Focus Mode
Info Data Leak

Cybersecurity News Review Week 2

admin
Cybersecurity News Review Week 2
This article discusses recent significant developments in cybersecurity, including vulnerabilities in Ivanti products, phishing scams, data exposure issues, and new government initiatives aimed at improving cyber resilience. Affected: Ivanti Connect Secure, CrowdStrike, Motorola ALPR, Gmail, WordPress, CISA, UK Government

Keypoints :

  • Ivanti disclosed two high-severity vulnerabilities (CVE-2025–0282, CVE-2025–0283) affecting its products.
  • A phishing campaign impersonating CrowdStrike was found delivering malware through fake recruitment emails.
  • Malicious actors are distributing information-stealing malware disguised as a proof-of-concept exploit for LDAPNightmare.
  • Researchers warn of a campaign targeting Solana crypto wallets using Gmail to steal private keys.
  • A new WordPress plugin called PhishWP is being used for sophisticated phishing attacks.
  • Over 3.3 million email servers lack TLS encryption, exposing them to potential attacks.
  • Misconfigured Motorola ALPR systems are leaking live video feeds and vehicle data.
  • A campaign offering fake video games is spreading information-stealing Trojans via Discord and emails.
  • Cybercriminals are using neglected domains to evade email security protections.
  • The UK government launched a £1.9m initiative to enhance cybersecurity resilience.
  • CISA added three new actively exploited vulnerabilities to its Known Exploited Vulnerabilities Catalog.
  • The White House launched the U.S. Cyber Trust Mark to help consumers identify secure devices.
  • CISA director urges corporate boards to take ownership of cybersecurity risks.

MITRE Techniques :

  • TA0001: Initial Access – Phishing emails used to deliver malware.
  • TA0002: Execution – Execution of malicious payloads disguised as legitimate applications.
  • TA0003: Persistence – Establishing persistence through scheduled tasks and additional payload downloads.
  • TA0005: Credential Access – Information-stealing malware targeting credentials and sensitive data.
  • TA0007: Discovery – Exfiltration of sensitive system information, including network configurations.
  • TA0008: Exfiltration – Use of FTP to transmit stolen data.

Full Research: https://medium.com/ml4den/cybersecurity-news-review-week-2-664354cdc416?source=rss——cybersecurity-5

Tags: INITIAL ACCESS, GOVERNMENT, PAYLOAD, PERSISTENCE, PHISHING, EMAIL, IMPACT, WINDOWS