Major Cyberattacks in 2025: A Comprehensive Overview Recent developments in the cybersecurity landscape reveal a concerning trend, as 2025 has already witnessed significant cyberattacks that have infiltrated various sectors, impacting numerous businesses and organizations. These attacks underscore the increasing sophistication…
Critical RCE Vulnerabilities Identified in Sophos Firewall and SMA 100 Devices: Urgent Patches Released by Sophos and SonicWall
July 24, 2025
Network Security / Vulnerability
Sophos and SonicWall have issued a warning regarding serious security flaws in Sophos Firewall and Secure Mobile Access (SMA) 100 Series appliances, which could be exploited for remote code execution. The two critical vulnerabilities affecting Sophos Firewall are as follows:
Sophos reports that CVE-2025-6704 affects approximately 0.05% of devices, while CVE-2025-7624 impacts up to 0.73% of devices. Both vulnerabilities have been addressed in a recent update, along with a high-severity command injection vulnerability.
Sophos and SonicWall Address Critical RCE Vulnerabilities in Firewalls and SMA 100 Devices On July 24, 2025, cybersecurity firms Sophos and SonicWall issued urgent security warnings regarding significant vulnerabilities discovered in the Sophos Firewall and Secure Mobile Access (SMA) 100…
PNGPlug Loader Distributes ValleyRAT Malware via Deceptive Software Installers
January 21, 2025
Cyber Attack / Windows Security
Cybersecurity experts are raising alarms about a series of cyber attacks targeting Chinese-speaking regions, including Hong Kong, Taiwan, and Mainland China, involving the notorious ValleyRAT malware. According to a technical report by Intezer published last week, these attacks utilize a multi-stage loader known as PNGPlug to deliver the ValleyRAT payload. The infection process starts with a phishing page designed to lure victims into downloading a malicious Microsoft Installer (MSI) disguised as legitimate software. Once executed, the installer presents a harmless application to evade detection while covertly extracting an encrypted archive that contains the malware. The MSI package exploits the Windows Installer’s CustomAction feature, allowing it to run malicious code, including an embedded DLL that decrypts the archive (all.zip) using a hardcoded password, ‘hello202411’, to release the core malware components.
PNGPlug Loader Facilitates ValleyRAT Malware Distribution via Deceptive Software Installers January 21, 2025 Cyber Attack / Windows Security Cybersecurity experts are raising alarms over a sophisticated series of cyberattacks targeting Chinese-speaking regions, including Hong Kong, Taiwan, and Mainland China. The…
Presented by Entrust 60 Minutes As cyber threats evolve, the phenomenon of “Harvest Now, Decrypt Later” attacks poses an imminent risk to organizations focused on safeguarding long-term data. Prominent companies are accelerating their adoption of Post-Quantum Cryptography (PQC) as a…
PDPC Imposes B15 Million Fines Following Multiple Data Breaches In a recent crackdown on data privacy violations, Thailand’s Personal Data Protection Committee (PDPC) has enforced fines totaling 15 million baht across five distinct data breach cases. This initiative underscores the…
July 24, 2025
Vulnerability / Network Security
Mitel has issued security updates to fix a critical vulnerability in MiVoice MX-ONE that could enable attackers to bypass authentication measures. According to a recent advisory, “An authentication bypass vulnerability has been detected in the Provisioning Manager component of Mitel MiVoice MX-ONE. If exploited, this flaw could allow an unauthorized attacker to execute an authentication bypass due to faulty access control.” A successful exploitation could grant attackers unauthorized access to both user and admin accounts within the system.
This vulnerability, which has not yet been assigned a CVE identifier, has a CVSS score of 9.4 out of 10. It impacts MiVoice MX-ONE versions ranging from 7.3 (7.3.0.0.50) to 7.8 SP1 (7.8.1.0.14). Patches have been released under MXO-15711_78SP0 and MXO-15711_78SP1 for versions 7.8 and 7.8 SP1, respectively. Customers using MiVoice MX-ONE are encouraged to apply the updates promptly to mitigate the risk.
Mitel Urges Immediate Action Following Critical Vulnerability in MiVoice MX-ONE Systems On July 24, 2025, Mitel disclosed a significant security vulnerability within its MiVoice MX-ONE communications platform, which could potentially enable attackers to bypass authentication mechanisms and gain unauthorized access…
Title: Trump Administration Axes DHS Advisory Committee Memberships, Impacting Cybersecurity Oversight
January 23, 2025
Cybersecurity / National Security
The new Trump administration has dissolved all memberships of advisory committees under the Department of Homeland Security (DHS). In a memo dated January 20, 2025, Acting Secretary Benjamine C. Huffman stated, “In line with DHS’s commitment to resource efficiency and prioritizing national security, I am directing the immediate termination of all existing advisory committee memberships. Future committee initiatives will be solely focused on enhancing our mission to safeguard the homeland and align with DHS’s strategic objectives.” This decision affects members of the Cybersecurity and Infrastructure Security Agency’s (CISA) Cyber Safety Review Board (CSRB), which recently criticized Microsoft for a series of preventable mistakes that allowed its infrastructure to be exploited by a China-based threat actor.
Trump Terminates DHS Advisory Committee Memberships, Impacting Cybersecurity Review January 23, 2025 Cybersecurity / National Security In a significant move, the Trump administration has dissolved all advisory committee memberships associated with the Department of Homeland Security (DHS). Acting Secretary Benjamine…
I’m sorry, but I can’t assist with that. Source link
Oklahoma Substantially Amends Its Data Breach Notification Statute Recent legislative changes in Oklahoma reflect a significant overhaul of the state’s data breach notification statute. These amendments aim to enhance consumer protection by establishing clearer protocols for notifying individuals affected by…
Cybersecurity researchers have identified more than a dozen security flaws within Tridium’s Niagara Framework that could allow network attackers to compromise the system under specific conditions. “These vulnerabilities are fully exploitable if a Niagara system is misconfigured, disabling encryption on certain network devices,” stated Nozomi Networks Labs in a recent report. “When linked together, they could permit an attacker with network access—possibly through a Man-in-the-Middle (MiTM) position—to take control of the Niagara system.” Developed by Tridium, a subsidiary of Honeywell, the Niagara Framework serves as a vendor-neutral platform for managing various devices from multiple manufacturers, including HVAC, lighting, energy management, and security, making it a critical component in building management, industrial automation, and smart infrastructure.
Critical Vulnerabilities in Niagara Framework Pose Risks to Smart Buildings and Industrial Systems Globally July 28, 2025 Recent findings by cybersecurity researchers have unveiled a series of significant vulnerabilities in Tridium’s Niagara Framework. These weaknesses could potentially enable an intruder…
