top of page

Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)


Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)

In today’s ever-evolving digital landscape, staying informed about cybersecurity threats and best practices is crucial. This week’s newsletter brings you an in-depth look at the latest challenges in the world of cybersecurity, focusing on critical vulnerabilities, sophisticated cyberattacks, and cutting-edge technologies shaping the field.


  1. Emerging Threats and Attack Strategies


1.1 Android Malware Masquerading as Chat Apps:

A new campaign from the DONOT APT group uses malware disguised as a chat app to steal sensitive data from users in South Asia. The malware requests extensive permissions, bypassing traditional security measures.


1.2 North Korean Hackers Target LinkedIn:

The Lazarus Group, a well-known North Korean hacking collective, is exploiting LinkedIn for cyberattacks, distributing malware via fake profiles and social engineering tactics to steal cryptocurrency.


1.3  Malicious Domains Impersonating Popular Platforms:

Over 1,000 domains mimicking platforms like Reddit and WeTransfer are being used to distribute Lumma Stealer malware. These domains exploit SSL certificates to look legitimate, tricking users into downloading harmful software.


  1. Noteworthy Cyber Attacks


2.1  Ransomware Shuts Down Blacon High School:

A ransomware attack on Blacon High School in Cheshire disrupted IT systems and forced the closure of the school. This highlights the increasing frequency of ransomware attacks on educational institutions.


2.2  Fake AnyDesk Requests Exploiting Remote Access:

Scams involving fake AnyDesk requests have been reported, where attackers use social engineering tactics to gain unauthorized access to devices and steal sensitive information.


2.3  Ransomware Delivered via Microsoft Teams:

Threat actors have been using Microsoft Teams' default settings to deliver ransomware. This attack involves posing as IT support and leveraging tools like Quick Assist for lateral movement.


  1. Critical Vulnerabilities and Exploits


3.1  Microsoft Configuration Manager RCE Vulnerability (CVE-2024-43468):

A critical RCE vulnerability in Microsoft Configuration Manager could allow unauthenticated attackers to exploit SQL injection flaws, potentially leading to data breaches. Patch recommendations are urgent.


3.2  Windows 11 BitLocker Exploit ("Bitpixie"):

A vulnerability in BitLocker allows attackers to bypass Secure Boot, decrypting encrypted drives without physical tampering. Enabling pre-boot authentication and applying updates is recommended.


3.3  Windows CLFS Zero-Day Vulnerability (CVE-2024-49138):

A heap-based buffer overflow in the Windows Common Log File System driver enables privilege escalation, posing an immediate risk to systems.


3.4  Azure DevOps Vulnerabilities:

SSRF and CRLF injection flaws in Azure DevOps can lead to unauthorized access to internal services. Users should apply patches and monitor for unusual activities.


3.5  7-Zip Arbitrary Code Execution (CVE-2025-0411):

A vulnerability in 7-Zip could allow attackers to bypass security protections and execute arbitrary code. Updating to the latest version is critical.


3.6  Fortinet Firewall Zero-Day Exploit (CVE-2024-55591):

Over 50,000 Fortinet firewalls remain vulnerable to an authentication bypass flaw, risking super-admin access. Urgent patching is necessary.


3.7  Oracle January 2025 Patch Update:

Oracle has released critical patches for 318 vulnerabilities across its product suite, including high-risk flaws in Fusion Middleware and MySQL. Customers must prioritize applying these updates.


  1. Other Important News


4.1  OWASP Top 10 for 2025: Smart Contract Vulnerabilities:

OWASP has released its updated Top 10 list for blockchain vulnerabilities, including price oracle manipulation and flash loan attacks. The report emphasizes the need for robust security practices in decentralized finance (DeFi).


4.2  Microsoft Administrator Protection in Windows:

Microsoft introduces a new security feature to enforce the Principle of Least Privilege (PoLP) by treating admin accounts as standard users by default, enhancing security awareness.



0 comments

Comments


bottom of page