Expert Insights Cybersecurity Industry News Recap: 9 – 16 January 2025

📰 Headlines

• The FBI and the DoJ have removed China-linked PlugX malware from more than 4,200 US computers. (The Record)
• Microsoft’s Digital Crimes Unit (DCU) has announced it is taking legal action to disrupt cybercriminals targeting it’s AI services. (Microsoft)
• A malware campaign has compromised over 5,000 WordPress sites, adding rogue admins, installing malicious plugins and stealing data. (Bleeping Computer)
• Researchers have uncovered a new malvertising campaign targeting Google Ads advertisers by attempting to phish credentials via fraudulent Google Ads. (THN)

🎣 Vulnerabilities, Bugs, & Hacks

• CISA has warned agencies to patch a BeyondTrust command injection vulnerability (CVE-2024-12686) being actively exploited in attacks. (BleepingComputer)
• Apple has recently patched a macOS vulnerability that allowed hackers to install malicious kernel drivers. (BleepingComputer)
• Arctic Wolf researchers have observed a recent campaign targeting publicly exposed management interfaces on Fortinet FortiGate Firewalls. (ArcticWolf)
• A weakness in Google’s OAuth login feature could enable attacks that register ‘abandoned’ domains access to former employee accounts linked to SaaS platforms. (BleepingCompter)
• Cybercriminals are adopting new social-engineering methods to circumvent iMessage’s built-in phishing link protection feature. (BleepingComputer)

🏛️ Policy & Legislation

• President Biden has issued a new executive order governing AI use for cyber defense and aiming to tighten cyber regulations for federal agencies. (Politico)
• CISA has reported a ‘surge’ in enrolment to its Cyber Hygiene service from critical infrastructure organizations over the last two years. (Cyberscoop)
• The UK Government is considering implementing new legislation for a ban on ransomware payments by the public sector and by operators of critical national infrastructure. (SecurityWeek)
• The European General Court has fined the European Commission (the executive arm of the EU) for violating EU data privacy laws. (THN)

🚨 Vendor News & Announcements

• Darktrace will acquire cloud threat hunting platform Cado Security. Darktrace was acquired by Thoma Bravo for $5.3 billion in October. (CRN)
• Security awareness provider Hook Security has acquired Haekka, a Slack-based security training platform. (Hook Security)

📟 Product Releases & Patches

• Microsoft’s January ‘Patch Tuesday’ included security updates for 159 flaws, including 8 zero-day vulnerabilities. (BleepingComputer)
• Ivanti recently released patches for its Connect Secure VPN appliances to fix a zero-day threat allowing remote attacks to execute arbitrary code. (SecurityWeek)
• Adobe has rolled out patches for multiple vulnerabilities affecting Photoshop, Substance 3D Stager, Illustrator for iPad, Adobe Animate, and the Adobe Substance 3D Designer. (SecurityWeek)

🎙️ Expert Insights: Interviews

Don’t miss this week’s round of interviews & roundups with cybersecurity experts and thought leaders.

• 4 Cloud Backup Experts Share Their Predictions For 2025 
• We Asked 3 RMM Experts What Security Leaders Should Prioritize In 2025 
• 8 Email Security Experts Share Their Advice For 2025
• 7 Identity and Access Management Experts On Trends in 2025
• Connectwise’s EVP Jeff Bishop On Tackling RMM Challenges

That’s all for this week! 👋

If you have any feedback or stories to share, get in touch with [email protected].

Expert Insights’ Cybersecurity Resources

• The Top RMM Solutions For MSPs
• The Top Mobile Device Management (MDM) Solutions
• The Top Email Security Solutions For Office 365
• The Top Email Security Gateways
• The Top Multi-Factor Authentication (MFA) Solutions For Business
• The Top Phishing Protection Solutions
• The Top Cyber Threat Intelligence Solutions