From hijacked IoT devices to recruitment on the dark web, the cyber threat landscape is growing increasingly diverse. The Ngioweb malware has constructed a massive botnet of 35,000 IoT devices, repurposing them for residential proxy services like NSOCKS and fueling malicious activities. LIMINAL PANDA, a Chinese state-linked group, has been quietly infiltrating telecom networks in South Asia and Africa since 2020, using bespoke tools for data exfiltration and persistent access. In a concerning trend, ransomware groups such as Apos and Rabbit Hole are now openly recruiting penetration testers through dark web job postings, signaling a shift in how cybercrime networks are resourcing their operations. Read on for the top 10 highlights from cyberspace.
01
The Ngioweb malware has been utilized to create a botnet used for residential proxy services like NSOCKS, VN5Socks, and Shopsocks5. The botnet consists of over 35,000 working bots, with a large portion located in the U.S.
02
The China-linked group LIMINAL PANDA has targeted South Asian and African telecoms since 2020, using custom tools like SIGTRANslator, CordScan, and PingPong, revealed CrowdStrike.
03
The GAO published a report highlighting significant disparities in how government agencies protect citizens' personal data, indicating a need for comprehensive government-wide guidance on civil rights and liberties.
04
Apple released emergency security updates to fix two zero-day vulnerabilities (CVE-2024-44308 and CVE-2024-44309) that were exploited in attacks on Intel-based Mac systems.
05
The CISA warned of three critical vulnerabilities: Kemp LoadMaster OS (CVE-2024-1212) allowing command execution and Palo Alto Networks PAN-OS (CVE-2024-0012 and CVE-2024-9474) enabling unauthorized access.
06
Multiple decade-old vulnerabilities (CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-11003, and CVE-2024-10224) in Ubuntu’s needrestart package could allow local attackers to gain root privileges.
07
Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to gain access and using FFmpeg to capture and redirect live sports event streams to their server.
08
A new report revealed that ransomware affiliate programs, such as Apos, Lynx, and Rabbit Hole are actively seeking penetration testers, with Russian-language job listings discovered on the dark web.
09
Cybercriminals are exploiting Spotify by embedding keywords and links in playlists and podcasts to boost search engine visibility for pirated software, game cheats, and spam websites.
10
Microsoft introduced the Windows Resiliency Initiative to enhance security and reliability by enabling targeted fixes on PCs without physical access, running security tools in user mode, and introducing new security features.
