News – January 2025

January 31, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a medical product advisory for the Contec Health CMS8000 Patient Monitor to address one critical and two high severity vulnerabilities. The Contec CMS8000 is a patient monitor used to display real-time information such as the vital signs of a patient, including temperature, heartbeat, and blood pressure. ...

January 31, 2025

An official with Meta Platforms’ (META.O), opens new tab popular WhatsApp chat service said Israeli spyware company Paragon Solutions had targeted scores of its users, including journalists and members of civil society. The official said on Friday that WhatsApp had sent Paragon a cease-and-desist letter following the hack. In a statement, WhatsApp said the company “will ...

January 31, 2025

TeamViewer has released a security advisory addressing a new vulnerability within the TeamViewer Remote Windows Clients. TeamViewer is a popular remote access and control software. CVE-2025-0065 is an ‘improper neutralization of argument delimiters in a command’ vulnerability with a CVSSv3 score of 7.8. An unprivileged attacker with local Windows access could use this flaw to elevate ...

January 31, 2025

Barclays customers are continuing to experience intermittent errors with payments and transfers after serious IT problems that also affected the bank’s app and online banking. Customers have told the BBC it is preventing them making essential transactions, ranging from buying baby milk to completing a house move. Barclays says cards and cash machines can be used ...

January 31, 2025

Published today, the latest joint report by Europol and Eurojust, Common Challenges in Cybercrime, explores the persistent and emerging issues that hinder cybercrime investigations. This year’s edition not only identifies key obstacles—particularly in the field of digital evidence—but also examines how new legislative measures could help address them. The report highlights several pressing challenges faced by ...

January 31, 2025

Windows group policies are a powerful management tool that allows administrators to define and control user and computer settings within a domain environment in a centralized manner. While group policies offer functionality and utility, they are unfortunately a prime target for attackers. In particular, attackers are increasingly using group policies to distribute malware, execute hidden scripts ...

January 31, 2025

On the anniversary of the Battle of Kruty, a cyber unit of Ukraine’s Main Intelligence Directorate launched a DDoS attack on the digital infrastructure of Russia’s Gazprom and Gazpromneft. In particular, Ukrainian cyber professionals attacked the online services of the enterprises that support the activities of the Russian army. From January 28, 2025, company clients were ...

January 31, 2025

Tata Technologies, a technology and product engineering service company owned by Indian conglomerate Tata Group, has disclosed a ransomware attack that has forced it to suspend some of its services. The Pune-headquartered company said Friday that the incident affected “a few of our IT assets” while its client delivery services “remained fully functional and unaffected throughout.” ...

January 30, 2025

Over the past month, FortiGuard Labs has identified several similar LNK files containing PowerShell commands designed to execute malicious scripts and connect to remote servers. These files are part of multi-stage operations that ultimately deliver the Coyote Banking Trojan. This malware primarily targets users in Brazil, seeking to harvest sensitive information from over 70 financial applications ...

January 30, 2025

A Europol-supported operation, led by German authorities and involving law enforcement from eight countries, has led to the takedown of the two largest cybercrime forums in the world. The two platforms, Cracked and Nulled, had more than 10 million users in total. Both of these underground economy forums offered a quick entry point into the cybercrime ...