Friday Wrap Up: 7 February 2025
It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.
π₯ Cybersecurity News & Threats
From AI impersonation to major vulnerabilities, here are some stories that shaped cybersecurity this week.
π DeepSeek AI tools are being impersonated on PyPI by infostealer malware targeting developers. (Published on 2/3/2025, BleepingComputer). Read More
π¦ The Coyote banking trojan expands its reach, now targeting 1,030 sites and 73 financial institutions. (Published on 2/3/2025, The Hacker News). Read More
π A one-click phishing campaign is hijacking high-profile X (Twitter) accounts for crypto fraud. (Published on 2/3/2025, Dark Reading). Read More
β οΈ A new ValleyRAT malware variant is spreading via fake Chrome downloads with advanced evasion tactics. (Published on 2/4/2025, Hackread). Read More
π» North Korean hackers are deploying FERRET malware on macOS through fake job interviews. (Published on 2/4/2025, The Hacker News). Read More
π The Lazarus Group is using fake LinkedIn job offers to deploy a cross-platform JavaScript stealer targeting crypto wallets. (Published on 2/5/2025, The Hacker News). Read More
β οΈ Critical Cisco ISE vulnerability allows attackers to bypass authorization and execute commands as root. (Published on 2/6/2025, BleepingComputer). Read More
π Cybercrime & Financial Impact
While some cybercrime trends are shifting, others continue to grow.
π° Ransomware payments fell by 35% in 2024, totaling $813.55 million, the lowest in years. (Published on 2/5/2025, BleepingComputer). Read More
π΄ββ οΈ 2024 set a record for the highest number of ransomware attacks, fueled by geopolitical tensions and high payouts. (Published on 2/7/2025, Dark Reading). Read More
βοΈ Regulatory & Legal Actions
Governments and agencies are stepping up their efforts to regulate cybersecurity threats.
ποΈ A coalition of U.S. states plans to sue after Elon Muskβs DOGE app allegedly accessed Americansβ personal data. (Published on 2/7/2025, TechCrunch). Read More
π« The FCC is fining Telnyx $4.49M for allegedly enabling robocall scams posing as the FCCβs fraud prevention team. (Published on 2/5/2025, BleepingComputer). Read More
π§ Vulnerabilities & Security Flaws
Major security patches and warnings you should know about.
π AMD patches a CPU vulnerability that could have allowed attackers to load malicious microcode, compromising confidential computing protections. (Published on 2/4/2025, SecurityWeek). Read More
π₯ CISA and the FDA warn that hardcoded backdoors in patient monitors could expose sensitive medical data. (Published on 2/6/2025, Dark Reading). Read More
π DeepSeek-R1 LLM fails over half of jailbreak attacks in a security analysis, raising enterprise compliance concerns. (Published on 2/6/2025, Hackread). Read More
βοΈ Infrastructure & Outages
System failures and security misconfigurations can have wide-reaching impacts.
- β οΈ A Cloudflare outage was caused by a botched attempt to block a phishing URL, bringing down multiple services for nearly an hour. (Published on 2/7/2025, BleepingComputer). Read More
Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!
Don’t forget that you can also subscribe to the Friday Wrap Up on Substack and receive it in your inbox every Friday. Never miss an edition of the Friday Wrap Up!
Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.