FOCUS MODE
EXTRACT IOC
0Trash

GZR Observer Daily, Feb 15, 2025

iocOne
GZR Observer Daily, Feb 15, 2025
The article discusses China’s expanding influence in the Pacific region through multiple cooperation agreements with the Cook Islands. It also highlights various geopolitical issues, economic developments, and cybersecurity threats faced by different countries, emphasizing the complex international landscape. Affected: Cook Islands, China, U.S., Ukraine, Sudan, Hong Kong, Russia, organizations using SonicWall and Palo Alto Networks firewalls

Keypoints :

  • China signed multiple cooperation agreements with the Cook Islands to strengthen its economic presence in the Pacific.
  • China’s foreign minister portrayed the country as a stabilizing force amid global geopolitical shifts.
  • U.S. Vice President J.D. Vance’s speech at the Munich Security Conference signaled potential changes in U.S. foreign policy.
  • Brazil’s president hinted at possible WTO action against U.S. tariffs, showcasing trade tensions.
  • China is attempting to guide UN resolutions on Kabul, contrasting U.S. positions.
  • Ukraine seeks enhanced U.S. security guarantees amidst hesitance from the White House.
  • Coffee prices are surging due to supply chain disruptions and climate impacts.
  • The acting FEMA administrator’s court filings contradict the Biden administration regarding disaster aid management.
  • Cybersecurity threats are rising, with attackers exploiting vulnerabilities in SonicWall and Palo Alto Networks systems.
  • Kremlin-linked hackers are using deceptive tactics to compromise authentication tokens.

MITRE Techniques :

  • T1583: Obtain or generate legitimate credentials – Kremlin-linked hackers steal authentication tokens via fake Microsoft Teams invites.
  • T1190: Exploit public-facing application – Attackers exploit an authentication bypass vulnerability in SonicWall firewalls.
  • T1391: Exploit a vulnerability – High-severity bug (CVE-2024–53704) in SonicWall firewalls is actively abused.
  • T1203: Exploit vulnerability in software – Vidar infostealing malware spread through the PirateFi game on Steam.
  • T1190: Exploit public-facing application – Attackers exploit CVE-2025–0108 vulnerability in Palo Alto Networks PAN-OS firewalls.

Indicator of Compromise :

  • [CVE ID] CVE-2024–53704
  • [CVE ID] CVE-2025–0108
  • [Malware] Vidar

Full Story: https://daily.gzr.observer/gzr-observer-daily-feb-15-2025-0444af61f7b4?source=rss——cybersecurity-5

Tags: EXPLOIT, CHINA, VULNERABILITY, GOVERNMENT, FINANCIAL, CVE, RUSSIA