Cybersecurity Daily: January 10, 2024

Your daily dose of relevant cybersecurity advisories, industry news, and product updates for January 10, 2024.

Alerts & Advisories

• Hackers target Microsoft SQL servers in Mimic ransomware attacks
• Ivanti patches critical EPM flaw that could allow hackers to hijack managed devices
• Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V
• CISA Flags 6 Vulnerabilities – Apple, Apache, Adobe , D-Link, Joomla Under Attack
• Kyocera Device Manager Vulnerability Exposes Enterprise Credentials
• Cacti Monitoring Tool Spiked by Critical SQL Injection Vulnerability
• Multiple QNAP High-Severity Flaws Let Attackers Execute Remote Code
• Microsoft January 2024 Patch Tuesday fixes 49 flaws, 12 RCE bugs
• Android’s January 2024 Security Update Patches 58 Vulnerabilities
• SAP’s First Patches of 2024 Resolve Critical Vulnerabilities
• Beware Weaponized YouTube Channels Spreading Lumma Stealer

Cybersecurity News

• China claims it cracked Apple’s AirDrop to find numbers, email addresses
• SEC Chair Says Account on X Was Hacked
• 23andMe: ‘Negligent’ Users at Fault for Breach of 6.9M Records
• Cyber-Focused FBI Agents Deploy to Embassies Globally
• Russian Hackers Had Covert Access to Ukraine’s Telecom Giant for Months
• Ukraine Claims Revenge Hack Against Moscow Internet Provider
• CISA warns agencies of fourth flaw used in Triangulation spyware attacks
• Hospitality Hackers Target Hotels’ Booking.com Logins
• Swatting’ Becomes Latest Extortion Tactic in Ransomware Attacks
• AI And Ad Fraud: Growing Risks for Marketers Using Google’s AI-Based Advertising Campaigns
• Orange Spain Faces BGP Traffic Hijack After RIPE Account Hacked by Malware

Products & Service

• Hewlett Packard Enterprise to Acquire Juniper Networks for $14 Billion
• TitanHQ Launches PhishTitan to Combat Advanced Phishing Attacks
• Cyqur Launches A Game-Changing Data Encryption and Fragmentation Web Extension
• Delinea Acquires Authomize to Tackle Identity-Based Threats
• Bluefin enhances ShieldConex with enterprise security proxy service
• Dasera expands data security posture management capabilities to Microsoft 365

For the latest news on malware and ransomware, check out our latest Weekly Malware Roundup.