📰 Headlines
- The FBI and the DoJ have removed China-linked PlugX malware from more than 4,200 US computers. (The Record)
- Microsoft’s Digital Crimes Unit (DCU) has announced it is taking legal action to disrupt cybercriminals targeting it’s AI services. (Microsoft)
- A malware campaign has compromised over 5,000 WordPress sites, adding rogue admins, installing malicious plugins and stealing data. (Bleeping Computer)
- Researchers have uncovered a new malvertising campaign targeting Google Ads advertisers by attempting to phish credentials via fraudulent Google Ads. (THN)
🎣 Vulnerabilities, Bugs, & Hacks
- CISA has warned agencies to patch a BeyondTrust command injection vulnerability (CVE-2024-12686) being actively exploited in attacks. (BleepingComputer)
- Apple has recently patched a macOS vulnerability that allowed hackers to install malicious kernel drivers. (BleepingComputer)
- Arctic Wolf researchers have observed a recent campaign targeting publicly exposed management interfaces on Fortinet FortiGate Firewalls. (ArcticWolf)
- A weakness in Google’s OAuth login feature could enable attacks that register ‘abandoned’ domains access to former employee accounts linked to SaaS platforms. (BleepingCompter)
- Cybercriminals are adopting new social-engineering methods to circumvent iMessage’s built-in phishing link protection feature. (BleepingComputer)
🏛️ Policy & Legislation
- President Biden has issued a new executive order governing AI use for cyber defense and aiming to tighten cyber regulations for federal agencies. (Politico)
- CISA has reported a ‘surge’ in enrolment to its Cyber Hygiene service from critical infrastructure organizations over the last two years. (Cyberscoop)
- The UK Government is considering implementing new legislation for a ban on ransomware payments by the public sector and by operators of critical national infrastructure. (SecurityWeek)
- The European General Court has fined the European Commission (the executive arm of the EU) for violating EU data privacy laws. (THN)
🚨 Vendor News & Announcements
- Darktrace will acquire cloud threat hunting platform Cado Security. Darktrace was acquired by Thoma Bravo for $5.3 billion in October. (CRN)
- Security awareness provider Hook Security has acquired Haekka, a Slack-based security training platform. (Hook Security)
📟 Product Releases & Patches
- Microsoft’s January ‘Patch Tuesday’ included security updates for 159 flaws, including 8 zero-day vulnerabilities. (BleepingComputer)
- Ivanti recently released patches for its Connect Secure VPN appliances to fix a zero-day threat allowing remote attacks to execute arbitrary code. (SecurityWeek)
- Adobe has rolled out patches for multiple vulnerabilities affecting Photoshop, Substance 3D Stager, Illustrator for iPad, Adobe Animate, and the Adobe Substance 3D Designer. (SecurityWeek)
🎙️ Expert Insights: Interviews
Don’t miss this week’s round of interviews & roundups with cybersecurity experts and thought leaders.
- 4 Cloud Backup Experts Share Their Predictions For 2025
- We Asked 3 RMM Experts What Security Leaders Should Prioritize In 2025
- 8 Email Security Experts Share Their Advice For 2025
- 7 Identity and Access Management Experts On Trends in 2025
- Connectwise’s EVP Jeff Bishop On Tackling RMM Challenges
That’s all for this week! 👋
If you have any feedback or stories to share, get in touch with [email protected].
Expert Insights’ Cybersecurity Resources
- The Top RMM Solutions For MSPs
- The Top Mobile Device Management (MDM) Solutions
- The Top Email Security Solutions For Office 365
- The Top Email Security Gateways
- The Top Multi-Factor Authentication (MFA) Solutions For Business
- The Top Phishing Protection Solutions
- The Top Cyber Threat Intelligence Solutions
