Since the beginning of the year, researchers have been tracking the infection spread of TheMoon botnet, which has compromised over 40,000 routers and IoT devices across 88 different countries. In the first week of March alone, more than 6,000 outdated ASUS routers were impacted by TheMoon in the span of just 72 hours. The botnet enables the use of Faceless, an anonymous proxy that allows cybercriminals to conduct their operations without a trace.
Thousands of Microsoft Exchange servers exposed
Officials for the German Federal Office for Information Security have identified 17,000 Microsoft Exchange servers that are exposed to the Internet and have at least one known security vulnerability. Of the vulnerable servers discovered, 12% of them are running outdated versions of Exchange that have not received any security updates in at least a year. These findings revealed that 37% of all Microsoft Exchange servers in Germany are vulnerable and are being used actively across a broad range of industries.
Hundreds of fraudsters arrested in UK crackdown
In a recent law enforcement crackdown, named Operation Henhouse, UK police have arrested more than 400 individuals that have been charged with various forms of financial fraud. According to law enforcement statistics, 40% of all known crime in the UK is related to fraud and amounts to over £6.8 billion in financial losses. Along with the individual arrests, the UK police have also seized millions in cash and several high-value assets, including a new Porsche and a new BMW.
Panera suffers extended IT outages
For the last few days, Panera bread company officials have been facing an extended outage to all their internal IT systems, forcing all store locations to complete cash transactions only. All customer-facing messages indicate that it is an unexpected outage, leading many to believe that it was caused by a cyberattack, though it has not been confirmed. Along with knocking out the POS systems, the company is unable to receive any incoming calls or complete online orders.
StrelaStealer campaign affects hundreds of organizations around the world
Researchers have been monitoring a new campaign from the email credential stealing malware, StrelaStealer, which has recently targeted organizations across the US and Europe. The campaign is initiated by sending out spam emails with malicious attachments to victim organizations, which deploys a JScript file upon downloading the attachment, then begins searching for email credentials while obfuscating itself to avoid detection.
