Mastercard's 4-Year DNS Nightmare, DHS Axes Cyber Board & New Botnet Wreaks Havoc

Forecast: Murdoc botnet storms hit IoT devices, Mastercard's DNS flaw clouds visibility, and DHS shutdowns leave security in the dark. ‍ In this episode of Storm⚡️Watch, we explore a major DNS misconfiguration at Mastercard that went undetected for over four years. Security researcher Philippe Caturegli uncovered a simple but critical typo in Mastercard's DNS nameserver records where "akam.net" was written as "akam.ne". This error affected one in five DNS requests to Mastercard's infrastructure and could have allowed attackers to intercept emails, capture Windows authentication credentials, and distribute malware through trusted domains. The cybersecurity community was rocked by news that several crucial Department of Homeland Security advisory committees have been terminated. The Cyber Safety Review Board, which was actively investigating the Salt Typhoon hacks targeting U.S. telecommunications companies, was among the disbanded groups. This move has interrupted ongoing investigations into communications targeting high-profile political figures and raised concerns about gaps in information sharing and policy recommendations. A sophisticated new variant of the Mirai malware called the Murdoc Botnet has emerged, targeting IoT devices worldwide. With over 1,300 compromised devices and more than 100 command-and-control servers, this botnet specifically exploits vulnerabilities in AVTECH IP cameras and Huawei HG532 routers. Between December 2024 and January 2025, the botnet has launched significant DDoS campaigns against Japanese corporations, banks, and organizations across multiple sectors in various countries. The 2022 HIPAA Breach Report reveals concerning trends in healthcare security. There were 626 incidents affecting over 41 million people, with hacking and IT incidents accounting for 74% of all large breaches. Surprisingly, paper records remain a significant vulnerability, especially in smaller breaches. The report highlights persistent issues with weak authentication practices, insufficient audit controls, and incomplete risk analyses, resulting in major settlements totaling over $2.4 million. Join us for an in-depth discussion of these critical cybersecurity developments and their implications for the industry. Don't forget to check out the upcoming GreyNoise University Live event for more insights into threat intelligence and network security. Storm Watch Homepage >> Learn more about GreyNoise >>