Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 17 January 2024

Jorge Laurel ยท ยท3 min read ยทIssue #1


It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.


๐Ÿ” Cybersecurity Threats & Vulnerabilities

The latest cybersecurity developments highlight ongoing threats and vulnerabilities across various sectors.

  • ๐Ÿšจ A Microsoft MFA outage is preventing users from accessing Microsoft 365 apps. (Published on 1/13/2025, BleepingComputer). Read More

  • ๐Ÿ›‘ Over 4,000 web backdoors were hijacked by registering expired domains, exposing compromised systems to further risks. (Published on 1/12/2025, The Hacker News). Read More

  • ๐Ÿ•ต๏ธโ€โ™‚๏ธ A fake PoC exploit for an LDAP vulnerability is spreading infostealer malware. (Published on 1/13/2025, SecurityWeek). Read More

  • ๐Ÿ”ฅ Microsoft has released a record-breaking 159 security patches, including eight zero-days. (Published on 1/14/2025, Dark Reading). Read More

  • ๐Ÿ”“ A Google OAuth flaw allows attackers to hijack credentials using domains from failed startups. (Published on 1/14/2025, The Hacker News). Read More

  • ๐Ÿฆ  Hackers leaked VPN credentials and configurations for 15,000 FortiGate devices on the dark web. (Published on 1/15/2025, BleepingComputer). Read More

  • ๐Ÿ”‘ A UEFI Secure Boot vulnerability could allow attackers to install bootkits, despite a recent patch. (Published on 1/16/2025, The Hacker News). Read More


๐Ÿ› Regulatory Actions & Privacy Concerns

Governments and advocacy groups are stepping up efforts to enforce cybersecurity and privacy regulations.

  • โš–๏ธ Texas is suing Allstate for unlawfully tracking and selling driving data from 45 million Americans. (Published on 1/14/2025, BleepingComputer). Read More

  • ๐Ÿ›ก๏ธ The FCC has ordered telecoms to improve security after last yearโ€™s Salt Typhoon cyberattacks. (Published on 1/17/2025, BleepingComputer). Read More

  • ๐Ÿข An Austrian privacy group is suing TikTok, AliExpress, and others over illicit data transfers to China. (Published on 1/16/2025, The Hacker News). Read More

  • ๐Ÿš— GM faces a potential ban on selling driver data that insurers could use to raise rates. (Published on 1/17/2025, Ars Technica). Read More

  • ๐Ÿ‡บ๐Ÿ‡ธ Industry leaders react to President Bidenโ€™s latest cybersecurity executive order. (Published on 1/17/2025, SecurityWeek). Read More


๐ŸŽญ Cybercrime & Emerging Attack Techniques

Cybercriminals continue to refine their tactics, exploiting vulnerabilities in both technology and human behavior.

  • ๐Ÿ’ณ Label giant Avery suffered a data breach, exposing customersโ€™ credit card details. (Published on 1/15/2025, BleepingComputer). Read More

  • ๐ŸŽฏ Attackers hijacked Google advertiser accounts to spread malware through malicious ads. (Published on 1/15/2025, Dark Reading). Read More

  • ๐Ÿ”ฎ The rise of MFA failures and AI-powered attacks is worsening authentication security. (Published on 1/16/2025, BleepingComputer). Read More


Insights into emerging security challenges and best practices for protecting digital infrastructure.

  • ๐Ÿ—๏ธ Open-source software remains a primary target for supply chain attacks, posing ongoing risks. (Published on 1/15/2025, SecurityWeek). Read More

  • ๐Ÿค– CISAโ€™s new AI playbook aims to improve threat intelligence sharing for AI-related cyber risks. (Published on 1/16/2025, Dark Reading). Read More


Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!