Mitiga Lands $30M Series B to Tackle Cloud Security Challenges
Mitiga, the NY/Israel-based cloud security startup, just closed a $30M Series B led by SYN Ventures, bringing its total funding to $75M. The company's AI-powered platform helps organizations detect and respond to cloud and SaaS security incidents, claiming to slash response times by 90%. The fresh capital will fuel expansion across North America and Europe, while boosting platform development and strategic partnerships. The investment signals growing demand for cloud-native security solutions as organizations accelerate their digital transformation. Read more at SecurityWeek
Microsoft Teams Exploited in New Wave of Ransomware Attacks
Two sophisticated threat groups, dubbed STAC5143 and STAC5777, have been exploiting Microsoft Teams' default configurations to initiate malicious contact with employees, Sophos reveals. The attackers pose as IT support, using Teams' screen sharing and call features to gain system access and deploy ransomware. The campaign, active since November 2024, highlights the growing abuse of legitimate collaboration tools for cyberattacks. Organizations are urged to review Teams configurations and enhance employee training against these social engineering tactics. Read more at Sophos
Spikerz Secures $7M Seed Round to Combat Social Media Security Threats
Social media security startup Spikerz has raised $7M in seed funding led by Disruptive AI. The platform helps social media teams and influencers protect against phishing attacks, scams, and account takeovers while addressing visibility issues like shadowbanning. CEO Naveh Ben Dror emphasized the growing sophistication of malicious actors leveraging GenAI, highlighting the urgent need for advanced protection tools in the social media space. Read more at TechCrunch
Mercedes-Benz Patches Critical Infotainment System Vulnerabilities
Kaspersky researchers uncovered multiple security flaws in Mercedes-Benz's first-generation MBUX infotainment system. While the automaker confirms the issues are patched, the vulnerabilities could potentially allow attackers with physical access to disable anti-theft features and unlock paid services. Mercedes emphasizes that newer versions aren't affected and exploitation requires physical access to the vehicle's interior. The discovery underscores ongoing security challenges in modern vehicle systems. Read more at SecurityWeek
FCC Mandates Enhanced Cybersecurity After Chinese Telecom Hacks
The FCC has adopted new rules requiring telecom providers to implement robust cybersecurity measures following attacks on U.S. wireless carriers by Chinese state actors. The declaratory ruling mandates annual certification of cybersecurity risk management plans and extends to various service providers including radio, television, and VoIP operators. The move comes in response to confirmed breaches by the "Salt Typhoon" threat group targeting at least nine U.S. carriers. Read more at FCC.gov
TikTok Service Restored After Temporary U.S. Ban
In a dramatic turn of events, TikTok restored service to U.S. users following a brief shutdown, as President-elect Trump promised an executive order to pause the federal ban. The platform went dark Saturday night in response to legislation requiring ByteDance to sell its U.S. operations. The temporary shutdown proved to be a "brilliant marketing stunt," according to analysts, demonstrating the app's massive user base impact. Trump's intervention signals potential policy shifts ahead of his return to office. Read more at Associated Press
13,000 MikroTik Routers Compromised in Global Malspam Campaign
Infoblox researchers have uncovered a massive botnet comprising 13,000 hijacked MikroTik routers being used for malicious email campaigns. Dubbed "Mikro Typo," the operation exploits misconfigured DNS records to bypass email security protocols. The compromised devices, configured as SOCKS proxies without authentication, enable various malicious activities including DDoS attacks and phishing campaigns. Read more at Infoblox Security
CISA and FBI Update Software Security Guidelines
The U.S. cybersecurity agencies have revised their guidance on risky software security practices, incorporating public feedback from 78 comments. The updated recommendations address hardcoded credentials, outdated cryptographic functions, and product support issues. The guidance specifically targets software manufacturers developing products for critical infrastructure, emphasizing the importance of "secure-by-design" principles. Read more at CISA
HPE Investigates Data Breach Claims After Hacker Lists Files for Sale
