In today’s episode, we discuss how infostealer malware logs helped Recorded Future’s Insikt Group identify 3,324 unique accounts involved in child sexual abuse activities (https://www.bleepingcomputer.com/news/security/infostealer-malware-logs-used-to-identify-child-abuse-website-members/). We also unpack the Twilio Authy API breach, where an unauthenticated endpoint exposed millions of MFA user phone numbers, making them vulnerable to SIM swapping attacks (https://www.bleepingcomputer.com/news/security/hackers-abused-api-to-verify-millions-of-authy-mfa-phone-numbers/). Lastly, Microsoft researchers warn of critical vulnerabilities in Rockwell Automation PanelView Plus devices that could lead to remote code execution and denial of service attacks if not properly patched (https://www.cybersecuritydive.com/news/microsoft-warns-risk-rockwell-automation/720608/).
Video Episode: https://youtu.be/cEplej8E11k
Sign up for digestible cyber news delivered to your inbox: news.thedailydecrypt.com
Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/
Logo Design by https://www.zackgraber.com/
Tags:
Recorded Future, malware, infostealer, child sexual abuse material, CSAM, law enforcement, Twilio, API endpoint, Authy, MFA, SIM swapping, Microsoft, Rockwell Automation, PanelView Plus, vulnerabilities, cyber security, stolen credentials, hackers, denial-of-service, industrial operations
Search Phrases:
- Recorded Future infostealer investigation
- malware logs exposing CSAM offenders
- Twilio unsecured API vulnerability
- Authy MFA phone number breach
- SIM swapping attack prevention
- Microsoft Rockwell Automation vulnerabilities
- protecting PanelView Plus devices
- critical vulnerabilities in industrial devices
- law enforcement using stolen malware logs
- safeguarding against API endpoint breaches
Leave a Reply