News

TeamViewer breach and Atlassian Jira outage

Dan Virgillito
January 22, 2024 by
Dan Virgillito

Threat actor breaches TeamViewer to deploy ransomware, Atlassian’s Jira suffers outage affecting multiple services, and Microsoft executives email hack. Catch all this and more in this week’s edition of Cybersecurity Weekly.

Top Security Awareness Posters

Top Security Awareness Posters

Download our collection of free posters and use them to keep security at the forefront of your employees' minds.

1. Ransomware actor breaches TeamViewer to gain initial access to corporate networks

Hackers are using TeamViewer to deploy ransomware, reports cybersecurity firm Huntress. They identified two incidents affecting both active and inactive endpoints. In both cases, swift intervention and antivirus software thwarted the attacks. Researchers say this recent ransomware closely mirrors the previously exploited LockBit Black malware.

Read more »

2. Atlassian’s Jira goes down, affecting multiple cloud services

 Atlassian's project management tool Jira recently suffered an outage affecting multiple services. The incident sparked a flurry of reports on X, as users struggled to begin or finish tasks. Reports from DownDetector revealed the outage was global and impacted users from various countries. Atlassian later announced a fix and said Jira should be usable again.

Read more »

3. Microsoft says Russian nation-state hackers behind executives’ email breach

Microsoft says a Russian state-sponsored group known as Midnight Blizzard hacked its systems on January 12. The group used a password spray attack to gain entry and breach a portion of corporate emails. Since then, Microsoft has blocked their access and highlighted the continuous threat from such nation-state actors. The action aligns with new SEC regulations requiring prompt cyberattack disclosures by public companies.

Read more »

4. FBI warns Androxgh0st malware spoofs important cloud credentials

CISA and the FBI warn about Androxgh0st malware building a botnet for cloud credential theft. Initially detected in 2022, the malware exploits flaws in key web frameworks to steal Office 365 and AWS credentials. Threat actors behind Androxgh0st use these credentials to conduct further attacks. Federal agencies advise updating systems and software and enhancing security measures to counter this threat.

Read more »

5. 170,000 Android TV boxes hit by BigPanzi botnet for financial extortion

Beijing's Qianxin Xlabs reveals that a cybercrime group named Bigpanzi has been targeting Android TV and eCos set-top boxes since 2015. Using deceptive firmware updates and backdoored apps, Bigpanzi created a botnet with 170,000 daily bots and 1.3 million unique IPs. The group uses these devices to serve illegal media streams, DDoS attacks, and more. Despite extensive research, Xlabs has yet to disclose attribution details.

Read more »

See Infosec IQ in action

See Infosec IQ in action

From gamified security awareness to award-winning training, phishing simulations, culture assessments and more, we want to show you what makes Infosec IQ an industry leader.

Dan Virgillito
Dan Virgillito

Dan Virgillito is a blogger and content strategist with experience in cyber security, social media and tech news.