Expert Insights Cybersecurity Industry News Recap: 1 – 9 January 2025

Joel Witts Laura Iannini
Joel Witts, Laura Iannini Last updated on Jun 6, 2025

Happy New Year! Welcome to the first weekly Expert Insights news roundup of 2025.

In two minutes or less we’ll take you through the biggest industry news, M&As, releases and hacks driving the news.

🏃 This bumper edition will cover all the news so far this year to get you-up-to-speed.

📰 Headlines

  • Chinese state-backed hackers reportedly hacked the US Treasury Office of Foreign Assets Control (OFAC) after breaching the BeyondTrust remote support SaaS platform. (BleepingComputer)

  • Japan’s largest mobile carrier is working to restore services after a cyber-attack disrupted some of its usual operations. (TheRecord)

  • Apple has agreed to pay $95 million USD to settle a class-action lawsuit asserting that it violated users’ privacy by allowing Siri to record conversations and share them with third-parties. (TheRecord)

  • The ‘Brain Chipher’ ransomware gang has begun to leak documents stolen in an attack on Rhode Island’s social services platform which delivers healthcare, food assistance, and childcare services. (BleepingComputer)

  • Hackers stole $494 million worth of cryptocurrency in wallet drainer attacks last year, according to the ‘Scam Sniffer’ platform. (BleepingComputer)

  • Cybersecurity funding reached a massive $9.5 billion USD in 2024, with Wiz securing the largest investment at $1 billion USD. (SecurityWeek)

🎣 Vulnerabilities, Bugs, & Hacks

  • An attacker exploiting Microsoft 365’s Sender Rewriting Scheme (SRS) was able to send PayPal money requests while still passing all the normal technical checks for email, according to Fortinet researchers. (Infosecurity Magazine)

  • The US Cybersecurity and Infrastructure Security Agency (CISA) added three new flaws to its Exploited Vulnerabilities Catalog (KEV), two found in Mitel’s MiCollab unified communications platform, one found in Oracle WebLogic Server. (CISA)

  • Cybercriminals are impersonating the US Social Security Administration in an attempt to install Remote Access Trojan malware on people’s devices, according to Cofense researchers. (TechRadar)

  • Threat hunters have found a new vulnerability using a double-click sequence to bypasses protections and enable Clickjacking attacks and account takeovers on almost all major websites. (TheHackerNews)

  • Over three million POP3 and IMAP mail servers without TSL encryption are vulnerable to network sniffing attacks, according to security threat monitoring platform Shadowserver. (BleepingComputer)

  • Cybersecurity researchers have revealed dozens of attacks that involve malicious updates for Google Chrome web browser extensions. (The Record)

🚨 Vendor News & Announcements

  • 1Password, the popular password management provider, will acquire Trelica, a SaaS access management provider that helps to prevent SaaS sprawl and detect shadow IT. (1Password)

  • Microsoft has announced that starting October 14, 2025 Windows 10 will no longer receive support updates or free software updates. (Microsoft)

  • Cisco will acquire SnapAttack, a threat detection and engineering platform headquartered in Virginia. (MSSPAlert)

  • Cymulate, the threat exposure validation company, has acquired CYNC Secure, an Israeli-startup focused on improving exposure management platforms. (MSSP Alert)

📟 Product Releases & Patches

  • Google has patched a high severity vulnerability type confusion issue in the V8 JavaScript engine allowing attackers to execute arbitrary code remotely. (Cybersecurity News)

  • Soniwall have released advisories regarding several vulnerabilities in SoncWall’s SonicOS software, which could enable attacks to bypass authentication mechanisms. (Cybersecurity News)

  • Google has announced the first set of Android security updates for 2025, including patches for 36 vulnerabilities. (SecurityWeek)

  • Palo Alto Networks has released patches for multiple vulnerabilities in their Expedition migration tool, which was retired on December 31, 2024. (SecurityWeek)

🏛️ Government Policy & Legislation

  • Iranian and Russian entities have been sanctioned by the US government for orchestrating cyber operations to interfere in the November 2024 presidential election. (The Hacker News)

  • The US Department of Health is proposing an update to the HIPAA Security Rule that would require health care entities to improve their security posture, by aligning with best practices for MFA, network segmentation, and vulnerability scanning. (InformationWeek)

  • The Indian government is proposing new digital data rules with ‘tough’ penalties and new cybersecurity requirements. (The Hacker News)

  • The US Government has announced a new cybersecurity safety label for internet-connected consumer devices sold in the United States. (BleepingComputer)

🎙️ Expert Insights: Interviews

Don’t miss this week’s round of interviews with cybersecurity experts and thought leaders.

That’s all for this week! 👋

If you have any feedback or stories to share, get in touch with [email protected].

Expert Insights’ Cybersecurity Resources