WordPress, PayPal, CrowdStrike Targeted and More

WordPress, PayPal & CrowdStrike Targeted | Samsung, SonicWall & IBM Patches | Medusind, BayMark Health Services & Bank of America Breaches

Key Cybersecurity Threats

1. PayPal Phishing Campaign:

   • Attackers use legitimate PayPal links to link victims' accounts to their own emails through realistic phishing emails.

2. Fake CrowdStrike Job Interviews:

   • Cybercriminals impersonate CrowdStrike recruiters to distribute XMRig cryptomining malware using fake job application processes.

3. PhishWP WordPress Plugin:

   • Malicious plugin impersonate payment processors like Stripe to steal customer payment data through fake checkout pages.

4. Samsung Zero-Click Vulnerability:

   • A critical flaw in Samsung Galaxy S23/S24 devices allowed arbitrary code execution; patched in the latest update.

5. Microsoft DRM Vulnerability:

   • Researchers exposed flaws in PlayReady DRM, risking unauthorised access to protected streaming content.

6. IBM Watson XSS Vulnerability:

   • A stored XSS flaw (CVE-2023-47731) in IBM QRadar Suite Software could expose sensitive credentials.

7. Ivanti Zero-Day Vulnerabilities:

   • Two critical vulnerabilities (CVE-2025-0282 and CVE-2025-0283) in Ivanti Connect Secure are being actively exploited.

8. SonicWall Authentication Bypass:

   • Two high-severity flaws (CVE-2024-40762 and CVE-2024-53704) in SonicWall firewalls allow remote attacks.

9. Banshee macOS Malware:

   • New Banshee version expands targeting by removing its language-based execution restrictions.

10. Mitel MiCollab Exploits:

    • Path traversal flaws (CVE-2024-41713 and CVE-2024-55550) in MiCollab allow unauthorized server actions.

---

Security Updates

1. Samsung January 2025 SMR:

   • Addressed 29 vulnerabilities, including 5 critical flaws, in Galaxy devices.

2. Darktrace Acquires Cado Security:

   • Darktrace plans to enhance its cloud forensics capabilities with the acquisition of Cado Security.

3. Microsoft PlayReady Flaws:

   • Issues in the Protected Media Path (PMP) could compromise streaming content security.

---

Recent Data Breaches

1. Bank of America:

   • Breach involved unauthorized access to sensitive customer data on a third-party system.

2. BayMark Health Services:

   • Ransomware attack compromised patient information.

3. Excelsior Orthopaedics:

   • Data breach affected 357,000 patients and employees.

4. Medusind:

   • Over 360,000 individuals were impacted by a medical billing firm breach.

5. Silk Typhoon Hack:

   • Linked to the US Treasury hack.

---

Emerging Threats

1. ScreenConnect Deploying Malware:

   • Used in tech support scams to deliver AsyncRAT and SectopRAT malware.

2. Salt Typhoon Hacking Campaign:

   • China-linked group targeted US telecoms, including AT&T and Verizon.

3. Noname057(16) DDoS Attacks:

   • Pro-Russian hackers targeted Italian websites with DDoS campaigns.

---

Key Recommendations

• Stay Updated: Regularly update devices and software.

• Be Cautious: Avoid clicking links in unsolicited emails, even if they appear legitimate.

• Strengthen Security: Use strong passwords, two-factor authentication, and monitor for suspicious activity.