Cyber Briefing: 2025.01.22

👉 What’s trending in cybersecurity today?

Ransomware, Microsoft Teams Calls, Email Bombing, Malware, Murdoc Botnet, IoT Device Flaws, DDoS Attacks, Homebrew Site, Google Ads, AmosStealer, Visual Studio Code, Zoom, Chrome Cookies, Zendesk, Subdomain Vulnerability, Phishing, Investment Scams, Lynx Ransomware, Australian Auto Parts, Clutch Industries, Rostelecom, Silent Crow, Data Leak, Rhineland-Palatinate Schools, Japan, Sanrio Puroland, Columbia Hospitality, Data Security Incident, TSA Leader, Pekoske, Cyber Threats, Digital Wallet App, Driver’s Licenses, GDPR Fines, Passwords, Specops, Mitiga, Cloud Security.

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please subscribe.

🚨 Cyber Alerts

1. Hackers Use Teams Calls to Deploy Ransomware

Ransomware gangs are increasingly using email bombing and fake IT support calls on Microsoft Teams to gain access to corporate networks. These attacks involve flooding targets with spam emails, followed by Teams calls from adversary-controlled accounts, tricking victims into granting remote access. Researchers at Sophos observed such campaigns linked to groups using tools and techniques often associated with the FIN7 cybercriminal group, highlighting the growing sophistication of these threats.

2. Murdoc Botnet Targets IoT Devices for DDoS

A Mirai botnet variant named Murdoc Botnet exploits vulnerabilities in AVTECH IP cameras and Huawei routers to hijack devices for large-scale distributed denial-of-service (DDoS) attacks. Active since July 2024, this campaign has infected over 1,370 systems across Malaysia, Mexico, Thailand, and other regions. Researchers attribute the attacks to known flaws like CVE-2017–17215 and CVE-2024–7029, using shell scripts to deploy malware tailored to specific CPU architectures.