Friday Wrap Up: 24 January 2024

It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.
π¨ Cybersecurity Breaches & Attacks
π οΈ HPE investigates breach as a hacker claims to have stolen sensitive documents from its developer environments. (Published on 1/20/2025, BleepingComputer). Read More
π PowerSchool data breach exposes studentsβ and educatorsβ personal information in a December 2024 cyberattack. (Published on 1/21/2025, SecurityWeek). Read More
π¨ Conduent confirms cybersecurity incident that caused a recent outage, impacting government and business services. (Published on 1/22/2025, BleepingComputer). Read More
π Hacker infects 18,000 “script kiddies” with a fake malware builder, secretly taking control of their systems. (Published on 1/24/2025, BleepingComputer). Read More
π₯ Critical Vulnerabilities
β οΈ Unsecured tunneling protocols expose 4.2 million internet hosts, including VPNs and routers, to potential hijacking. (Published on 1/20/2025, The Hacker News). Read More
π₯ New backdoor “J-Magic” discovered, specifically targeting Juniper routers to execute remote commands. (Published on 1/23/2025, CyberScoop). Read More
π Palo Alto firewalls found vulnerable to Secure Boot bypass and firmware exploits, raising security concerns. (Published on 1/23/2025, The Hacker News). Read More
π¨ SonicWall warns of SMA1000 RCE flaw actively exploited as a zero-day in real-world attacks. (Published on 1/23/2025, BleepingComputer). Read More
π Subaru Starlink vulnerability exposed vehicles to potential remote hacking across multiple regions. (Published on 1/24/2025, SecurityWeek). Read More
π― Emerging Threats & Trends
π Phishing attacks remain the top smartphone threat, as most devices fail to detect malicious messages. (Published on 1/20/2025, Dark Reading). Read More
π€ Non-human identity (NHI) attacks are rising, showing momentum from late 2024 into 2025. (Published on 1/22/2025, Dark Reading). Read More
π New Mirai variant “Murdoc_Botnet” leverages IoT exploits to launch large-scale DDoS attacks. (Published on 1/21/2025, Hackread). Read More
ποΈ Industry & Policy Changes
π’ Enterprises still struggle with legacy systems, increasing cybersecurity risks and operational complexity. (Published on 1/21/2025, InformationWeek). Read More
βοΈ CISOs must navigate regulatory chaos while maintaining security amid ever-evolving threats. (Published on 1/21/2025, Dark Reading). Read More
π Trump administration fires cybersecurity review board members, drawing criticism over the decision. (Published on 1/22/2025, TechCrunch). Read More
Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!