Transcript
A (0:00)
From the CISO series, it's Cybersecurity Headlines.
B (0:07)
These are the cybersecurity headlines for Wednesday, February 19, 2025. I'm Sarah Lane. In today's cybersecurity news, two security vulnerabilities have been discovered in open SSH that could enable man in the Middle attacks and Denial of Service attacks. The man in the Middle vulnerability affects versions 6.8p1 to 9.9p1 when the verify Host Key DNS option is enabled, letting attackers impersonate legitimate servers. The DOS Vulnerability affects versions 9.5 P1 to 9.9 P1, leading to resource exhaustion. Both issues are Fixed in open SSH9.9P2, which was released on Tuesday. Microsoft will deprecate driver synchronization in Windows Server Update Services OR WSUS on April 18, reminding enterprises to switch to cloud based solutions like Windows Autopatch, Azure Update Manager and Microsoft Intune. After this date, drivers will still be available on the Microsoft Update Catalog but can't be imported into WSUS. Although WSUS was deprecated back in 2024, Microsoft is maintaining existing functionality and continues to publish updates through the channel. Norwegian company Zwipe was ordered to Pay IDEX Biometrics $702,000 plus additional costs over a warranty dispute, but struggled to secure financing to avoid insolvency. Swipe ordered 300,000 fingerprint biometric sensors from IDEX back in 2020 for following an exclusive partnership arrangement. The company now has filed for bankruptcy and a bankruptcy trustee in Oslo will oversee the process. Founded back in 2009, Zwipe wanted to commercialize biometric payment cards but faced financial challenges. Krebs on Security reports that Chinese cybercrime groups are reviving the carding industry. That's the underground business of selling or stealing or swiping stolen payment card data by using advanced phishing kits to steal payment data card data and convert it into mobile wallets which are then loaded onto devices for fraudulent use. These phishing campaigns exploit both Apple iMessage and Google's RCS to bypass traditional SMS security and link stolen card details to mobile wallets by tricking victims into providing one time verification codes. The stolen wallets are then sold in bulk or used for fraudulent transactions, contributing to an estimated $15 billion in annual losses. Thank you to today's sponsor. Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise grade security programs. Their best in class features like process automation, AI and over 75 native integrations reverse compliance debt and help minimize manage risk proactively as your business grows. Visit Scrut IE to schedule a demo or learn more. That is www.scrut.IO Ecuador's National assembly experienced two cyber attacks on Monday, just a week after its general election. In a statement, the assembly said it was able to quickly identify and counteract the situation, but didn't provide any more information. This incident follows a series of cyber attacks on prominent organizations in Ecuador, including Radio Pachincha, the National Civil Registry and the National Election Agency. In recent years, cyberattacks have also targeted Blanco Pagania, highlighting ongoing cybersecurity challenges in the country. Juniper Networks patched a critical vulnerability that allows attackers to to bypass authentication and take over Session Smart Router or SSR devices, including Session Smart Conductor and WAN Assurance Managed Routers. Although no attacks have been detected as of yet, administrators are being urged to upgrade to the fixed versions. Juniper devices are frequent targets due to their use in critical environments, with previous vulnerabilities being exploited soon after patches have been released. Microsoft's February patch Tuesday Update for Windows 11 Fixed several bugs and security vulnerabilities, but introduced new issues including File Explorer malfunctions, installation failures and various system glitches. Users reported problems with opening folders, context menus not appearing, and installation errors. Even on systems without third party customizations. Windows 1124H2 has been notably problematic, raising concerns as the October 2025 Windows 10 support cutoff approaches. US newspaper publisher Lee Enterprises experienced a cyber attack that affected encrypted critical applications and exfiltrated files, telling the SEC that, quote, threat actors unlawfully accessed the company's network, encrypted critical applications and exfiltrated certain files, end quote. The attack disrupted product distribution, billing and other operations, with full recovery expected to take. There isn't evidence of compromised sensitive data yet, but the breach is likely to impact the company's financials, and cybersecurity insurance is expected to help cover costs. Remember to register for this week's Super Cyber Friday event. Hacking metrics that matter. We're going to break down what are the most useless vanity metrics, how to use metrics to tell a better story to the business, and what you should really be focusing on. Head on over to the events page@cisoseries.com to register for this event this Friday at 1pm Eastern 10am Pacific.