Welcome to your daily dose of ONSEC Cyber Daily. Today's issue is packed with critical updates and insights on the latest cybersecurity threats and patches. We kick off with a vulnerability in Veeam Azure Backup Solution that allows attackers to enumerate networks, a serious threat that requires immediate attention. Microsoft has also been busy patching vulnerabilities, with the most significant Patch Tuesday release since 2017, addressing three vulnerabilities in Microsoft Access. The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about exploited Fortinet bugs, while FortiGate Firewall's unpatched systems have been exploited, leading to unauthorized access. In other news, Samsung has released a security patch for Galaxy S20 FE 5G, and Ivanti Endpoint Manager versions have been found to have critical vulnerabilities. Microsoft's January Security Update has addressed high-risk vulnerabilities in multiple products, including a privilege escalation vulnerability in Windows Hyper-V NT Kernel Integration VSP. We also cover a new UEFI Secure Boot flaw that exposes systems to bootkits, critical SimpleHelp vulnerabilities, and a critical Microsoft Outlook vulnerability rated 9.8/10. Finally, we delve into the world of podcasts, with a look at the latest episodes discussing cybersecurity trends, tech as a religion, and the future of CISOs. Stay tuned for more updates and remember to stay secure!

Exploits Alert

1. Veeam Azure Backup Solution Vulnerability: A new vulnerability has been discovered in the Veeam Azure Backup Solution that allows attackers to enumerate networks. This vulnerability could potentially allow cybercriminals to gain unauthorized access to sensitive data. Users are advised to update their systems to the latest version to mitigate this risk. Source: Cybersecurity News.
2. Microsoft Exchange Server Vulnerability: A critical vulnerability has been identified in Microsoft Exchange Server that could allow an attacker to execute arbitrary code on the system. Microsoft has released a patch to address this vulnerability and users are urged to apply it immediately. Source: Microsoft Security Blog.
3. Apache Log4j Vulnerability: The Apache Log4j vulnerability, also known as Log4Shell, is a severe security flaw that allows remote code execution on affected systems. This vulnerability is being actively exploited in the wild, and users are strongly encouraged to apply the latest patches. Source: Apache Logging Services.
4. Apple iOS and macOS Vulnerability: A zero-day vulnerability has been discovered in Apple's iOS and macOS operating systems. This vulnerability could allow an attacker to gain elevated privileges on a victim's device. Apple has released updates to address this vulnerability and users are advised to install them immediately. Source: Apple Support.
5. Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability: A buffer overflow vulnerability in Cisco's ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. Cisco has released software updates that address this vulnerability. Source: Cisco Security Advisory.

Vulnerabilities & Patches

1. Microsoft's January Security Update of High-Risk Vulnerabilities in Multiple Products: Microsoft has released a massive security update addressing several high-risk vulnerabilities across its product range. The most notable among these is a privilege escalation vulnerability in Windows Hyper-V NT Kernel Integration VSP (CVE-2025-21333/CVE-2025-21334/CVE-2025-21335). Source: Security Boulevard
2. Critical Microsoft Outlook Vulnerability Rated 9.8/10 Confirmed—Update Now: A critical vulnerability in Microsoft Outlook (CVE-2025-21298) has been confirmed and rated 9.8/10 in severity. Microsoft has rolled out a patch to address this issue as part of its monthly security update. Source: Forbes
3. New UEFI Secure Boot flaw exposes systems to bootkits, patch now: A new UEFI Secure Boot bypass vulnerability (CVE-2024-7344) has been discovered that affects a Microsoft-signed application. This vulnerability could be exploited to deploy bootkits, and a patch has been released to address it. Source: Bleeping Computer
4. Critical SimpleHelp vulnerabilities fixed, update your server instances!: Critical vulnerabilities have been identified and fixed in SimpleHelp, including CVE-2024-57727, an unauthenticated path traversal vulnerability. This could allow attackers to download arbitrary files from the SimpleHelp server. Source: Help Net Security
5. Zoom Patches Several Flaws That Enable Privilege Escalation and Denial of Service: Zoom has released patches for several vulnerabilities, including CVE-2025-0143, an out-of-bounds write vulnerability in the Zoom Workplace App for Linux. This could allow unauthorized users to escalate privileges or cause a denial of service. Source: TechNadu

Podcasts

1. Cyber Uncut Podcast: In this episode, hosts David Hollingworth and Daniel Croft discuss the increase in cyber attacks in 2024 and the latest in cyber security news. They provide a retrospective look at the year's cyber incidents. Source: Cyber Daily
2. The Angle Podcast: The inaugural episode of this special edition podcast features H. Lawrence Culp, Jr., chairman and CEO of GE Aerospace. The podcast aims to provide listeners with insights into executive leadership. Source: Stock Titan
3. What's Working in Washington Ep 522: Hosts Jonathan Aberman and Mark Walsh discuss tech as a religion and back-to-work drama in Mark's final episode. The podcast also covers security clearance reform 20 years in the making. Source: Federal News Network
4. DataBee® Podcast Episode 6: The Promised Land: This podcast series from Comcast Technology Solutions aims to free CISOs from their shackles so they can focus on their work. Source: CIO
5. Urban Exchange Podcast Episode 22: This episode discusses digital solutions shaping the urban landscape and focuses on delivering advanced cybersecurity. Source: Smart Cities World

Final Words

And that's a wrap for today's edition of 'ONSEC Cyber Daily'. We hope you found our coverage on the latest vulnerabilities, patches, and cybersecurity news enlightening. Remember, staying informed is the first step towards safeguarding your digital assets. If you found this newsletter helpful, why not share it with your friends and colleagues? They too could benefit from these daily updates and together, we can create a safer cyber community. Stay vigilant, stay secure, and see you in the next edition of ONSEC Cyber Daily.

x.com

X (formerly Twitter)

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn