January 28 2025 – Cyber Briefing

👉 What’s the latest in the cyber world today?

Apple, Exploited Security Flaws, USPS Phishing, Malicious PDFs, GitHub Desktop, Amazon Prime Phishing, Credit Cards, Intel Trust Domain Extensions, Side-Channel Attacks, DeepSeek AI Platform, Cyberattack, TalkTalk, Data Breach, Third-Party, Dean Norris, Scam, Fake Meme Coin, X Platform, Emergency Sirens, Hackers, Israel, Poland, Big Cheese Studio, Hacker Attack, Trump Administration, TikTok Deal, Oracle Investors, EU Sanctions, Russian Hackers, Estonia Government, Global Cybersecurity Market, Growth, Brazil, Iris Scans, Tools for Humanity, National Data Protection Authority, US Data Breach, Victim Numbers, Identity Theft Resource Center.

Listen to the full podcast

🚨 Cyber Alerts

1. Apple Patches Exploited Zero Day Flaws

Apple has issued updates to address several security vulnerabilities across its product lineup, including a zero-day flaw labeled CVE-2025–24085. The vulnerability, found in the Core Media component, allows a malicious app to escalate privileges on affected devices. Apple confirmed reports of this flaw being actively exploited on devices running earlier versions of iOS prior to 17.2, and it has been resolved through improved memory management in the latest updates.

2. USPS Phishing Campaign Targets Mobile Users

A sophisticated phishing campaign targeting mobile users has been uncovered, where malicious PDFs disguised as official USPS communications are used to steal sensitive data. The attack begins with SMS messages claiming undelivered USPS packages and includes a PDF file, which appears legitimate but contains hidden elements that redirect users to phishing websites. These sites impersonate USPS pages, asking victims to input personal details, including names, addresses, and credit card information.

3. GitHub and Git Projects Expose Credentials

Multiple security vulnerabilities have been found in GitHub Desktop and other Git-related projects, potentially allowing attackers to gain unauthorized access to users’ Git credentials. These vulnerabilities, collectively known as Clone2Leak, include flaws in how Git handles credential retrieval, such as improper message handling and URL parsing. Researchers discovered that maliciously crafted URLs and other techniques could expose sensitive credentials to attackers, with the most severe flaw being in Git LFS, which failed to check control characters in URLs.

4. Amazon Prime Members Targeted in Phishing

A sophisticated phishing campaign targeting Amazon Prime members has been uncovered, designed to steal sensitive data, including credit card information. Cybersecurity experts identified a complex attack chain that relies on malicious PDF attachments, redirects, and carefully crafted phishing websites. The attack begins when users receive emails with PDF files containing links that direct them to fraudulent Amazon pages. Researchers discovered 31 unique malicious PDF files, each with a distinct SHA256 hash, which are used to redirect users through a series of URLs ultimately leading to phishing sites aimed at capturing credit card data.

5. Intel TDX Vulnerability Breaks Isolation

Researchers from IIT Kharagpur and Intel identified a significant vulnerability in Intel Trust Domain Extensions (TDX) that undermines its core function of isolating sensitive workloads. The flaw allows Virtual Machine Managers (VMMs) to access hardware performance counter data, potentially breaching the isolation between Trust Domains (TDs) and the VMM. This breach could lead to process fingerprinting and class leakage in machine learning models, posing serious privacy and security risks.

💥 Cyber Incidents

6. DeepSeek AI Platform Targeted by Cyberattack

DeepSeek, an AI platform that recently gained attention for its advanced AI model, has been hit by a large-scale cyberattack. The platform, which had become popular after overtaking ChatGPT as the top downloaded app on the Apple App Store, was forced to disable new registrations due to the attack. It is believed that DeepSeek is facing a distributed denial-of-service (DDoS) attack on its services, which has affected its registration process.

7. TalkTalk Confirms Third Party Data Breach

UK telecommunications company TalkTalk has disclosed a data breach after a hacker identified as “b0nd” claimed responsibility for the attack on a cybercrime forum. The breach allegedly exposed data from over 18.8 million subscribers, though TalkTalk disputes these figures, stating the claim is inaccurate and overstated. The breach involved a third-party platform, with the company working with the supplier to resolve the issue and contain the incident.

