{"id":36376,"date":"2020-07-31T12:34:21","date_gmt":"2020-07-31T12:34:21","guid":{"rendered":"https:\/\/blog.trendmicro.com\/?p=544405"},"modified":"2020-07-31T12:34:21","modified_gmt":"2020-07-31T12:34:21","slug":"this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/","title":{"rendered":"This Week in Security News: Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902 and Vermont Taxpayers Warned of Data Leak Over the Past Three Years"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"300\" src=\"https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/03\/Week-in-Security-News-Logo_RGB-300x300.jpg\" class=\"attachment-medium size-medium wp-post-image\" alt srcset=\"https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/03\/Week-in-Security-News-Logo_RGB-300x300.jpg 300w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/03\/Week-in-Security-News-Logo_RGB-768x768.jpg 768w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/03\/Week-in-Security-News-Logo_RGB-1024x1024.jpg 1024w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/03\/Week-in-Security-News-Logo_RGB-640x640.jpg 640w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/03\/Week-in-Security-News-Logo_RGB-900x900.jpg 900w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/03\/Week-in-Security-News-Logo_RGB-440x440.jpg 440w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/03\/Week-in-Security-News-Logo_RGB-380x380.jpg 380w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\"> <\/p>\n<p>Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about how Trend Micro found an IoT Mirai botnet downloader that can be added to new malware variants to scan for exposed Big-IP boxes for intrusion. Also, learn about how the Vermont Department of Taxes may have been exposing taxpayer data for more than three years.<\/p>\n<p>Read on:<\/p>\n<p><a href=\"https:\/\/blog.trendmicro.com\/ransomware-is-still-a-blight-on-business\/\"><strong>Ransomware is Still a Blight on Business<\/strong><\/a><\/p>\n<p><em>Ransomware has been with us for years, but only really became mainstream after the global WannaCry and NotPetya incidents of 2017. Now mainly targeting organizations in lieu of consumers, and with increasingly sophisticated tools and tactics, the cybercriminals behind these campaigns have been turning up the heat during the COVID-19 pandemic. That\u2019s why we need industry partnerships like No More Ransom.<\/em><\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/garmin-outage-caused-by-confirmed-wastedlocker-ransomware-attack\/\"><strong>Garmin Outage Caused by Confirmed WastedLocker Ransomware Attack<\/strong><\/a><\/p>\n<p><em>Wearable device maker Garmin shut down some of its connected services and call centers last week following what the company called a worldwide outage, now confirmed to be caused by a WastedLocker ransomware attack.<\/em> <em>Garmin\u2019s product line includes GPS navigation and wearable technology for the automotive, marine, aviation, marine, fitness, and outdoor markets.<\/em><\/p>\n<p><a href=\"https:\/\/datacenternews.us\/story\/trend-micro-launches-cloud-solution-for-microsoft-azure\"><strong>Trend Micro Launches Cloud Solution for Microsoft Azure<\/strong><\/a><\/p>\n<p><em>Trend Micro announced the availability of its Trend Micro Cloud One \u2013 Conformity offering to Azure customers, helping global organizations tackle misconfigurations, compliance challenges and cyber-risks in the cloud. The company also achieved the CIS Microsoft Azure Foundation Security Benchmark, certifying that the Conformity product has built-in rules to check for more than 100 best practices in the CIS framework.<\/em><\/p>\n<p><a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/ensiko-a-webshell-with-ransomware-capabilities\/\"><strong>Ensiko: A Webshell with Ransomware Capabilities<\/strong><\/a><\/p>\n<p><em>Ensiko is a PHP web shell with ransomware capabilities that targets platforms such as Linux, Windows, macOS, or any other platform that has PHP installed. The malware has the capability to remotely control the system and accept commands to perform malicious activities on the infected machine. It can also execute shell commands on an infected system and send the results back to the attacker via a PHP reverse shell.<\/em><\/p>\n<p><a href=\"https:\/\/www.scmagazine.com\/home\/security-news\/boothole-threatens-billions-of-linux-windows-devices\/\"><strong>\u2018Boothole\u2019 Threatens Billions of Linux, Windows Devices<\/strong><\/a><\/p>\n<p><em>A newly discovered serious vulnerability \u2013 dubbed \u201cBootHole\u201d \u2013 with a CVSS rating of 8.2 could unleash attacks that could gain total control of billions of Linux and Windows devices. Security firm Eclypsium researchers released details this week about how the flaw can take over nearly any device\u2019s boot process.