Skyhigh Security CloudCast

From the CloudCast Studios, I'm Scott Schlee, and these are your cybersecurity headlines for the week of Wednesday, February 12th, 2025. Headlines this week: Critical Remote Code Execution Vulnerability in Microsoft Outlook Ransomware Payments Decline by 35% in 2024 GrubHub Discloses Data Breach Affecting Users and Partners Spyware Firm Cuts Ties with Italy Amid Targeting Allegations Microsoft Warns of Attacks Exploiting ASP.NET Machine Keys Lazarus Group Targets Professionals with Job-Themed Malware SparkCat Malware Campaign Targets Cryptocurrency Wallets Silent Lynx Group Targets Central Asian Organizations Engineer IMI Suffers Cyberattack Following Similar Incident at Smiths Group Taiwan Bans DeepSeek AI Over National Security Concerns Thank you again for listening to Skyhigh Cloudcast. If you've enjoyed this episode, be sure to subscribe on your favorite platform so you never miss an update. If you like the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit skyhighsecurity.com. Sources: Taiwan Bans DeepSeek AI Over National Security Concerns: diesec.com Critical Remote Code Execution Vulnerability in Microsoft Outlook: diesec.com Ransomware Payments Decline by 35% in 2024: diesec.com GrubHub Discloses Data Breach Affecting Users and Partners: diesec.com Spyware Firm Cuts Ties with Italy Amid Targeting Allegations: diesec.com Microsoft Warns of Attacks Exploiting ASP.NET Machine Keys: thehackernews.com Lazarus Group Targets Professionals with Job-Themed Malware: thehackernews.com SparkCat Malware Campaign Targets Cryptocurrency Wallets: thehackernews.com Silent Lynx Group Targets Central Asian Organizations: thehackernews.com Engineer IMI Suffers Cyberattack Following Similar Incident at Smiths Group: cybersecurity-review.com ----------- CloudCast is hosted by Skyhigh Security’s very own Digital Experience Manager, Scott Schlee. Scott’s engaging demeanor and wit, backed by over 20 years in digital media production and web development, has led to successful collaborations with top-tier brands. His experience includes hosting and producing a wide range of podcasts and videos. Scott has been recognized for his outstanding work, including an award-winning digital short and a Webby Awards nomination for Viral Marketing (Branded). Beyond his professional achievements, Scott’s personal journey as a decade-long pancreatic cancer survivor has led him to share his story with the U.S. Congress and other organizations as an advocate for increased cancer research funding. Transcript From the CloudCast Studios, I'm Scott Schlee, and these are your cybersecurity headlines for the week of Wednesday, February 12th, 2025. A Critical Remote Code Execution Vulnerability Has Been Discovered in Microsoft Outlook: The Cybersecurity and Infrastructure Security Agency issued an urgent alert about an actively exploited vulnerability in Microsoft Outlook. Attackers can execute remote code by bypassing Outlook's protections using a simple URL trick, endangering sensitive data. Federal agencies and private organizations are urged to apply patches promptly to mitigate this threat. GrubHub Has Disclosed A Data Breach Affecting Users and Partners: Food delivery service GrubHub reported a data breach resulting from a compromised third-party service provider account. Exposed information includes names, emails, phone numbers, and partial payment details of some campus diners. GrubHub has terminated the unauthorized access, enhanced security measures, and advises users to maintain strong, unique passwords. Paragon Solutions Cuts Ties with Italy Amid Targeting Allegations: Israeli spyware company Paragon Solutions has severed relationships with its Italian clients following allegations that its software was used to target government critics. A recent spyware campaign affected 90 users acro...