CCTV Zero-Day Exposes Critical Infrastructure to Mirai Botnet

CISA warned about the RCE zero-day vulnerability in AVTECH IP cameras in early August, and now vulnerable systems are being used to spread malware. [TechWeb]( Follow Dark Reading: [RSS]( August 29, 2024 LATEST SECURITY NEWS & COMMENTARY [CCTV Zero-Day Exposes Critical Infrastructure to Mirai Botnet]( CISA warned about the RCE zero-day vulnerability in AVTECH IP cameras in early August, and now vulnerable systems are being used to spread malware. [BlackByte Targets ESXi Bug With Ransomware to Access Virtual Assets]( The pivot is one of several changes the groups using the malware have used in recent attacks. [Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking]( Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted cloud environments into cryptomining networks. [Manufacturing Sector Under Fire From Microsoft Credential Thieves]( The emails impersonate well-known companies in the industry, fooling the victim into thinking they are communicating with a legitimate entity. [Hitachi Energy Vulnerabilities Plague SCADA Power Systems]( The company has assessed four of the five disclosed vulnerabilities as being of high to critical severity. [Why LLMs Are Just the Tip of the AI Security Iceberg]( With the right processes and tools, organizations can implement advanced AI security frameworks that make hidden risks visible, enabling security teams to track and address them before impact. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Hackers Use Rare Stealth Techniques to Down Asian Military, Gov't Orgs]( A threat actor resembling APT41 performed "AppDomainManager Injection," which is like DLL sideloading, but arguably easier and stealthier. [Aggressively Monitoring for Changes Is a Key Aspect of Cybersecurity]( Employees and management must fully support change detection and file integrity monitoring, allowing a proactive approach with definitive security controls to be implemented against threat actors. [Microsoft to Host Windows Security Summit in CrowdStrike Outage Aftermath]( The tech giant seeks to work with endpoint security partners, including CrowdStrike, on how to prevent an outage event of such gravity from happening again. [Why Every Business Should Prioritize Confidential Computing]( Confidential computing safeguards data in use, making it a crucial component of cloud security. [MORE]( PRODUCTS & RELEASES [77% of Educational Institutions Spotted a Cyberattack Within the Last 12 Months]( [Pluralsight Releases Courses to Help Cyber Pros Defend Against Volt Typhoon Hacker Group]( [Malicious Links, AI-Enabled Tools, and Attacks on SMBs Among Top Cybersecurity Threats in H1 Mimecast Global Threat Intelligence Report]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [China's Volt Typhoon Exploits Zero-Day in Versa's SD-WAN Director Servers]( So far, the threat actor has compromised at least five organizations using CVE-2024-39717; CISA has added bug to its Known Exploited Vulnerability database. LATEST FROM THE EDGE [News Desk 2024: Hacking Microsoft Copilot Is Scary Easy]( As enterprises in the world embrace Microsoft's AI assistant, researcher Michael Bargury warns its security is lacking. Check out his News Desk interview during Black Hat USA. LATEST FROM DR TECHNOLOGY [Dragos Expands Asset Visibility in Latest Platform Update]( The latest release of the Dragos Platform provide industrial and critical infrastructure organizations with complete and enriched view of their OT environment. LATEST FROM DR GLOBAL [South Korean APT Exploits 1-Click WPS Office Bug, Nabs Chinese Intel]( The most popular office software suite in China actually has two critical vulnerabilities, which allowed hackers the opportunity for remote code execution. Time to patch. WEBINARS - [Catch the Threat Before it Catches you: Proactive Ransomware Defense]( - [Developing a Cyber Risk Assessment for the C-Suite]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [A CISO's Guide to Geopolitics and CyberSecurity]( - [Purple AI Datasheet]( - [5 Essential Insights into Generative AI for Security Leaders]( - [SANS 2024 Security Awareness Report]( - [How to Use Threat Intelligence to Mitigate Third-Party Risk]( - [The Future of Audit, Risk, and Compliance: Exploring AI's Transformative Impact, Use Cases, and Risks]( - [Leveling Up Cyber-Threat Intelligence Maturity for More Value and Better Insights]( [View More White Papers >>]( FEATURED REPORTS - [Threat Hunting's Evolution:From On-Premises to the Cloud]( - [State of Enterprise Cloud Security]( - [2024 InformationWeek US IT Salary Report]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=125415&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_08.29.24&sp_cid=54877&utm_content=DR_NL_Dark%20Reading%20Daily_08.29.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#a5 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)