8. Dean Norris Falls Victim to Meme Coin Scam

Dean Norris, the actor known for his role as Hank Schrader in Breaking Bad, confirmed that his X account had been hacked to promote a fake meme coin. The actor explained that he only became aware of the situation after receiving texts from friends and discovering that the hacker had even used a Cameo to make the scam seem more authentic. Despite the scam being removed, the incident highlights the growing problem of high-profile account hacks fueled by the meme coin craze.

9. Hackers Hijack Emergency Sirens in Israel

A pro-Palestinian hacker group named Handala reportedly infiltrated Israeli emergency systems, disrupting sirens in schools and broadcasting rocket alarms and Arabic songs. The breach impacted around 20 kindergartens and other educational institutions after hackers targeted Maagar-Tec, an Israeli electronics firm responsible for panic button systems in schools. The company has disconnected the affected systems and is investigating the incident, which led to further panic through intimidating text messages sent to thousands of Israelis.

10. Big Cheese Studio Hit by Hacker Attack

Big Cheese Studio, a Polish game developer, confirmed it was hit by a hacker attack early Friday. The attackers gained access to the company’s game code systems and employee data, demanding a ransom of 100,000 zlotys (equivalent to roughly $24,887) in cryptocurrency. Despite the breach, the company’s management assured that game development work was unaffected, and no data has been lost, as it collaborates with external providers to restore its systems and take legal action.

📢 Cyber News

11. Trump Moves to Prevent Nationwide TikTok Ban

The Trump administration is working on a plan to prevent a nationwide ban on TikTok, involving Oracle and private investors. Under the proposed deal, ByteDance would retain a minority stake while Oracle oversees key operations like algorithm management and data collection. The arrangement aims to ease national security concerns, ensuring U.S. investors hold the majority stake and limiting Chinese government access to user data.

12. EU Sanctions Russian Hackers for Cyberattack

The European Union has imposed sanctions on three Russian hackers from Unit 29155 of the GRU, marking a significant step in response to their involvement in cyberattacks against Estonia’s government in 2020. The hackers, Nikolay Korchagin, Vitaly Shevchenko, and Yuriy Denisov, gained unauthorized access to sensitive documents from various Estonian ministries, including Economic Affairs, Social Affairs, and Foreign Affairs. These documents contained critical information such as business secrets and health records, severely compromising national security.

13. Global Cybersecurity Market to Grow by 2033

The global cybersecurity market is projected to grow significantly, reaching $578.2 billion by 2033 from $219.0 billion in 2023, with a compound annual growth rate (CAGR) of 10.4%. A key segment in this growth is the solution segment, which held the largest market share in 2023, making up more than two-thirds of the market. The increase in cyber threats and the rising demand for robust security solutions are driving this trend. Additionally, the services segment is expected to see the highest growth rate as businesses seek managed security services to address evolving cyber threats and regulatory challenges.

14. Brazil Bans Biometric Payment System by TFH

Brazil’s National Data Protection Authority (ANPD) has prohibited Tools for Humanity (TFH) from paying citizens for iris scans. TFH, co-founded by Sam Altman, had been offering cryptocurrency incentives for Brazilian citizens to participate in the biometric scan program. The ANPD cited concerns that such payments could undermine the voluntary nature of consent, a requirement under Brazil’s data protection laws. TFH plans to comply with regulations but insists that its World ID program, which aims to verify human identity online, adheres to all legal standards.

15. US Sees Nearly Record Data Breaches in 2024

In 2024, the Identity Theft Resource Center (ITRC) reported a surge in data compromises, with over 1.7 billion breach notifications sent to victims. A total of 3,158 breaches, leaks, and exposures were tracked, nearly matching the all-time high from the previous year. The majority of these breaches were cyber-attacks, with stolen passwords being a common vulnerability, highlighting the importance of multi-factor authentication to prevent such incidents.