Welcome to the ONSEC Cyber Daily! Today, we delve into the world of cybersecurity, where vulnerabilities and threats lurk in every corner. We kick off with a critical bypass vulnerability in Microsoft accounts that could allow attackers to gain remote access. This comes as researchers unveil a sophisticated malware campaign involving ValleyRAT, a Remote Access Trojan. In other news, a global spyware campaign conducted by an Israeli firm on WhatsApp has raised eyebrows and concerns about cyber risk. Meanwhile, 2024 saw a record number of exploited security vulnerabilities, highlighting the growing need for robust cybersecurity measures. The FDA and CISA have issued an alert about cybersecurity vulnerabilities in Contec patient monitors, which could potentially allow cyber threat actors to bypass security measures. In Pakistan, NCERT is inviting applications from cybersecurity audit firms to help bolster information security in the country. On the tech front, Google and Microsoft have been busy patching up security flaws, including a critical vulnerability in Azure AI Face Service and 47 Android security flaws. Samsung has also published details of its latest security patch for Galaxy devices. In the world of podcasts, we have a lineup of interesting episodes that delve into various aspects of cybersecurity, from protecting small businesses from cyber criminals to the power struggles within federal agencies. Stay tuned for more updates and remember, in the world of cybersecurity, staying informed is your first line of defense. Stay safe and secure!

Exploits Alert

1. Microsoft Accounts Authentication Bypass Vulnerability: A new vulnerability has been discovered in Microsoft Accounts that allows attackers to bypass authentication and gain remote access. Users are advised to update their accounts with the latest security patches to mitigate this risk. Source: Cybersecurity News
2. WhatsApp Global Spyware Campaign: A global spyware campaign conducted by an Israeli firm has been targeting WhatsApp users. The spyware can access personal data and compromise user privacy. Users are advised to update their WhatsApp application to the latest version. Source: SC Media
3. Record Number of Exploited Security Vulnerabilities in 2024: A record number of security vulnerabilities were exploited in 2024, highlighting the importance of regular system updates and the use of reliable security software. Users are advised to stay vigilant and keep their systems updated. Source: SC Media
4. CISA, FDA Warn of Backdoor in Contec Patient Monitors: The FDA and CISA have issued a warning about cybersecurity vulnerabilities in Contec patient monitors, which could allow cyberthreat actors to bypass security measures. Healthcare providers are advised to update their systems and monitor their devices closely. Source: TechTarget
5. Government Cyber Alert Over Vulnerabilities in Wearable Devices: The government has issued a cyber alert over security vulnerabilities associated with wearable devices. Users are advised to update their devices and be aware of the potential risks. Source: Aaj English TV

Vulnerabilities & Patches

1. Roundcube XSS Flaw Allows Attackers to Inject Malicious Files: A new vulnerability in Roundcube allows attackers to inject malicious files through XSS. A patch has been released that ensures stricter input validation during file uploads, mitigating the risk of XSS. Source: GBHackers
2. Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score: Microsoft has addressed two critical flaws, CVE-2025-21415 (CVSS 9.9) and CVE-2025-21396, in Azure AI Face Service and Microsoft. These patches address privilege escalation risks. Source: The Hacker News
3. Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104: Google's February 2025 update patches 47 Android flaws, including CVE-2024-53104, which is being actively exploited, and CVE-2024-45569 in Qualcomm WLAN. Source: The Hacker News
4. Samsung February 2025 Security Patch Details Published: Samsung has updated the details of the latest security patch for its Galaxy devices. The patch addresses various vulnerabilities. Source: Sammy Fans
5. PoC Exploit Released for Active Directory Domain Services Privilege Escalation Vulnerability: A proof-of-concept (PoC) exploit code has been released for a vulnerability in Active Directory Domain Services. Microsoft addressed this vulnerability in its January 2025 Patch Tuesday updates. Source: Cybersecurity News

Podcasts

1. Protect your small business from cyber criminals - intheblack - CPA Australia: This podcast provides essential tips for small businesses to protect themselves from cyber threats. It emphasizes the importance of regular updates and the use of strong passwords. Source: intheblack.cpaaustralia.com.au
2. Federal agencies in power struggle crossfire - CyberWire: Hosted by Dave Bittner, this podcast discusses the ongoing power struggles within federal agencies and their impact on cybersecurity. It provides a daily intelligence roundup for listeners. Source: thecyberwire.com
3. CISO Series Podcast LIVE in Orlando, FL (02-21-25): The CISO Series Podcast is heading to Orlando for a live recording. The episode will focus on the concept of Zero Trust in cybersecurity. Source: cisoseries.com
4. Cybersecurity in Retail Podcast: Why retail can't dismiss the need for cybersecurity - Capgemini: This episode of the Capgemini Cybersecurity Podcast discusses the importance of cybersecurity in the retail sector. It emphasizes that retailers cannot afford to ignore the need for robust cybersecurity measures. Source: capgemini.com
5. Semgrep non-drama, Facebook hates Linux – Vulns in Cars, Cell Towers, M365, and more: This episode of Enterprise Security Weekly discusses a range of topics including vulnerabilities in cars, cell towers, and Microsoft 365. It also covers the ongoing issues between Facebook and Linux. Source: scworld.com

Final Words

That's a wrap for today's edition of ONSEC Cyber Daily. We've covered a lot of ground, from the Microsoft Accounts Authentication Bypass Vulnerability to the latest patches and cybersecurity alerts. Remember, in the world of cybersecurity, knowledge is power. The more informed you are, the better you can protect yourself and your organization from potential threats. If you found this newsletter helpful, why not share it with your friends and colleagues? They might find it useful too. And don't forget to tune in tomorrow for more updates on the latest in cybersecurity. Stay safe, stay informed, and keep sharing the knowledge. Until next time!

x.com

X (formerly Twitter)

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn