit and 18-year-old charged with hacking DraftKings accounts
- Discord support hack and Toyota location data leak
- Twitter private tweets bug and Cisco phone router vulnerabilities
- Cisco XSS zero-day flaw and PaperCut vulnerabilities
- 3CX hackers hit critical infrastructure and secondhand routers cause security concerns
- Hyundai data breach and Microsoft’s warning to accountants
- Western Digital cloud breach and the MSI ransomware hack
- TMX loan data breach, Italy bans ChatGPT and WordPress Elementor Pro exploit
- ChatGPT data leak and Gmail message theft by North Korean hackers
- U.S. federal agency hack and the return of FakeCalls Android malware
- Massive AT&T data breach and fake jobs targeting security researchers
- U.S. Marshals service breach and TPM 2.0 security flaws
- Dangerous ChatGPT apps and food giant Dole ransomware attack
- GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware
- Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware
- JD Sports data breached, VMware ESXi servers attacked and the HeadCrab malware
- Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
- PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
- Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
- Uber data leaked, 48 DDoS-for-hire domains seized and Facebook posts phishing attack
We’ll customize our demo to your
- Security awareness goals
- Existing security and employee training tools
- Industry and compliance requirements
