『CloudCast Cybersecurity Headlines for February 12th, 2025』のカバーアート

CloudCast Cybersecurity Headlines for February 12th, 2025

CloudCast Cybersecurity Headlines for February 12th, 2025

無料で聴く

ポッドキャストの詳細を見る

このコンテンツについて

 From the CloudCast Studios, I’m Scott Schlee, and these are your cybersecurity headlines for the week of Wednesday, February 12th, 2025. Headlines this week: Critical Remote Code Execution Vulnerability in Microsoft OutlookRansomware Payments Decline by 35% in 2024GrubHub Discloses Data Breach Affecting Users and PartnersSpyware Firm Cuts Ties with Italy Amid Targeting AllegationsMicrosoft Warns of Attacks Exploiting ASP.NET Machine KeysLazarus Group Targets Professionals with Job-Themed MalwareSparkCat Malware Campaign Targets Cryptocurrency WalletsSilent Lynx Group Targets Central Asian OrganizationsEngineer IMI Suffers Cyberattack Following Similar Incident at Smiths GroupTaiwan Bans DeepSeek AI Over National Security Concerns Thank you again for listening to Skyhigh Cloudcast. If you’ve enjoyed this episode, be sure to subscribe on your favorite platform so you never miss an update. If you like the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit skyhighsecurity.com. Sources: Taiwan Bans DeepSeek AI Over National Security Concerns: diesec.comCritical Remote Code Execution Vulnerability in Microsoft Outlook: diesec.comRansomware Payments Decline by 35% in 2024: diesec.comGrubHub Discloses Data Breach Affecting Users and Partners: diesec.comSpyware Firm Cuts Ties with Italy Amid Targeting Allegations: diesec.comMicrosoft Warns of Attacks Exploiting ASP.NET Machine Keys: thehackernews.comLazarus Group Targets Professionals with Job-Themed Malware: thehackernews.comSparkCat Malware Campaign Targets Cryptocurrency Wallets: thehackernews.comSilent Lynx Group Targets Central Asian Organizations: thehackernews.comEngineer IMI Suffers Cyberattack Following Similar Incident at Smiths Group: cybersecurity-review.com ———– CloudCast is hosted by Skyhigh Security’s very own Digital Experience Manager, Scott Schlee. Scott’s engaging demeanor and wit, backed by over 20 years in digital media production and web development, has led to successful collaborations with top-tier brands. His experience includes hosting and producing a wide range of podcasts and videos. Scott has been recognized for his outstanding work, including an award-winning digital short and a Webby Awards nomination for Viral Marketing (Branded). Beyond his professional achievements, Scott’s personal journey as a decade-long pancreatic cancer survivor has led him to share his story with the U.S. Congress and other organizations as an advocate for increased cancer research funding. Transcript From the CloudCast Studios, I’m Scott Schlee, and these are your cybersecurity headlines for the week of Wednesday, February 12th, 2025. A Critical Remote Code Execution Vulnerability Has Been Discovered in Microsoft Outlook: The Cybersecurity and Infrastructure Security Agency issued an urgent alert about an actively exploited vulnerability in Microsoft Outlook. Attackers can execute remote code by bypassing Outlook’s protections using a simple URL trick, endangering sensitive data. Federal agencies and private organizations are urged to apply patches promptly to mitigate this threat. GrubHub Has Disclosed A Data Breach Affecting Users and Partners: Food delivery service GrubHub reported a data breach resulting from a compromised third-party service provider account. Exposed information includes names, emails, phone numbers, and partial payment details of some campus diners. GrubHub has terminated the unauthorized access, enhanced security measures, and advises users to maintain strong, unique passwords. Paragon Solutions Cuts Ties with Italy Amid Targeting Allegations: Israeli spyware company Paragon Solutions has severed relationships with its Italian clients following allegations that its software was used to target government critics. A recent spyware campaign affected 90 users across 24 countries, including journalists and activists, prompting an investigation by Italian authorities into the misuse of surveillance tools. Microsoft Warns of Attacks Exploiting ASP.NET Machine Keys: Microsoft identified over 3,000 publicly disclosed ASP.NET machine keys that attackers are exploiting to inject and execute malicious code using the Godzilla post-exploitation framework. This technique, known as ViewState code injection, poses significant risks to web applications. Organizations are advised to review and secure their ASP.NET configurations to prevent such attacks. Lazarus Group Is Targeting Professionals with Job-Themed Malware: The North Korean-linked Lazarus Group has launched a campaign using fake LinkedIn job offers in the cryptocurrency and travel sectors to distribute malware. The malicious code is capable of infecting Windows, macOS, and Linux systems, highlighting the group’s evolving tactics and the need for vigilance among professionals receiving unsolicited job communications. SparkCat Malware Campaign Is Targeting Cryptocurrency ...
まだレビューはありません