+61 3 9125 0439

    MELBOURNE | SYDNEY | BRISBANE | PERTH | CANBERRA | NEW ZEALAND       +61 3 9125 0439

Icon-linkedin
Talk To An Expert
Cyber Security News Weekly Round-Up
Cyber Security News Weekly Round-Up

Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)

1 Cybersecurity News

 
 
 

1.1  Healthcare Data Breach Exposes 1 Million Patients:

 

Community Health Center, Inc. (CHC) reported a breach affecting 1,060,936 individuals, exposing SSNs, medical diagnoses, and insurance details.

 
 
 

1.2  Globe Life Cyberattack: 850,000+ Records Stolen:

 

Hackers stole names, SSNs, and health data from a subsidiary of Globe Life. Attackers used double extortion tactics to pressure the company.

 
 
 

1.3  AWS S3 Bucket Hijacking Risks Global Supply Chains:

 

:Researchers found 150+ abandoned AWS S3 buckets from governments and Fortune 500 firms, allowing attackers to push malicious updates.

 
 
 

1.4  Grubhub Third-Party Breach Exposes Customer Data:

 

A compromised contractor account led to unauthorized access to names, emails, phone numbers, and partial card details.

 
 
 

1.5  Microsoft Outlook Vulnerability (CVE-2024-21413) Exploited:

 

Hackers bypass Protected View to steal NTLM credentials and execute remote code. CISA mandates patching by February 27.

 

1.6  HPE Breach by Russian APT Group (APT29):

 

Midnight Blizzard infiltrated HPE’s Office 365 emails, stealing SSNs, driver’s licenses, and credit card data.

 

 

 

2 Cyber Attacks

2.1  Hackers Exploit AWS & Azure for Large-Scale Attacks:

 

Threat actors hijacked 1,200+ AWS IPs, stole API keys, and exploited misconfigured S3 buckets for phishing and ransomware.

 
 
 

2.2  High-Profile X (Twitter) Accounts Hijacked in Crypto Scam:

 

Verified accounts like Nasdaq and Microsoft India were compromised to promote fraudulent crypto schemes.

 
 
 

2.3  3,000+ ASP.NET Keys Exposed, Leading to RCE:

 

Hackers used leaked ValidationKey/DecryptionKey pairs to inject malicious ViewState payloads and deploy malware.

 

 

 

3 Threats

 
3.1  Microsoft Advertisers Targeted by Malicious Google Ads:
 

Attackers impersonated Microsoft Ads using fraudulent Google Ads to steal credentials via fake login pages.

 
 
 

3.2  Chinese Hackers Deploy Linux SSH Backdoor:

 

The ELF/Sshdinjector.A!tr malware infects Linux servers by modifying SSH libraries, allowing credential theft.

 
 
 

3.3  North Korean Hackers Abuse Custom RDP Wrapper:

 

Kimsuky group modified termsrv.dll to enable stealthy remote access, deploying keyloggers and PowerShell payloads.

 

 

 

4 Vulnerabilities

 
 
 

4.1  Windows 11 Kernel Race Condition Flaw (CVE-2025-XXXX):

 

A critical privilege escalation bug allows attackers to execute arbitrary code or crash systems.

 
 
 

4.2  BeyondTrust SaaS Platform Breach:

 

China-linked hackers exploited zero-day vulnerabilities to steal AWS API keys and access U.S. Treasury data.

 
 
 

With new vulnerabilities emerging daily, businesses must prioritize cybersecurity hygiene. Partnering with a cybersecurity company in Australia ensures timely patch management, vulnerability assessments, and compliance with security best practices.

Tags
What do you think?

What to read next

SOCI Act Compliance
Right Fit For Risk (RFFR): A Complete Guide
Cyber Forte cybersecurity company Australia logo

Quick Link

Services

Contact

+61 3 9125 0439

info@cyberforte.com.au

Suite 354, Level 2, 260 Collins St, Melbourne, VIC 3000

Darling Park, Level 20, tower 2/201 Sussex St, Sydney NSW 2000

Cyber Forte acknowledges the Bunurong People of the Kulin Nation as the traditional custodians of the land on which we work. We pay our respects to Elders past, present and emerging.

Cyber Forte Pty Limited | ABN: 14 636 444 838

Paid Search Marketing
Search Engine Optimization
Email Marketing
Conversion Rate Optimization
Social Media Marketing
Google Shopping
Influencer Marketing
Amazon Shopping
Explore all solutions