Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085)
Apple has shipped a fix for a zero-day vulnerability (CVE-2025-24085) that is being leveraged by attackers against iPhone users.
5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)
5,000+ SonicWall firewalls are still vulnerable to attack via a high-severity vulnerability (CVE-2024-53704) that, according to SonicWall, should be considered “at imminent risk of exploitation”.
DeepSeek’s popularity exploited by malware peddlers, scammers
As US-based AI companies struggle with the news that the recently released Chinese-made open source DeepSeek-R1 reasoning model performs as well as theirs for a fraction of the cost, users are rushing to try out DeepSeek’s AI tool.
Deploying AI at the edge: The security trade-offs and how to manage them
In this Help Net Security interview, Jags Kandasamy, CEO at Latent AI, discusses the technical and strategic measures necessary to safeguard AI models, the balance between security and performance in constrained environments, and the lessons professionals can learn as they deploy AI in high-risk sectors.
Cybercrime forums Cracked and Nulled seized, operators arrested
Law enforcement from Germany, Australia, Spain, Greece, Romania, Italy, France and the USA have seized and shut down Cracked and Nulled, the two largest cybercrime forums in the world.
Zscaler CISO on balancing security and user convenience in hybrid work environments
In this Help Net Security interview, Sean Cordero, CISO at Zscaler, talks about securing hybrid work and the new challenges it presents to cybersecurity teams.
SimpleHelp RMM vulnerabilities may have been exploited to breach healthcare orgs
Attackers may have leveraged vulnerabilities in the SimpleHelp remote monitoring and management solution to gain initial access to healthcare organizations.
Preparing financial institutions for the next generation of cyber threats
In this Help Net Security interview, James Mirfin, SVP and Head of Risk and Identity Solutions at Visa, discusses key priorities for leaders combating fraud, the next-generation threats institutions must prepare for, and the role of collaboration between financial sectors and government agencies in countering cybercrime.
Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)
CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has yet to be fixed by the manufacturer, is being targeted by attackers, cybersecurity company Greynoise has warned.
AI security posture management will be needed before agentic AI takes hold
As I’m currently knee deep in testing agentic AI in all its forms, as well as new iterations of current generative AI models such as OpenAI’s O1, the complexities of securing AI bot frameworks for enterprise security teams are beginning to crystallize.
Europeans targeted with new Tor-using backdoor and infostealers
A financially motivated threat actor has been targeting German and Polish-speaking users with info-stealing malware and TorNet, a previously undocumented .NET backdoor that leverages the Tor network to evade detection.
Don’t let these open-source cybersecurity tools slip under your radar
This article showcases free, open-source cybersecurity tools that help you identify and address vulnerabilities, detect intrusion, protect websites from cyber attacks, monitor and detect suspicious activities across your network.
BloodyAD: Open-source Active Directory privilege escalation framework
BloodyAD is an open-source Active Directory privilege escalation framework that uses specialized LDAP calls to interact with domain controllers.
SEC and FCA fines: Issues jump
In this Help Net Security video, David Clee, CEO of MirrorWeb, discusses the pressure that highly regulated sectors like finance experience to ensure compliance standards are met in a climate where reputational and financial consequences are rife.
ExtensionHound: Open-source tool for Chrome extension DNS forensics
Traditional monitoring tools reveal only traffic from the Chrome process, leaving security teams uncertain about which extension is responsible for a suspicious DNS query. ExtensionHound solves this by analyzing Chrome’s internal network state and linking DNS activity to specific extensions.
Patient monitors with backdoor are sending info to China, CISA warns
Contec CMS8000, a patient monitor manufactured by a Chinese company, and Epsimed MN-120, which is the same monitor but relabeled, exfiltrate patients’ data to a hard-coded IP address and have a backdoor that can be used to download and execute unverified files, the US Cybersecurity and Infrastructure Security Agency confirmed.
Cyber trends set to influence business strategies
In this Help Net Security video, Dottie Schindlinger, Executive Director of the Diligent Institute, discusses how 2025 presents boards with a technological headache and how these topics will shape cyber strategies at a board level across the new year and beyond.
Cybersecurity crisis in numbers
The number of US data compromises in 2024 (3,158) decreased 1% compared to 2023 (3,202), 44 events away from tying a record for the number of compromises tracked in a year, according to the Identity Theft Resource Center.
How Lazarus Group built a cyber espionage empire
Since September 2024, SecurityScorecard’s STRIKE team has been investigating Lazarus Group’s activity, uncovering key details about their infrastructure.
Only 13% of organizations fully recover data after a ransomware attack
Ransomware attacks are disrupting and undermining business operations and draining revenue streams, according to Illumio.
74% of CISOs are increasing crisis simulation budgets
In the aftermath of 2024’s high-profile cybersecurity incidents, including NHS, CrowdStrike, 23andMe, Transport for London, and Cencora, CISOs are reassessing their organisation’s readiness to manage a potential “chaos” of a full-scale cyber crisis, according to Hack The Box.
Cybersecurity jobs available right now: January 28, 2025
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.
How to use Apple’s App Privacy Report to monitor data tracking
The App Privacy Report, which Apple introduced in iOS 15.2, allows users to monitor how apps access data and interact with third-party services.
How to use Hide My Email to protect your inbox from spam
Hide My Email is a service that comes with iCloud+, Apple’s subscription-based service.
Infosec products of the month: January 2025
Here’s a look at the most interesting products from the past month, featuring releases from: Absolute Security, Atsign, authID, BackBox, BioConnect, BitSight, BreachLock, Cisco, Commvault, Compliance Scorecard, DataDome, Hiya, IT-Harvest, Lookout, McAfee, Netgear, Oasis Security, and Swimlane.