Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into the world of vulnerabilities and patches. A Proof-of-Concept exploit has been released for a high-severity vulnerability in 7-Zip, a popular file archiver. Meanwhile, HEAL Security is discussing Cisco vulnerabilities and automotive threats. In other news, attackers are exploiting IBM i Access Client Solutions on Windows 11 to steal passwords, and CISA has disclosed security flaws in aircraft collision avoidance systems and Siemens industrial equipment. Ivanti Cloud Service Applications are also under threat, with vulnerabilities being actively exploited. On the patching front, it's been a busy week. Oracle has released a whopping 603 fixes, and a high-severity flaw in 7-Zip requires a manual update. Microsoft has also released a huge Patch Tuesday update for January 2025, and a worrying Windows security issue has been patched by 7-Zip. In the podcast world, Mark Freedman, CEO of Rebel Global Security, discusses online radicalization and the rising threats of violence. We also explore the uncertain future of cyber safety oversight and the current state of digital certificate lifespans.

Bonus from ONSEC Cyber Daily: Discover President Trump’s Cybersecurity Initiatives (2017-2025)

Stay tuned for more updates and remember, stay safe in the cyberspace!

Exploits Alert

1. PoC Exploit Released for 7-Zip Mark-of-the-Web Bypass Vulnerability (CVE-2025-0411): A high-severity vulnerability has been identified in the popular file archiver 7-Zip, with a Proof-of-Concept (PoC) exploit now publicly available. Users are advised to update their software to the latest version. Source: cybersecuritynews.com
2. Cyber Threats Uncovered: HEAL Security Discusses Cisco Vulnerabilities: HEAL Security has released a daily digest discussing various cybersecurity threats, including vulnerabilities in Cisco products. Users are encouraged to stay informed and take necessary precautions. Source: ivoox.com
3. Attackers Exploit IBM i Access Client Solutions on Windows 11 To Steal Passwords: A new exploit has been discovered where attackers are exploiting IBM i Access Client Solutions on Windows 11 to steal passwords. Users are advised to update their systems and change their passwords. Source: cybersecuritynews.com
4. Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications: Threat actors have been found to chain vulnerabilities in Ivanti Cloud Service Applications. CISA and FBI recommend software manufacturers to implement comprehensive information security practices. Source: cisa.gov
5. CISA discloses security flaws in aircraft collision avoidance systems, Siemens industrial equipment: CISA has issued an advisory warning about security flaws in aircraft collision avoidance systems and Siemens industrial equipment. Users are advised to stay updated and follow enhanced cybersecurity obligations. Source: industrialcyber.co

Vulnerabilities & Patches

1. Critical Ivanti CSA Vulnerabilities: Ivanti has been hit with a command injection vulnerability (CVE-2024-9380) that allows for remote code execution when exploited by attackers with admin privileges. Users are urged to patch immediately. Source: The Cyber Express
2. Oracle's Massive Patch Release: Oracle has released a whopping 603 fixes, with one patch (CVE-2025-21556) being singled out for its critical nature. Users are advised to apply the patches immediately. Source: The Register
3. High-severity Flaw in 7-Zip: A high-severity flaw (CVE-2025-0411) has been identified in the popular file archiver 7-Zip. Users are required to manually update to mitigate this vulnerability. Source: SC Media
4. Vulnerabilities in Ivanti Cloud Service Applications: Threat actors have exploited vulnerabilities (CVE-2025-0282 and CVE-2025-0283) in Ivanti Cloud Service Applications. Ivanti has released security updates for Connect Secure, Policy Secure, and ZTA. Source: CISA
5. Windows File Explorer Elevation Of Privilege Vulnerability: A vulnerability (CVE-2024-38100) in Windows File Explorer has been exploited, leading to an elevation of privilege. Users are advised to apply the latest security updates. Source: Cybersecurity News

Podcasts

1. Holding the Line Against Terrorism with Rebel Global Security CEO Mark Freedman: Mark Freedman discusses the increasing threats of violence from both sides of the political spectrum, online radicalization, and the role of social media. Source: Security Info Watch
2. Cyber Threats Uncovered: HEAL Security Discusses Cisco Vulnerabilities: HEAL Security provides an essential daily digest discussing Cisco vulnerabilities and automotive security. Source: iVoox
3. Cybersecurity Expertise Gaps: More Than Meets the Eye: This episode of Informa TechTarget's IT Ops Query podcast discusses the expectations placed on security teams to maintain posture and the resulting expertise gaps. Source: TechTarget
4. The Uncertain Future of Cyber Safety Oversight: CyberWire Daily discusses the uncertain future of cyber safety oversight and the challenges of keeping bots off the menu during NYC Restaurant week. Source: CyberWire
5. Reducing the Lifespan of Digital Certificates: Tim Callan, Co-Chair at CA/Browser Forum and Chief Compliance Officer at Sectigo, discusses the current state of digital certificate lifespans. Source: Security Magazine

Bonus from ONSEC team

President Trump’s Cybersecurity Initiatives (2017-2025)

Final Words

And that's a wrap for today's edition of ONSEC Cyber Daily. We've covered a lot of ground, from the PoC exploit released for the 7-Zip vulnerability to the critical security flaws in aircraft collision avoidance systems and Siemens industrial equipment. We've also discussed the latest patches and updates, and the importance of staying vigilant in the face of ever-evolving cyber threats. Remember, the world of cybersecurity is a shared responsibility. We all have a part to play in keeping our digital spaces safe. So, if you found today's newsletter informative, we encourage you to share it with your friends, colleagues, and anyone else who might benefit from staying updated on the latest in cybersecurity news. Stay safe, stay informed, and we'll see you in the next edition of ONSEC Cyber Daily. Until then, keep your data secure and your systems patched.

x.com

X (formerly Twitter)

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn