Expert Insights Cybersecurity Industry News Recap: 23 – 30 January

Welcome to your cybersecurity news recap with Expert Insights.🔍

In under five minutes, we’ll cover the critical cybersecurity news from the past 7 days.

🌐 Our calendars are already starting to fill up with industry events! What will your first conference be in 2025?

📰 Headlines

• DeepSeek, the Chinese startup AI company making global headlines this week, was forced to temporarily limit signups due to ‘large-scale cyber-malicious attacks’ on Monday. US tech stocks tumbled after reports of DeepSeek’s advanced capabilities and low spending. (Axios)

• International law enforcement agencies have seized domains for several infamous hacking forums including ‘Cracked’ and ‘Nulled,’ which are ‘widely regarded’ as hubs for cybercriminal activity. (BleepingComputer)

• A GenAI tool called ‘GhostGPT’ is being offered to cybercriminals to help generate malicious code and phishing emails. (Abnormal)

• UnitedHealth confirms 190 million Americans were affected by the Change Healthcare data breach last year, making it the largest breach of medical data in US history. (TechCrunch)

🎣 Vulnerabilities, Scams, & Hacks

• Telecommunications firm TalkTalk has confirmed it has fallen victim to a data breach involving a third-party platform. The incident was revealed after a threat actor wrote on a hacking forum that they were offering the sale of information of 18.8 million TalkTalk customers. (SecurityWeek)

• Nearly 1,000 fake Reddit and WeTransfer pages are being used to spread Lumma Stealer malware, according to Sekoia.io threat research. (SCWorld)

• A Texas county serving 37,000 residents has issued a declaration of disaster after a cybersecurity breach “involving a virus that has affected several internal systems.” (TheRecord)

• A threat actor is targeting German & Polish speaking users via phishing emails carrying malicious attachments including a previously undocumented .NET backdoor that leverages the Tor network to evade detection. (HelpNetSecurity)

• Zimperium has tracked a phishing campaign impersonating the United States Postal Services, exclusively targeting mobile devices, using PDFs to hide malicious links designed to steal credentials & data. (Zimperium)

🚨 Vendor News & Announcements

• NinjaOne intends to acquire cloud-data backup provider Dropsuite for approximately $252 million USD. NinjaOne CEO Sal Sferlazza said: “Dropsuite will help our customers be more successful by extending data protection from the endpoint to SaaS applications, automating and simplifying backup, and filling critical data protection gaps.” (NinjaOne)

• Exposure Management leader Tenable has signed an agreement to acquire Vulcan Cyber for approximately $137 million USD. Vulcan Cyber’s capabilities will augment Tenable’s exposure management platform. (Tenable)

• Email security vendor Barracuda has announced new email security capabilities aimed at protecting against account takeover attacks. (CRN)

• JumpCloud has acquired Stack Identity, a next-gen identity and access management solution. The acquisition will deepen JumpCloud’s existing capabilities in the identity security space. (JumpCloud)

📟 Product Releases & Patches

• Phishing attack alerts are being added to Microsoft Teams for all customers by mid-February. (BleepingComputer)

• Microsoft is previewing a “scareware blocker” feature named Defender SmartScreen for Edge web browsers which uses machine learning to prevent tech support scams. (BleepingComputer)

• Google has announced a new ‘Identity Check’ feature for Android that locks sensitive settings behind biometric authentication when outside trusted locations. (BleepingComputer)

• Apple has released security updates to fix a zero-day vulnerability (CVE-2025-24085) tagged as actively exploited in attacks targeting iPhones. (BleepingComputer)  

🏛️ Policy, Law, & Legislation

• The EU has sanctioned three Russian nationals for allegedly carrying out “malicious cyber activities” against Estonia. (THN)

• The US department of Health and Human Services (HHS) has launched a consultation on enhancing cybersecurity measures for health data covered by HIPAA. (CSO)

• The DoJ has indicted 5 people for running a ‘laptop farm’ used in a North Korean IT worker scam that affected at least 64 companies. (TheRecord)
  
• Over 30 industry groups are calling for Congress to enact federal data privacy legislation that will override the current system of state defined data privacy legislation. (TheRecord)

🎙️ Expert Insights: Latest From Us

Don’t miss this week’s round of interviews & insights with cybersecurity experts and thought leaders.

• Flashpoint’s Ian Grey On Navigating Dark Web Monitoring 
• Trustifi’s Zack Schwartz On The Complex Email Security Landscape
• CNAPP Buyers’ Guide For 2025
• 4 Cloud backup Experts Share Their Advice For Security Leaders
• 8 Email Security Experts On Trends To Follow In 2025 

That’s all for this week! 👋

Do you have any stories to share with Expert Insights, or any feedback on the format of this newsletter? Please let us know.

Contact [email protected]

Expert Insights’ Cybersecurity Resources

• The Top RMM Solutions For MSPs
• The Top Mobile Device Management (MDM) Solutions
• The Top Email Security Solutions For Office 365
• The Top Email Security Gateways
• The Top Multi-Factor Authentication (MFA) Solutions For Business
• The Top Phishing Protection Solutions
• The Top Cyber Threat Intelligence Solutions