Cyber Daily 8/1: Microsoft SharePoint Breach, iOS Vulnerabilities, Fermilab Cyberattack, GreyNoise Research on Hacker Activity

Cyber Daily 8/1: Microsoft SharePoint Breach, iOS Vulnerabilities, Fermilab Cyberattack, GreyNoise Research on Hacker Activity

ONSEC Cyber Daily: August 1st Edition. Welcome to today's edition of ONSEC Cyber Daily, where we unravel the intricate web of cybersecurity threats and solutions. In a world where vulnerabilities lurk in the shadows, today's issue is a clarion call to action. From the looming specter of the next "SharePoint-ageddon" to the Federal Office for Information Security's urgent warnings about iOS vulnerabilities, the message is clear: vigilance is paramount. As cyberattacks become more sophisticated, organizations must prioritize cybersecurity as a core business function. The recent wave of SharePoint zero-day attacks serves as a stark reminder of the critical need for rapid response and robust defense mechanisms. Meanwhile, the accelerated exploitation of vulnerabilities, as seen with the AutoColor malware and SAP NetWeaver bug, underscores the importance of staying ahead of threat actors. In this issue, we explore how organizations can bolster their cyber resilience, leveraging tools like the Vulnerability Scoring System (CVSS) to prioritize threats effectively. We also delve into the latest research linking hacker activity to future vulnerabilities, offering a glimpse into the proactive measures needed to safeguard your digital assets. Join us as we navigate the ever-evolving landscape of cybersecurity, armed with insights and strategies to protect against the next wave of cyber threats. Stay informed, stay secure, and remember: in the realm of cybersecurity, knowledge is your greatest ally.

Exploits Alert

  1. Dahua Camera Flaws Allow Remote Hijack: A critical vulnerability in Dahua cameras, scoring 8.1 on the CVSS scale, allows remote hijacking of devices. Users are strongly advised to apply the latest patches to secure their systems against potential exploitation. Source: Fast Company
  2. SonicWall VPN Vulnerabilities Disclosed: SonicWall has disclosed multiple vulnerabilities in its VPN products, which could lead to pre-auth stack/heap overflows and XSS attacks. Users are urged to patch their systems promptly to mitigate these risks. Source: Tech Critter
  3. Apple Patches iOS and iPadOS Vulnerabilities: Apple has released patches for vulnerabilities in iOS and iPadOS that could lead to address bar spoofing. Users are encouraged to update their devices immediately to protect against potential attacks. Source: Yahoo
  4. US Fermilab Hit By Cyberattack Amid Global Microsoft SharePoint Vulnerability: A cyberattack on US Fermilab has been linked to a global vulnerability in Microsoft SharePoint, highlighting the critical need for organizations to update their systems and apply security patches. Source: MSN
  5. Auto-Color Malware Paired with SAP NetWeaver Bug to Launch Attack: The Auto-Color malware has been used in conjunction with an SAP NetWeaver bug to launch sophisticated attacks. Organizations using SAP NetWeaver are advised to apply patches and enhance their security measures to prevent exploitation. Source: SC Media

Vulnerabilities & Patches

  1. SharePoint-ageddon Attacks Riddled with Free Warlock Ransomware: Recent attacks have exploited severe vulnerabilities in SharePoint, specifically CVE-2025-53770, allowing attackers to deploy Warlock ransomware. The lack of login requirements for these exploits makes them particularly dangerous, urging organizations to apply security updates immediately. Source
  2. Top CVEs of July 2025: Exploits, Exposure, and the Risks: This report highlights the most critical vulnerabilities of July 2025, emphasizing the need for timely patch updates. CVE-2025-6558, affecting Google Chrome, is particularly notable for its active exploitation, underscoring the importance of staying updated with security patches. Source
  3. iOS 18.6 and macOS Sequoia 15.6 Patch Zero-Day Exploit Used in Chrome Attacks: Apple has released updates for iOS and macOS to address CVE-2025-6558, a zero-day exploit actively used in Chrome attacks. This vulnerability allows remote code execution, making it crucial for users to update their devices promptly. Source
  4. Asus Releases Security Updates for Routers After Major Vulnerabilities Surface: Asus has issued security updates for its routers following the discovery of significant vulnerabilities, including CVE-2024-3080. Users are advised to disable AiCloud on unsupported models and update their firmware to protect against potential threats. Source
  5. Critical SUSE Manager Flaw Allows Remote Execution of Arbitrary Commands as Root: A critical vulnerability, CVE-2025-46811, in SUSE Manager allows remote execution of commands as root. Users are urged to update to the latest patch levels to mitigate this high-risk threat. Source

Podcasts

  1. Let's Talk Asset Management: FCA's Review into Smaller Asset Management Firms: In this episode, Hannah Meakin, Lucy Dodson, and Simon Lovegrove delve into the Financial Conduct Authority's review of smaller asset management firms. They explore the implications of regulatory changes and how these firms can adapt to maintain compliance and competitiveness in the evolving financial landscape. Source
  2. EU-Startups Podcast | Episode 129: Nikolaus Thomale, Founder & Managing Director of MYNE Homes: Nikolaus Thomale shares insights into the founding and growth of MYNE Homes, discussing the challenges and opportunities in the European startup ecosystem. This episode provides valuable lessons for aspiring entrepreneurs and highlights the importance of innovation in the real estate sector. Source
  3. Speaking Security in Board Language - CyberWire: Host David explores how security professionals can effectively communicate cybersecurity risks and strategies to board members. This episode emphasizes the importance of aligning security initiatives with business objectives to gain executive support and drive organizational resilience. Source
  4. Sextorted: The Hidden Crisis Targeting Teen Boys - The Dr. Phil Podcast: Cybersecurity expert James McGibney discusses the alarming rise of sextortion cases targeting teenage boys. This episode sheds light on the psychological and social impacts of this crime and offers advice for parents and guardians on how to protect their children from online predators. Source
  5. How Can AI Provide Useful Guidance from Fragmented Security Data? - CISO Series: This episode explores the potential of AI to synthesize fragmented security data into actionable insights. The discussion highlights the challenges of data integration and the role of AI in enhancing decision-making processes for cybersecurity professionals. Source

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, let's take a moment to reflect on the importance of staying vigilant in the ever-evolving landscape of cybersecurity. The recent wave of SharePoint vulnerabilities serves as a stark reminder that no organization is immune to cyber threats. By prioritizing cybersecurity, responding swiftly to alerts, and leveraging tools like the Vulnerability Scoring System (CVSS), your organization can fortify its defenses against potential attacks. Remember, cybersecurity is not just an IT issue; it's a business imperative. As the Federal Office for Information Security warns, staying informed and proactive is key to safeguarding your digital assets. Whether it's patching vulnerabilities or enhancing cyber resilience, every step counts in building a robust security posture. We hope you found today's insights valuable. If you did, please share this newsletter with your friends and colleagues. Together, we can create a more secure digital world. Until next time, stay safe and stay informed!

ONSEC.io | LinkedIn
ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.
x.com