Cyber Briefing: 2025.01.30

👉 What’s going on in the cyber world today?

Aquabotv3 Botnet, Mitel Phones, DDoS Attacks, RDP Exploit, Windows Systems, SMS, Devil-Traff Phishing Tool, Lazarus Group, Global Developers, Operation Phantom Circuit, SparkRAT Attacks, macOS, Linux Systems, New York Blood Center Enterprises, Ransomware, Chicago Department of Public Health, Sensitive Data, Crypto Users, DogWifTools, DeepSeek Database, Syracuse Police Department, FBI, Cracked.io, Nulled.to, Cybercrime Operation Talent, Breakout Time, Cyber-Attacks,, US Congress, Federal Data Privacy Law, UK Government IT Systems, Oligo Security, Series B Funding, ADR Platform.

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please subscribe.

🚨 Cyber Alerts

1. Aquabotv3 Exploits Mitel SIP Phones for DDoS

A new variant of the Mirai-based Aquabot botnet, known as Aquabotv3, has been observed exploiting CVE-2024–41710, a command injection vulnerability in Mitel SIP phones. Discovered by Akamai’s Security Intelligence and Response Team (SIRT), this variant introduces a system that reports kill attempts back to its command-and-control (C2) server, providing its operators with enhanced monitoring. Aquabotv3 uses this vulnerability to inject commands and install a payload, giving the botnet access to a range of devices to launch DDoS attacks.

2. RDP Exploit Lets Attackers Hijack Sessions

Cybersecurity experts have identified a new exploit targeting the Remote Desktop Protocol (RDP), allowing attackers to hijack Windows systems and track browser activity. The vulnerability stems from improper handling of RDP bitmap cache files, which are used to enhance remote desktop session performance. These cached files store on-screen activity, enabling attackers to reconstruct user actions such as opened applications, terminal commands, and private browser sessions, posing significant…