AnyDesk Threats Found by Ukrainian Researchers
CERT-UA warns of attackers impersonating the agency via fake AnyDesk requests for “security audits.” Remote access should only occur with prior approval through official channels to mitigate these risks.
Amid ongoing cyberattacks linked to the Russo-Ukrainian war, over 1,042 incidents were detected in 2024, including espionage and malware campaigns by groups like Gamaredon and Sticky Werewolf. Pro-Russian and pro-Ukrainian actors continue targeting each other with phishing and credential theft efforts.
Beware the Circulating iPhone 16 Amazon Breach
Scammers are impersonating Amazon customer service to target users with fake iPhone 16 order fraud, as reported by iPhone users on Reddit.
Victims are asked to check their carts, where attackers manipulate the account to show fraudulent orders. The scammers then convince users to enter a one-time code, giving them full control of the account if login credentials are already compromised.
Mercedes Benz Vulnerability Places Risk of Remote Access
Researchers from Keen Labs found Mercedes-Benz vulnerabilities that place the vehicle’s infotainment system at risk of a remote access control breach.
The Mercedes-Benz User Experience System (MBUX)’s vulnerable entry points stem from the head unit and the telematics control unit which could have hackers exploit the vehicle’s internal lighting and infotainment screen. This is a glaringly vulnerable piece to automotive security.
