ONSEC Cyber Daily: July 23, 2025. Welcome to today's edition of ONSEC Cyber Daily, where the digital battlefield is more intense than ever. The United Kingdom has taken a bold step to combat ransomware by banning public sector payments, sending a strong message to cybercriminals worldwide. Meanwhile, a storm brews as Chinese nation-state hackers exploit critical vulnerabilities in Microsoft SharePoint, putting over 9,000 servers at risk. This has triggered a global alert, with organizations scrambling to patch their systems and mitigate damage. As the U.S. and UK cybersecurity agencies issue urgent warnings, the spotlight is on operational tech, often overlooked in cyber defense strategies. Stay informed as we unravel these interconnected threats and explore the implications for global cybersecurity resilience.

Exploits Alert

1. UK Exposes APT 28's AUTHENTIC ANTICS Malware Campaign: The UK has revealed a sophisticated malware campaign dubbed "AUTHENTIC ANTICS" attributed to the Russian APT 28 group. This campaign has been targeting critical infrastructure and government systems, leveraging advanced techniques to evade detection. The exposure aims to bolster defenses and alert global cybersecurity communities to the ongoing threat. Source: Cyble.
2. Ring Warns of Backend Update Bug Leading to Unauthorized Access: Ring has issued a warning regarding a backend update bug that has caused a surge in unauthorized devices accessing user accounts. The company denies any breach but advises users to enhance their account security by enabling two-factor authentication and regularly updating passwords. This incident highlights the importance of robust security measures in IoT devices. Source: LinkedIn.
3. Cisco Warns of Identity Services Engine RCE Vulnerability Exploited in the Wild: Cisco has alerted users to a critical remote code execution (RCE) vulnerability in its Identity Services Engine (ISE), which is being actively exploited. The vulnerability allows attackers to execute arbitrary code on affected systems, posing significant risks to enterprise networks. Cisco urges immediate patching to mitigate potential impacts. Source: Cybersecurity News.
4. Weak Password Leads to Ransomware Attack Shutting Down 158-Year-Old Company: A historic 158-year-old company has been forced to shut down following a ransomware attack facilitated by a weak password. This incident underscores the critical importance of strong password policies and regular security audits to prevent such devastating cyberattacks. Organizations are reminded to implement comprehensive cybersecurity strategies to protect their assets. Source: CyberPress.
5. United Kingdom To Ban Public Sector Ransomware Payments: The UK government has announced a new policy banning public sector organizations from making ransomware payments. This move, led by Home Office security minister Dan Jarvis, aims to deter cybercriminals by removing the financial incentive for attacks. The policy is part of a broader strategy to strengthen national cybersecurity resilience. Source: LinkedIn.

Podcasts

1. 3 Business Cybersecurity Risks Solved by a Malware Sandbox: This podcast episode delves into how a malware sandbox can effectively mitigate three major cybersecurity risks faced by businesses today. It offers insights into the practical application of sandboxing technology to enhance security measures. Source.
2. The Presumption of Innocence Podcast: Episode 66 - Tariff Uncertainty and Compliance: This episode explores the compliance challenges businesses face due to the Trump administration's fluctuating tariffs. It provides a comprehensive analysis of how these uncertainties impact business operations and compliance strategies. Source.
3. Next in Tech | Ep. 227: Managed Security Services: This episode discusses the evolving landscape of managed security services and their role in enhancing organizational security. Industry experts share insights on the effectiveness and future trends of managed security solutions. Source.
4. The AI Fix #60: Elon's AI girlfriend, the arsonist red panda, and the AI that will kill you: Known for its engaging content, this episode covers a range of intriguing AI-related topics, including the potential risks and ethical considerations of AI advancements. It combines humor and critical analysis to explore the impact of AI on society. Source.
5. Cybercrime Doesn't Pay For Hacker Promoting His 'Cybersecurity' Services: This podcast series features daily episodes that highlight real-world cybercrime cases, featuring insights from victims, law enforcement, and cybersecurity experts. It aims to educate listeners on the realities of cybercrime and the importance of robust cybersecurity measures. Source.

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the cyber landscape is as dynamic as ever. From the UK's bold move to ban public sector ransomware payments to the relentless exploitation of SharePoint vulnerabilities by nation-state actors, the message is clear: vigilance and proactive defense are paramount. These stories remind us of the ever-evolving tactics of cybercriminals and the importance of staying informed and prepared. We hope you found today's insights valuable and urge you to share this newsletter with your friends and colleagues. By spreading awareness, we can collectively strengthen our defenses and stay one step ahead of the threats. Until tomorrow, stay secure and keep your digital world safe.

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)