<\/em><\/p>\n<p><a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902\/\"><strong>Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902<\/strong><\/a><\/p>\n<p><em>Following the initial disclosure of two F5 BIG-IP vulnerabilities in early July, Trend Micro continued monitoring and analyzing the vulnerabilities and other related activities to further understand their severities. Based on the workaround published for CVE-2020-5902, Trend Micro found an IoT Mirai botnet downloader that can be added to new malware variants to scan for exposed Big-IP boxes for intrusion and deliver the malicious payload.<\/em><\/p>\n<p><a href=\"https:\/\/www.zdnet.com\/article\/hackers-stole-github-and-gitlab-oauth-tokens-from-git-analytics-firm-waydev\/#ftag=RSSbaffb68\"><strong>Hackers Stole GitHub and GitLab OAuth Tokens from Git Analytics Firm Waydev<\/strong><\/a><\/p>\n<p><em>Waydev, a San Francisco-based company, runs a platform that can be used to track software engineers\u2019 work output by analyzing Git-based codebases. Earlier this month, the company disclosed a security breach, saying that hackers broke into its platform and stole GitHub and GitLab OAuth tokens from its internal database.<\/em><\/p>\n<p><a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/virtualization-and-cloud\/application-security-101\"><strong>Application Security 101<\/strong><\/a><\/p>\n<p><em>As the world currently grapples with the disruption brought about by the coronavirus pandemic, the need for digital transformation has become not only more apparent but also more urgent.&nbsp; Applications now play an integral role, with many businesses and users relying on a wide range of applications for work, education, entertainment, retail, and other uses.<\/em><\/p>\n<p><a href=\"https:\/\/threatpost.com\/vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/157856\/\"><strong>Vermont Taxpayers Warned of Data Leak Over the Past Three Years<\/strong><\/a><\/p>\n<p><em>The Vermont Department of Taxes may have been exposing taxpayer data that could be used in credential scams for more than three years due to a vulnerability in its online tax filing system. A notice posted on the department\u2019s website warned taxpayers who filed a Property Transfer Tax return through the department\u2019s online filing site between Feb. 1, 2017, and July 2, 2020, may have had their personal information leaked.<\/em><\/p>\n<p><a href=\"https:\/\/www.trendmicro.com\/us\/iot-security\/news\/6036\/Guidelines_Related_to_Security_in_Smart_Factories_Part_6_MITRE_ATT_CK\"><strong>Guidelines Related to Security in Smart Factories Part 6: MITRE ATT&amp;CK<\/strong><\/a><\/p>\n<p><em>This blog series explains examples of general-purpose guidelines for ICS and OT security and helps readers understand the concepts required for security in smart factories. Thus far, part one through part five have explained IEC62443, the NIST CSF, part of the P800 series, and CIS Controls. In part six, Trend Micro explains MITRE ATT&amp;CK, although not a guideline, it is a knowledge base in which offensive and defensive technologies in cyber-attacks are clearly organized.<\/em><\/p>\n<p><a href=\"https:\/\/www.theregister.com\/2020\/07\/30\/netgear_abandons_45_routers_vuln_patching\/\"><strong>If You Own One of These 45 Netgear Devices, Replace It: Firm Won\u2019t Patch Vulnerable Gear Despite Live Proof-of-Concept Code<\/strong><\/a><\/p>\n<p><em>Netgear has decided not to patch more than 40 home routers to plug a remote code execution vulnerability \u2013 despite security researchers having published proof-of-concept exploit code. The vulnerability was revealed publicly in June by Trend Micro\u2019s Zero Day Initiative (ZDI).<\/em><\/p>\n<p><a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cybercrime-and-digital-threats\/online-dating-websites-lure-japanese-customers-to-scams\"><strong>Online Dating Websites Lure Japanese Customers to Scams<\/strong><\/a><\/p>\n<p><em>In May, Trend Micro observed a sudden increase in traffic for online dating websites primarily targeting Japanese customers. After analyzing and tracking these numbers, we found that these dating scam campaigns attract potential victims by using different website domains that have similar screen page layouts. By the end of the transactions, the fraudsters steal money from victims without the subscribers receiving any of the advertised results.<\/em><\/p>\n<p><a href=\"https:\/\/blog.trendmicro.com\/esg-findings-xdr\/\"><strong>ESG Findings on Trend Micro Cloud-Powered XDR Drives Monumental Business Value<\/strong><\/a><\/p>\n<p><em>Trend Micro\u2019s cloud-powered XDR and Managed XDR offerings optimize threat detection and response across all critical vectors. In a recent survey commissioned by Trend Micro and conducted by ESG, organizations surveyed experience faster detection and less alert fatigue as a result of intelligently using data from all their security controls (including those covering endpoints, email, servers, cloud workloads and networks).<\/em><\/p>\n<p>How does your organization manage threat detection and response? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: <a href=\"https:\/\/twitter.com\/jonlclay\">@JonLClay.<\/a><!-- AddThis Advanced Settings above via filter on the_content --><!-- AddThis Advanced Settings below via filter on the_content --><!