Jorge Laurel
Friday Wrap Up

Friday Wrap Up: 17 January 2025

Jorge Laurel ยท ยท3 min read ยทIssue #60

It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.


๐Ÿ” Cybersecurity Threats & Vulnerabilities

The latest cybersecurity developments highlight ongoing threats and vulnerabilities across various sectors.

  • ๐Ÿšจ A Microsoft MFA outage is preventing users from accessing Microsoft 365 apps. (Published on 1/13/2025, BleepingComputer). Read More

  • ๐Ÿ›‘ Over 4,000 web backdoors were hijacked by registering expired domains, exposing compromised systems to further risks. (Published on 1/12/2025, The Hacker News). Read More

  • ๐Ÿ•ต๏ธโ€โ™‚๏ธ A fake PoC exploit for an LDAP vulnerability is spreading infostealer malware. (Published on 1/13/2025, SecurityWeek). Read More

  • ๐Ÿ”ฅ Microsoft has released a record-breaking 159 security patches, including eight zero-days. (Published on 1/14/2025, Dark Reading). Read More

  • ๐Ÿ”“ A Google OAuth flaw allows attackers to hijack credentials using domains from failed startups. (Published on 1/14/2025, The Hacker News). Read More

  • ๐Ÿฆ  Hackers leaked VPN credentials and configurations for 15,000 FortiGate devices on the dark web. (Published on 1/15/2025, BleepingComputer). Read More

  • ๐Ÿ”‘ A UEFI Secure Boot vulnerability could allow attackers to install bootkits, despite a recent patch. (Published on 1/16/2025, The Hacker News). Read More

๐Ÿ› Regulatory Actions & Privacy Concerns

Governments and advocacy groups are stepping up efforts to enforce cybersecurity and privacy regulations.

  • โš–๏ธ Texas is suing Allstate for unlawfully tracking and selling driving data from 45 million Americans. (Published on 1/14/2025, BleepingComputer). Read More

  • ๐Ÿ›ก๏ธ The FCC has ordered telecoms to improve security after last yearโ€™s Salt Typhoon cyberattacks. (Published on 1/17/2025, BleepingComputer). Read More

  • ๐Ÿข An Austrian privacy group is suing TikTok, AliExpress, and others over illicit data transfers to China. (Published on 1/16/2025, The Hacker News). Read More

  • ๐Ÿš— GM faces a potential ban on selling driver data that insurers could use to raise rates. (Published on 1/17/2025, Ars Technica). Read More

  • ๐Ÿ‡บ๐Ÿ‡ธ Industry leaders react to President Bidenโ€™s latest cybersecurity executive order. (Published on 1/17/2025, SecurityWeek). Read More

๐ŸŽญ Cybercrime & Emerging Attack Techniques

Cybercriminals continue to refine their tactics, exploiting vulnerabilities in both technology and human behavior.

  • ๐Ÿ’ณ Label giant Avery suffered a data breach, exposing customersโ€™ credit card details. (Published on 1/15/2025, BleepingComputer). Read More

  • ๐ŸŽฏ Attackers hijacked Google advertiser accounts to spread malware through malicious ads. (Published on 1/15/2025, Dark Reading). Read More

  • ๐Ÿ”ฎ The rise of MFA failures and AI-powered attacks is worsening authentication security. (Published on 1/16/2025, BleepingComputer). Read More

Insights into emerging security challenges and best practices for protecting digital infrastructure.

  • ๐Ÿ—๏ธ Open-source software remains a primary target for supply chain attacks, posing ongoing risks. (Published on 1/15/2025, SecurityWeek). Read More

  • ๐Ÿค– CISAโ€™s new AI playbook aims to improve threat intelligence sharing for AI-related cyber risks. (Published on 1/16/2025, Dark Reading). Read More


Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!

Don’t forget that you can also subscribe to the Friday Wrap Up on Substack and receive it in your inbox every Friday. Never miss an edition of the Friday Wrap Up!


Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.