This past week has been packed with unsettling developments in the world of cybersecurity. From silent but serious attacks on popular business tools to unexpected flaws lurking in everyday devices, there’s a lot that might have flown under your radar. Attackers are adapting old tricks, uncovering new ones, and targeting systems both large and small.
Meanwhile, law enforcement has scored wins against some shady online marketplaces, and technology giants are racing to patch problems before they become a full-blown crisis.
If you’ve been too busy to keep track, now is the perfect time to catch up on what you may have missed.
Cleo Vulnerability Comes Under Active Exploitation — A critical vulnerability (CVE-2024-50623) in Cleo’s file transfer software—Harmony, VLTrader, and LexiCom—has been actively exploited by cybercriminals, creating major security risks for organizations worldwide. The flaw enables attackers to execute code remotely without authorization by exploiting an unrestricted file upload feature. Cybersecurity firms like Huntress and Rapid7 observed mass exploitation beginning December 3, 2024, where attackers used PowerShell commands and Java-based tools to compromise systems, affecting over 1,300 exposed instances across industries. The ransomware group Termite is suspected in these attacks, using advanced malware similar to tactics previously seen from the Cl0p ransomware group.
There are seven critical reasons to protect your Microsoft 365 data – are you familiar with them all? Check out this infographic to see them all.
Heads up! Some popular software has serious security flaws, so make sure to update now to stay safe. The list includes — CVE-2024-11639 (Ivanti CSA), CVE-2024-49138 (Windows CLFS Driver), CVE-2024-44131 (Apple macOS), CVE-2024-54143 (OpenWrt), CVE-2024-11972 (Hunk Companion plugin), CVE-2024-11205 (WPForms), CVE-2024-12254 (Python), CVE-2024-53677 (Apache Struts), CVE-2024-23474 (SolarWinds Access Rights Manager), CVE-2024-43153, CVE-2024-43234 (Woffice theme), CVE-2024-43222 (Sweet Date theme), JS Help Desk (JS Help Desk plugin), CVE-2024-54292 (Appsplate plugin), CVE-2024-47578 (Adobe Document Service), CVE-2024-54032 (Adobe Connect), CVE-2024-53552 (CrushFTP), CVE-2024-55884 (Mullvad VPN), and CVE-2024-28025, CVE-2024-28026, CVE-2024-28027, CVE-2024-21786 (MC Technologies MC-LR Router), CVE-2024-21855, CVE-2024-28892, and CVE-2024-29224 (GoCast).
Why Even the Best Companies Get Hacked – And How to Stop It — In a world of ever-evolving cyber threats, even the best-prepared organizations with cutting-edge solutions can fall victim to breaches. But why does this happen—and more importantly, how can you stop it?
Join us for an exclusive webinar with Silverfort’s CISO, John Paul Cunningham.
Here’s what you’ll learn:
Learn how to align cybersecurity with business goals, address blind spots, and stay ahead of modern threats.
👉 Register now
Clipboard Monitoring – Stop Data Leaks Before They Happen — Did you know the clipboard on your devices could be a silent leak of sensitive data? Clipboard monitoring is an effective way to detect sensitive data being copied and shared, whether by attackers or through accidental misuse. Advanced tools like Sysmon, with event logging (Event ID 10), enable real-time monitoring of clipboard activities across endpoints. Enterprise solutions such as Symantec DLP or Microsoft Purview incorporate clipboard tracking into broader data loss prevention strategies, flagging suspicious patterns like bulk text copying or attempts to exfiltrate credentials. For personal use, tools like Clipboard Logger can help track clipboard history. Educate your team about the risks, disable clipboard syncing when unnecessary, and configure alerts for sensitive keywords. Clipboard monitoring provides an additional layer of security to protect against data breaches and insider threats.
Beyond the headlines, one overlooked area is personal cybersecurity hygiene. Attackers are now combining tactics, targeting not just businesses but also employees’ personal devices to gain entry into secure networks. Strengthening personal device security, using password managers, and enabling multi-factor authentication (MFA) across all accounts can act as powerful shields. Remember, the security of an organization is often only as strong as its weakest link, and that link might be someone’s smartphone or home Wi-Fi.
