Information Technology Security Awareness Posts

Hackers Leak Configurations and VPN Credentials for 15,000 FortiGate Devices

Hackers have leaked configurations and VPN credentials for over 15,000 FortiGate devices, exposing organizations to potential breaches. The compromised data allows attackers to gain unauthorized access to corporate networks. Affected entities should immediately change VPN credentials, update device configurations, and apply security patches to mitigate risks. This incident highlights the critical need for regular security audits and proactive defense measures.

By Cybersecurity Team on January 16, 2025

Hackers Exploit Google Search Ads to Hijack Google Ads Accounts

Cybercriminals are exploiting Google Search ads to hijack Google Ads accounts, tricking users into entering credentials on fake login pages. These phishing campaigns redirect victims to fraudulent sites mimicking Google Ads, stealing login details and gaining unauthorized access. Advertisers should avoid clicking sponsored results, use two-factor authentication (2FA), and monitor account activity to prevent fraud. Google is actively investigating the issue.

By Cybersecurity Team on January 16, 2025

WP3.XYZ Malware Campaign Compromises Over 5,000 WordPress Sites

A recent malware campaign leveraging the domain wp3.xyz has compromised over 5,000 WordPress sites, adding rogue admin accounts, installing malicious plugins, and exfiltrating sensitive data. Attackers create unauthorized wpx_admin users, granting full access to infected sites. Website owners are urged to audit admin accounts, remove suspicious plugins, block wp3.xyz, and enable multi-factor authentication (MFA) to mitigate risks.

By Cybersecurity Team on January 16, 2025

Mortgage Investors Group Reports Data Breach

Mortgage Investors Group (MIG) has reported a data breach affecting its systems, potentially exposing personal information. Discovered on December 12, 2024, the breach prompted an investigation, revealing unauthorized access to sensitive data. MIG is notifying affected individuals and offering credit monitoring services. The company has enhanced security measures and advises vigilance in monitoring financial accounts to mitigate risks from the incident.

By Cybersecurity Team on January 15, 2025

Adobe Product Security Updates - January 2025

Adobe released critical security updates in January 2025, addressing vulnerabilities in products like Photoshop, Illustrator for iPad, Substance 3D Stager, Animate, and Substance 3D Designer. These updates mitigate risks of arbitrary code execution and enhance software security. Users are strongly encouraged to update their software to the latest versions to ensure protection and maintain system integrity.

By Cybersecurity Team on January 15, 2025

Biden Signs Executive Order to Accelerate AI Infrastructure Development

President Joe Biden signed an executive order to expedite AI infrastructure development, leasing federal land for gigawatt-scale data centers powered by clean energy. The initiative aims to enhance U.S. AI leadership, bolster national security, and streamline permitting processes. Companies must fund the projects and use sustainable power. This step aligns with private sector investments, ensuring innovation while addressing environmental concerns.

By Cybersecurity Team on January 14, 2025

Microsoft's January 2025 Patch Tuesday: Key Updates and Security Enhancements

Microsoft's January 2025 Patch Tuesday updates address critical security vulnerabilities in Windows 10 and Windows 11. The Windows 11 update (KB5050009) advances the system to Build 26100.2894, focusing on security fixes and minor enhancements. Windows 10 received similar security improvements. Users and administrators are urged to apply these updates promptly to protect systems from potential threats .

By Cybersecurity Team on January 14, 2025

BeyondTrust's CVE-2024-12686: Command Injection Vulnerability in Remote Access Solutions

BeyondTrust's CVE-2024-12686 is a critical command injection vulnerability affecting Privileged Remote Access and Remote Support versions 24.3.1 and earlier. Exploitable by authenticated users with admin privileges, it allows arbitrary OS command execution. Patches are available for supported versions, and CISA has warned of active exploitation, urging immediate updates to mitigate risks.

By Cybersecurity Team on January 14, 2025