News: Canada Orders TikTok to Shut Down Canadian Operations Over Security Concerns
| The Canadian government on Wednesday ordered ByteDance-owned TikTok to dissolve its operations in the country, citing national security risks, but stopped short of instituting a ban on the popular video-sharing platform. |  |
News: 5 Ways Behavioral Analytics is Revolutionizing Incident Response
 |
Behavioral analytics, long associated with threat detection (i.e. UEBA or UBA), is experiencing a renaissance. Once primarily used to identify suspicious activity, it’s now being reimagined as a powerful post-detection technology that enhances incident response processes. |
Breach: HIBP notifies 57 million people of Hot Topic data breach
| Have I Been Pwned warns that an alleged data breach exposed the personal information of 56,904,909 accounts for Hot Topic, Box Lunch, and Torrid customers. |  |
Cyber Savvy AI Antics |
 |
|
New Year’s Cybersecurity Resolutions This year I vow, with firm intent, First, I’ll train my team with care, I’ll audit policies, review the past, Vendors and partners, I’ll vet them tight, With board support and budget aligned, A resolution made, not just for show, |
News: Comprehensive Guide to Building a Strong Browser Security Program
| The rise of SaaS and cloud-based work environments has fundamentally altered the cyber risk landscape. With more than 90% of organizational network traffic flowing through browsers and web applications, companies are facing new and serious cybersecurity threats. These include phishing attacks, data leakage, and malicious extensions. As a result, the browser also becomes a vulnerability that needs to be protected. |  |
Phishing: New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns
 |
Cybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users. |
Privacy: Privacy Tennessee Information Protection Act
| The Tennessee Information Protection Act (TIPA), effective July 1, 2025, is a state-level data privacy law that regulates how companies manage and protect consumers’ personal data within Tennessee. |  |
News: Zoom addressed two high-severity issues in its platform
 |
Zoom addressed six flaws, including two high-severity issues that could allow remote attackers to escalate privileges or leak sensitive information. |
| Elon Musk’s Grok AI has called him out for spreading misinformation. |  |
AI: Fake AI video generators infect Windows, macOS with infostealers
 |
Fake AI image and video generators infect Windows and macOS with the Lumma Stealer and AMOS information-stealing malware, used to steal credentials and cryptocurrency wallets from infected devices. |
Breach: T-Mobile confirms it was hacked in recent wave of telecom breaches
| T-Mobile confirms it was hacked in the wave of recently reported telecom breaches conducted by Chinese threat actors to gain access to private communications, call records, and law enforcement information requests. |  |
Cybercrime: Fraud network uses 4,700 fake shopping sites to steal credit cards
 |
A financially motivated Chinese threat actor dubbed “SilkSpecter” is using thousands of fake online stores to steal the payment card details of online shoppers in the U.S. and Europe. |
News: Gmail’s New Shielded Email Feature Lets Users Create Aliases for Email Privacy
| Google appears to be readying a new feature called Shielded Email that allows users to create email aliases when signing up for online services and better combat spam. |  |
Phishing: Phishing emails increasingly use SVG attachments to evade detection
 |
Threat actors increasingly use Scalable Vector Graphics (SVG) attachments to display phishing forms or deploy malware while evading detection. |
News: Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority
| Privileged accounts are well-known gateways for potential security threats. However, many organizations focus solely on managing privileged access—rather than securing the accounts and users entrusted with it. This emphasis is perhaps due to the persistent challenges of Privileged Access Management (PAM) deployments. Yet, as the threat landscape evolves, so must organizational priorities. To prevent trust from becoming a liability, the next step in securing privileged access must become a critical focus. |  |
News: Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity
 |
Microsoft has announced a new Windows Resiliency Initiative as a way to improve security and reliability, as well as ensure that system integrity is not compromised. |
Vulnerability Vortex
The ASA flaw CVE-2014-2120 is being actively exploited in the wild
| Cisco warns customers that a decade-old ASA vulnerability, tracked as CVE-2014-2120, is being actively exploited in the wild. |  |
New Windows zero-day exposes NTLM credentials, gets unofficial patch
 |
A new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. |
Microsoft December 2024 Patch Tuesday addressed actively exploited zero-day
| Microsoft December 2024 Patch Tuesday security updates addressed 71 vulnerabilities including an actively exploited zero-day. |  |
Hunk Companion WordPress plugin exploited to install vulnerable plugins
 |
Hackers are exploiting a critical vulnerability in the “Hunk Companion” plugin to install and activate other plugins with exploitable flaws directly from the WordPress.org repository. |
Over 25,000 SonicWall VPN Firewalls exposed to critical flaws
| Over 25,000 publicly accessible SonicWall SSLVPN devices are vulnerable to critical severity flaws, with 20,000 using a SonicOS/OSX firmware version that the vendor no longer supports. |  |
Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools
 |
A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect. |
Sophos discloses critical Firewall remote code execution flaw
| Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged SSH access to devices. |  |
CVE-2024-12828 (CVSS 9.9): Webmin Vulnerability Leaves a Million Servers Exposed to RCE
 |
The popular web-based system administration tool, Webmin, has been found to harbor a critical security vulnerability (CVE-2024-12828) that could allow attackers to seize control of servers. With an estimated one million installations worldwide, the impact of this vulnerability could be widespread. |
Dozens of Chrome Extensions Hacked, Exposing Millions of Users to Data Theft
| A new attack campaign has targeted known Chrome browser extensions, leading to at least 35 extensions being compromised and exposing over 2.6 million users to data exposure and credential theft. |  |
Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API
 |
Details have emerged about three now-patched security vulnerabilities in Dynamics 365 and Power Apps Web API that could result in data exposure. |
Read also
Welcome to v062 : Roses are red, violets are blue, cyber-hackers are waiting for you
About Us
Developing cybersecurity plans, evaluating and implementing technology, building effective software, and executing strategic initiatives.