Cyber Security Headlines: Exploited Vulnerabilities Rising, Ban on DeepSeek, Crypto Scams Make Comeback

Hosted by Lauren Verno | Released on February 4, 2025

The latest episode of Cyber Security Headlines by the CISO Series delves into pressing issues affecting the information security landscape. Hosted by Lauren Verno, the episode covers a surge in exploited vulnerabilities, state bans on AI platforms, a resurgence of crypto scams, significant data breaches, and notable cybercriminal activities. Here's a comprehensive breakdown of the key topics discussed:

1. Surge in Exploited Vulnerabilities

Lauren Verno opens the episode by highlighting a concerning uptick in exploited vulnerabilities over the past year.

“The number of exploited vulnerabilities surged in 2024, with 768 CVEs actively targeted. That's a 20% increase from the year before,” (00:15).

A significant portion of these exploits—nearly a quarter—occurred on or before their public disclosure, indicating that threat actors are aggressively leveraging new vulnerabilities before patches can be widely applied. Chinese threat actors are prominently featured, with 15 groups linked to the exploitation of high-profile vulnerabilities such as Log4J. Targets include major corporations like Citrix, Cisco, Zoho, and Microsoft, underscoring the pervasive nature of these security weaknesses.

2. Texas Bans DeepSeek and Rednote

In a landmark decision, Texas becomes the first U.S. state to ban the Chinese AI company DeepSeek and its associated social media app Rednote on state-issued devices.

“Governor Greg Abbott cited security concerns and the threat of data harvesting for the ban,” (04:50).

This move reflects growing apprehensions about foreign technology companies' access to sensitive state data. Additionally, Italy's Data Protection Authority has echoed these concerns by blocking DeepSeek's chatbot services, demanding transparency in its data collection practices. Despite these actions, DeepSeek denies any operational presence in Italy, intensifying debates over data privacy and international tech regulations.

3. Crypto Scams Resurface on X

The episode discusses the resurgence of crypto scams, particularly through platforms like X (formerly Twitter).

“Hackers behind a one-click phishing campaign have been targeting high-profile X accounts, including journalists, political figures, and even former employees,” (09:20).

These scams aim to deceive followers of these accounts into engaging with fraudulent links that result in cryptocurrency fraud. By leveraging the large followings of high-profile individuals, scammers maximize their reach and potential victim count. The hosts caution listeners to double-check URLs and links to avoid falling prey to such deceptive tactics, noting the significant profitability of these schemes for cybercriminals.

4. GlobeLife Data Breach Impacts Hundreds of Thousands

A massive data breach at GlobeLife has resulted in the exposure of sensitive personal information for approximately 850,000 individuals.

“The breached data included names, addresses, dates of birth, and Social Security numbers,” (14:10).

GlobeLife reported that the breach occurred when a threat actor attempted to extort the company by threatening to release the stolen data. Fortunately, the company confirmed that no credit card or banking information was compromised. This incident underscores the critical importance of robust data protection measures to safeguard personal and financial information against extortion and unauthorized access.

5. Deep Seq AI Platform Impersonation Leads to Data Theft

The episode sheds light on a sophisticated campaign involving malicious Python packages that impersonate the Deep Seq AI platform.

“Malicious packages were uploaded to PyPi, disguised as tools for the Deep Seq AI platform, but they were actually info stealers,” (18:45).

Discovered by Positive Technologies, these packages silently exfiltrated sensitive data such as API keys and database credentials, sending them to a command-and-control server via Pipedream. Although PyPi quickly quarantined and removed the malicious packages, 222 developers had already downloaded them. The hosts advise any developers who used these packages to immediately rotate their credentials to mitigate potential security risks.

6. Casio UK Website Compromised with Payment Flow Skimmer

A new threat actor has compromised the Casio UK website, along with 16 other sites, using a web skimmer to hijack the payment flow.

“The skimmer intercepted clicks on the checkout button to display a fake payment form, capturing sensitive information before redirecting users back to the legitimate checkout page,” (22:30).

This attack was facilitated by a Report Only content security policy on the affected sites, which inadvertently allowed the malicious script to operate undetected. Victims provided their names, addresses, and credit card details, highlighting vulnerabilities in payment processing systems and the need for stringent security protocols to prevent such manipulations.

7. Canadian Hacker Charged in $65 Million Crypto Heist

Bringing attention to significant criminal activities, the episode covers the charges against a 22-year-old Canadian accused of orchestrating a $65 million crypto heist.

“He hacked Kyberswap and Index Finance by exploiting vulnerabilities and manipulating digital coin trades,” (26:15).

The hacker allegedly laundered the stolen funds through multiple transactions, employed fake identities to obscure his actions, and attempted to extort Kyberswap administrators following the attack. Facing charges that include wire fraud, extortion, and money laundering, the individual could face decades in prison. Authorities are still working to determine his exact whereabouts, emphasizing the challenges in tracking and prosecuting cybercriminals.

8. Remembering Sean Bowen

In a poignant segment, Lauren Verno pays tribute to Sean Bowen, a valued member of the CISO Series community who tragically passed away in a parachuting accident.

“Sean's keen insights and quick wit were invaluable to our shows. He was a relentless advocate for the cybersecurity community,” (30:50).

The episode expresses heartfelt condolences to Sean's family, friends, and colleagues, acknowledging his significant contributions and the profound loss felt by those who knew him. A tribute curated by David Spark is available in the CISO Series LinkedIn newsletter, inviting listeners to honor Sean's memory.

Conclusion

Lauren Verno wraps up the episode by directing listeners to CISOseries.com for detailed stories behind the headlines. This episode of Cyber Security Headlines provides a comprehensive overview of the current cybersecurity threats and incidents, offering valuable insights for professionals and enthusiasts alike.

Key Takeaways:

• Exploited vulnerabilities are on the rise, with a notable increase in CVEs being targeted by sophisticated threat actors.
• State-level bans on foreign AI platforms signal heightened concerns over data security and privacy.
• Crypto scams are making a significant comeback, leveraging high-profile accounts to maximize their impact.
• Major data breaches like GlobeLife emphasize the ongoing need for robust security measures.
• Impersonation campaigns and payment flow skimmers demonstrate the evolving tactics of cybercriminals.
• High-profile crypto heists highlight the complexities of cybercrime prosecution.
• The cybersecurity community mourns the loss of influential members, reinforcing the importance of collaborative efforts in the field.

For more in-depth analysis and updates, visit CISOseries.com.