Cybersecurity Industry News Recap: February 6 – 13 2025

📰 Headlines

• A massive IoT data breach has exposed 2.7 billion data records including Wi-Fi Network names, passwords, and IP addresses. The database was linked to a China-based IoT grow light company with an app available on iOS and Android. (Infosecurity Magazine)

• International law enforcement agencies have arrested 4 Russian nationals suspected of leading the ‘Phobos’ and ‘8Base’ ransomware gang. 27 servers linked to the criminal network were taken down. (EuroPol)

• A subgroup of Russian state-backed hacker group ‘Sandworm’ has been running a multi-year campaign to hack organizations in the US and Europe, targeting the energy sector, government, telecoms, and shipping. Sandworm has been involved in targeting users in Ukraine. (TheRecord, BleepingComputer)
• Hackers have been able to hide malicious code in AI models hosted on Hugging Face (HF), by exploiting vulnerabilities in so-called ‘Pickle files.’ HF is a popular platform used by developers to build models, datasets and applications. (CyberNews)

🎣 Vulnerabilities, Scams, & Hacks

• A massive brute force password attack using almost 2.8 million IP addresses has been operating since last month, targeting credentials for a wide range of network devices. (BleepingComputer)

• Hewlett Packard Enterprise have begun to notify people that their personal information could have been compromised in a December 2023 hack by a Russian state-sponsored hacking group. (SecurityWeek)

• An exploit for SonicWall Firewalls has been discovered (CVE-2024-53704), enabling hackers to bypass authentication mechanisms in certain versions of SonicOS SSLVPN. A patch is now available. (BleepingComputer)

• Over 12,000 KerioControl firewalls are exposed to an exploited remote code execution vulnerability (CVE-2024-52875). The bug was patched back in December. (BleepingComputer)

🚨 Vendor News & Announcements

• SolarWinds will become private after a $4.4 billion USD acquisition by Turn/River Capital. (SecurityWeek)

• CyberArk, a leading identity provider, has acquired Zilla Security, an identity governance and administration solution, for $165 million in cash, plus a $10 million performance-based earn-out. (SecurityWeek)

• Drata, a compliance automation provider, intends to acquire SafeBase, an AI powered AI Trust Center platform for security and compliance information in a reported $250m USD deal. (SecurityWeek)

• Microsoft is offering more rewards for its Copilot AI Bounty Program, as part of significant updates designed to improve the program’s effectiveness and encourage more participation. (Microsoft)
• Cybersecurity startup Astra Security has received $2.7 million USD in a funding round led by Emergent Ventures. (SecurityWeek)

📟 Product Releases & Patches

A bumper set of updates this week for February’s Patch Tuesday. We highly recommend customers should update affected software as soon as possible.

• Apple has emergency patched a zero-day exploit that may have been exploited against specific individuals. Apple described the exploit as a ‘physical attack’ that could disable USB Restricted Mode on a locked device. (PCMag)
• Microsoft has released fixes for 63 security vulnerabilities, including two actively being exploited. (THN)

• Ivanti and Fortinet have announced patches for several vulnerabilities across their products. (SecurityWeek)
• Adobe has patched 45 vulnerabilities across multiple products and warned of remote code execution exploitation. (SecurityWeek)
• SAP has released 21 security patches including six high priority updates for vulnerabilities in its enterprise software. (SecurityWeek)

• Google has paid out a $55,000 USD bug bounty and released a Google Chrome update to patch four high-severity vulnerabilities. (SecurityWeek)

🏛️ Policy, Law, & Legislation

• President Trump is reportedly planning to nominate Sean Cairncross as the next national cyber director. (TheRecord)
• House Republicans on the House Committee on Energy and Commerce have started a new group to draft a national data privacy legislation bill. (TheRecord)

• Victims in dozens of European countries have been targeted by Paragon spyware, according to the Italian government. Italy’s cybersecurity agency is investigating alleged hacking attempts by Paragon Solutions. (TheRecord)

🎙️ Expert Insights: Latest From Us

Don’t miss this week’s round of interviews & insights with cybersecurity experts and thought leaders.

• ZeroFox’s Adam Darragh On The Benefits Of Dark Web Monitoring
• Expert Panel: What Are The Biggest Cloud Backup Challenges In 2025? 
• Container Security Buyers Guide 2025
• How To Create An Effective Security Awareness Training Program

That’s all for this week! 👋

Do you have any stories to share with Expert Insights, or any feedback on the format of this newsletter? Please let us know.

Contact [email protected]

Expert Insights’ Cybersecurity Resources

• The Top RMM Solutions For MSPs
• The Top Mobile Device Management (MDM) Solutions
• The Top Email Security Solutions For Office 365
• The Top Email Security Gateways
• The Top Multi-Factor Authentication (MFA) Solutions For Business
• The Top Phishing Protection Solutions
• The Top Cyber Threat Intelligence Solutions