-- AddThis Button BEGIN --><\/p>\n<p> Read More <a href=\"https:\/\/blog.trendmicro.com\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about how Trend Micro found an IoT Mirai botnet downloader that can be added to new malware variants to scan for exposed Big-IP boxes for intrusion&#8230;.<br \/>\nThe post This Week in Security News: Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902 and Vermont Taxpayers Warned of Data Leak Over the Past Three Years appeared first on . Read More HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":36377,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[61],"tags":[311,307],"class_list":["post-36376","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-trendmicro","tag-current-news","tag-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>This Week in Security News: Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902 and Vermont Taxpayers Warned of Data Leak Over the Past Three Years 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"This Week in Security News: Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902 and Vermont Taxpayers Warned of Data Leak Over the Past Three Years 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-07-31T12:34:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"300\" \/>\n\t<meta property=\"og:image:height\" content=\"300\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"This Week in Security News: Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902 and Vermont Taxpayers Warned of Data Leak Over the Past Three Years\",\"datePublished\":\"2020-07-31T12:34:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\\\/\"},\"wordCount\":1029,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years.jpg\",\"keywords\":[\"Current News\",\"Security\"],\"articleSection\":[\"TrendMicro\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\\\/\",\"name\":\"This Week in Security News: Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902 and Vermont Taxpayers Warned of Data Leak Over the Past Three Years 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years.jpg\",\"datePublished\":\"2020-07-31T12:34:21+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years.jpg\",\"width\":300,\"height\":300},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Current News\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/current-news\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"This Week in Security News: Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902 and Vermont Taxpayers Warned of Data Leak Over the Past Three Years\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"This Week in Security News: Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902 and Vermont Taxpayers Warned of Data Leak Over the Past Three Years 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/","og_locale":"en_US","og_type":"article","og_title":"This Week in Security News: Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902 and Vermont Taxpayers Warned of Data Leak Over the Past Three Years 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-07-31T12:34:21+00:00","og_image":[{"width":300,"height":300,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"This Week in Security News: Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902 and Vermont Taxpayers Warned of Data Leak Over the Past Three Years","datePublished":"2020-07-31T12:34:21+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/"},"wordCount":1029,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years.jpg","keywords":["Current News","Security"],"articleSection":["TrendMicro"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/","url":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/","name":"This Week in Security News: Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902 and Vermont Taxpayers Warned of Data Leak Over the Past Three Years 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years.jpg","datePublished":"2020-07-31T12:34:21+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/07\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years.jpg","width":300,"height":300},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/this-week-in-security-news-mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902-and-vermont-taxpayers-warned-of-data-leak-over-the-past-three-years\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Current News","item":"https:\/\/www.threatshub.org\/blog\/tag\/current-news\/"},{"@type":"ListItem","position":3,"name":"This Week in Security News: Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902 and Vermont Taxpayers Warned of Data Leak Over the Past Three Years"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36376","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=36376"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36376\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/36377"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=36376"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=36376"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=36376"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}