Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)

1 Cybersecurity News

1.1  Healthcare Data Breach Exposes 1 Million Patients:

Community Health Center, Inc. (CHC) reported a breach affecting 1,060,936 individuals, exposing SSNs, medical diagnoses, and insurance details.

1.2  Globe Life Cyberattack: 850,000+ Records Stolen:

Hackers stole names, SSNs, and health data from a subsidiary of Globe Life. Attackers used double extortion tactics to pressure the company.

1.3  AWS S3 Bucket Hijacking Risks Global Supply Chains:

:Researchers found 150+ abandoned AWS S3 buckets from governments and Fortune 500 firms, allowing attackers to push malicious updates.

1.4  Grubhub Third-Party Breach Exposes Customer Data:

A compromised contractor account led to unauthorized access to names, emails, phone numbers, and partial card details.

1.5  Microsoft Outlook Vulnerability (CVE-2024-21413) Exploited:

Hackers bypass Protected View to steal NTLM credentials and execute remote code. CISA mandates patching by February 27.

1.6  HPE Breach by Russian APT Group (APT29):

Midnight Blizzard infiltrated HPE’s Office 365 emails, stealing SSNs, driver’s licenses, and credit card data.

2 Cyber Attacks

2.1  Hackers Exploit AWS & Azure for Large-Scale Attacks:

Threat actors hijacked 1,200+ AWS IPs, stole API keys, and exploited misconfigured S3 buckets for phishing and ransomware.

2.2  High-Profile X (Twitter) Accounts Hijacked in Crypto Scam:

Verified accounts like Nasdaq and Microsoft India were compromised to promote fraudulent crypto schemes.

2.3  3,000+ ASP.NET Keys Exposed, Leading to RCE:

Hackers used leaked ValidationKey/DecryptionKey pairs to inject malicious ViewState payloads and deploy malware.

3 Threats

3.1  Microsoft Advertisers Targeted by Malicious Google Ads:

Attackers impersonated Microsoft Ads using fraudulent Google Ads to steal credentials via fake login pages.

3.2  Chinese Hackers Deploy Linux SSH Backdoor:

The ELF/Sshdinjector.A!tr malware infects Linux servers by modifying SSH libraries, allowing credential theft.

3.3  North Korean Hackers Abuse Custom RDP Wrapper:

Kimsuky group modified termsrv.dll to enable stealthy remote access, deploying keyloggers and PowerShell payloads.

4 Vulnerabilities

4.1  Windows 11 Kernel Race Condition Flaw (CVE-2025-XXXX):

A critical privilege escalation bug allows attackers to execute arbitrary code or crash systems.

4.2  BeyondTrust SaaS Platform Breach:

China-linked hackers exploited zero-day vulnerabilities to steal AWS API keys and access U.S. Treasury data.

With new vulnerabilities emerging daily, businesses must prioritize cybersecurity hygiene. Partnering with a cybersecurity company in Australia ensures timely patch management, vulnerability assessments, and compliance with security best practices.