HPE has launched an investigation following claims by notorious hacker IntelBroker about the sale of company data, including source code for products like Zerto and iLO. While HPE confirms no operational impact, the allegedly stolen data includes private GitHub repositories and digital certificates. The company has disabled related credentials and activated cyber response protocols. Read more at SecurityWeek
Ex-CIA Analyst Pleads Guilty to Leaking Classified Information
Former CIA analyst Asif William Rahman, 34, has pleaded guilty to sharing top-secret national defense information with unauthorized parties. The case involves the transmission of classified documents related to U.S. allies' military plans, which eventually appeared on social media platforms. Rahman faces up to 10 years in prison, with sentencing scheduled for May 2025. Read more at Department of Justice
Murdoc Botnet Targets AVTECH Cameras and Huawei Routers
A new Mirai variant dubbed Murdoc Botnet is actively exploiting vulnerabilities in AVTECH IP cameras and Huawei HG532 routers. Qualys researchers report over 1,370 infected systems since July 2024, primarily in Southeast Asia and Mexico. The botnet leverages known flaws like CVE-2017-17215 and CVE-2024-7029 to build its DDoS army, highlighting the ongoing IoT security challenges. Read more at Qualys Security Research
CERT-UA Warns of Fake Security Audit Scams Using AnyDesk
Ukraine's CERT has issued an alert about threat actors impersonating the agency through fraudulent AnyDesk connection requests. The scammers claim to conduct security audits, attempting to exploit user trust. CERT-UA emphasizes that legitimate audits are only conducted through official channels with prior agreement, highlighting the sophistication of current social engineering tactics. Read more at CERT-UA
Philippines Arrests Chinese National in Critical Infrastructure Surveillance Case
Philippine authorities have arrested three individuals, including a Chinese national with alleged ties to the PLA, for conducting unauthorized surveillance of critical infrastructure. The month-long operation involved a specially equipped vehicle for gathering intelligence on potential targets. The case underscores growing concerns about foreign surveillance activities in Southeast Asia amid territorial disputes. Read more at NBI Philippines
4.2M Hosts Exposed Through Unsecured Tunneling Protocols
Research from Top10VPN and KU Leuven has revealed critical vulnerabilities in multiple tunneling protocols, affecting 4.2 million hosts globally. The security flaws in protocols like IP6IP6 and GRE6 could enable attackers to create one-way proxies and launch DDoS attacks. China, France, and the U.S. top the list of affected countries, with VPN servers and ISP routers among the vulnerable systems. Read more at CERT/CC
DoNot Team Deploys New Tanzeem Android Malware
Cyfirma researchers have identified a new Android malware called Tanzeem, linked to the DoNot Team APT group. The malware, masquerading as a chat application, abuses OneSignal's notification platform for phishing and malware distribution. The campaign appears to target specific individuals for intelligence gathering, showcasing the evolution of mobile-based cyber espionage. Read more at Cyfirma
Washington Man Admits Running Multiple Cybercrime Schemes Worth $600K
Marco Raquan Honesty, 28, has pleaded guilty to orchestrating various fraud schemes including COVID relief fraud, smishing scams, and bank account takeovers. Operating through a Telegram channel, he trafficked stolen data and defrauded the PPP program of over $500,000. A search of his residence revealed extensive fraud equipment including credit card embossers and blank IDs. Facing up to 20 years for wire fraud, Honesty's sentencing is scheduled for May 2025. Read more at Department of Justice
Mirai Variant gayfemboy Targets Four-Faith Industrial Routers
A new Mirai botnet variant dubbed "gayfemboy" has been exploiting vulnerabilities in Four-Faith industrial routers since November 2024. The campaign follows a broader pattern of IoT device exploitation, with researchers noting increased targeting of industrial control systems. The botnet's unusual name masks its serious capabilities in launching distributed denial-of-service attacks. Read more at SecurityWeek
Japanese Corporations Hit by Large-Scale DDoS Campaign
Major Japanese corporations and banks have been targeted by an extensive DDoS attack campaign since late 2024. The attacks leverage an IoT botnet primarily composed of devices in India, South Africa, and Brazil. The campaign specifically targets telecommunications, banking, and cloud computing sectors, using malware variants derived from Mirai and BASHLITE. Read more at Trend Micro Research