FlagThis

The FBI has issued a warning regarding a new HiatusRAT malware campaign which is targeting web cameras and DVRs, particularly those made by Chinese manufacturers. The attackers are exploiting vulnerabilities like weak default passwords, and are using tools like Ingram and Medusa to gain unauthorized access. Once compromised the devices are used as proxies and converted into covert communication channels. This campaign is targeting IoT devices in the US, Australia, Canada, New Zealand, and the UK. System administrators are urged to limit the use of the affected devices or isolate them from the rest of the network to prevent further exploitation.

Oasis Security researchers discovered a critical vulnerability in Microsoft’s Azure Multi-Factor Authentication (MFA) that allows attackers to bypass it, gaining unauthorized access to user accounts across various Microsoft services. This bypass affects Outlook emails, OneDrive files, Teams chats, and Azure Cloud resources. This vulnerability does not have a CVE ID, highlighting the need for immediate patching. The attack exploits a flaw in the authentication process, allowing for complete account takeover without needing valid MFA credentials.

A massive distributed denial-of-service (DDoS) attack campaign, launched by the threat actor known as Matrix, compromised over 35 million internet-connected devices globally. The majority of affected devices were located in China and Japan. This attack highlights the vulnerability of IoT devices and the potential for large-scale disruptions.