Schneider Electric, Siemens, CISA, and Phoenix Contact have released January 2025 Patch Tuesday ICS security advisories.
The post ICS Patch Tuesday: Security Advisories Published by Schneider, Siemens, Phoenix Contact, CISA appeared first on SecurityWeek.
SecurityWeek – Read More
Prague, Czech republic, 15th January 2025, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Foreign interference poses a persistent and evolving threat to Australia’s sovereignty, democracy, and national interests. Recognizing the critical importance of addressing these risks, the Australian Government has launched the “Countering Foreign Interference in Australia: Working Together Towards a More Secure Australia” initiative.
This comprehensive strategy outlines measures to identify, mitigate, and prevent foreign interference while empowering individuals and organizations to protect themselves.
Defining Foreign Interference
Foreign interference encompasses activities conducted on behalf of foreign powers that pose threats to individuals, infrastructure, or institutions. Unlike foreign influence, which operates transparently, foreign interference relies on clandestine, deceptive, and harmful methods to undermine Australia’s interests, the Australian Department of Home Affairs said.
The Director-General of Security Mike Burgess had earlier warned that espionage and foreign interference represent Australia’s principal security concerns. “If we had a threat level for espionage and foreign interference it would be at CERTAIN – the highest level on the scale. The threat is now. And the threat is deeper and broader than you might think.”
The Director-General’s comments indicated that more Australians are being targeted than ever before. Failure to counteract these activities risks long-term consequences, including undermining democratic values, economic prosperity, and social cohesion.
Example: Protesters advocating against foreign regimes may face harassment or threats to their families abroad.
Example: Covertly influencing campaign donations to push policies favorable to foreign interests.
Example: Recruitment of academics by foreign entities to redirect research toward military or commercial objectives.
Example: Hidden affiliations in joint ventures exposing Australian companies to espionage.
Example: Influencing editorial decisions to align with foreign narratives, reducing transparency in public discourse.
The Australian Government has adopted a multi-faceted approach to mitigate risks and strengthen resilience:
The Australian Government stressed on the shared responsibility in countering foreign interference. Individuals and organizations must take proactive steps to safeguard their interests:
Australia’s coordinated response involves collaboration across government, industry, and international allies. By fostering partnerships and sharing intelligence, Australia aims to:
Foreign interference poses a significant challenge to Australia’s democratic integrity, national security, and social fabric. The launch of “Countering Foreign Interference in Australia” demonstrates the government’s commitment to addressing these threats through robust legislation, strategic initiatives, and public engagement.
By working together, individuals, organizations, and the government can mitigate risks, ensure resilience, and safeguard Australia’s future. Reporting suspicious activities, adopting best practices, and fostering a culture of vigilance are critical components of this collective effort to counter foreign interference effectively.
The post Australia Launches ‘Countering Foreign Interference’ Initiative to Safeguard Sovereignty and Democracy appeared first on Cyble.
Blog – Cyble – Read More
The U.S. Department of Justice (DoJ) on Tuesday disclosed that a court-authorized operation allowed the Federal Bureau of Investigation (FBI) to delete PlugX malware from over 4,250 infected computers as part of a “multi-month law enforcement operation.”
PlugX, also known as Korplug, is a remote access trojan (RAT) widely used by threat actors associated with the People’s Republic of China (PRC
The Hacker News – Read More
Cybersecurity researchers have disclosed multiple security flaws in SimpleHelp remote access software that could lead to information disclosure, privilege escalation, and remote code execution.
Horizon3.ai researcher Naveen Sunkavally, in a technical report detailing the findings, said the “vulnerabilities are trivial to reverse and exploit.”
The list of identified flaws is as follows –
The Hacker News – Read More
Microsoft kicked off 2025 with a new set of patches for a total of 161 security vulnerabilities across its software portfolio, including three zero-days that have been actively exploited in attacks.
Of the 161 flaws, 11 are rated Critical, and 149 are rated Important in severity. One other flaw, a non-Microsoft CVE related to a Windows Secure Boot bypass (CVE-2024-7344), has not been assigned
The Hacker News – Read More
In 2024, the Taiwanese government saw the daily average of attempted attacks by China double to 2.4 million, with a focus on government targets and telecommunications firms.
darkreading – Read More
Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017.
Rapid7‘s Adam Barnett says January marks the fourth consecutive month where Microsoft has published zero-day vulnerabilities on Patch Tuesday without evaluating any of them as critical severity at time of publication. Today also saw the publication of nine critical remote code execution (RCE) vulnerabilities.
The Microsoft flaws already seeing active attacks include CVE-2025-21333, CVE-2025-21334 and, you guessed it– CVE-2025-21335. These are sequential because all reside in Windows Hyper-V, a component that is heavily embedded in modern Windows 11 operating systems and used for security features including device guard and credential guard.
Tenable’s Satnam Narang says little is known about the in-the-wild exploitation of these flaws, apart from the fact that they are all “privilege escalation” vulnerabilities. Narang said we tend to see a lot of elevation of privilege bugs exploited in the wild as zero-days in Patch Tuesday because it’s not always initial access to a system that’s a challenge for attackers as they have various avenues in their pursuit.
“As elevation of privilege bugs, they’re being used as part of post-compromise activity, where an attacker has already accessed a target system,” he said. “It’s kind of like if an attacker is able to enter a secure building, they’re unable to access more secure parts of the facility because they have to prove that they have clearance. In this case, they’re able to trick the system into believing they should have clearance.”
Several bugs addressed today earned CVSS (threat rating) scores of 9.8 out of a possible 10, including CVE-2025-21298, a weakness in Windows that could allow attackers to run arbitrary code by getting a target to open a malicious .rtf files, which are documents typically opened on Office applications like Microsoft Word. Microsoft has rated this flaw “exploitation more likely.”
Bob Hopkins at Immersive Labs called attention to the CVE-2025-21311, a 9.8 “critical” bug in Windows NTLMv1 (NT LAN Manager version 1), an older Microsoft authentication protocol that is still used by many organizations.
“What makes this vulnerability so impactful is the fact that it is remotely exploitable, so attackers can reach the compromised machine(s) over the internet, and the attacker does not need significant knowledge or skills to achieve repeatable success with the same payload across any vulnerable component,” Hopkins wrote.
Kev Breen at Immersive points to an interesting flaw (CVE-2025-21210) that Microsoft fixed in its full disk encryption suite Bitlocker that the software giant has dubbed “exploitation more likely.” Specifically, this bug holds out the possibility that in some situations the hibernation image created when one closes the laptop lid on an open Windows session may not be fully encrypted and could be recovered in plain text.
“Hibernation images are used when a laptop goes to sleep and contains the contents that were stored in RAM at the moment the device powered down,” Breen noted. “This presents a significant potential impact as RAM can contain sensitive data (such as passwords, credentials and PII) that may have been in open documents or browser sessions and can all be recovered with free tools from hibernation files.”
Tenable’s Narang also highlighted a trio of vulnerabilities in Microsoft Access fixed this month and credited to Unpatched.ai, a security research effort that is aided by artificial intelligence looking for vulnerabilities in code. Tracked as CVE-2025-21186, CVE-2025-21366, and CVE-2025-21395, these are remote code execution bugs that are exploitable if an attacker convinces a target to download and run a malicious file through social engineering. Unpatched.ai was also credited with discovering a flaw in the December 2024 Patch Tuesday release (CVE-2024-49142).
“Automated vulnerability detection using AI has garnered a lot of attention recently, so it’s noteworthy to see this service being credited with finding bugs in Microsoft products,” Narang observed. “It may be the first of many in 2025.”
If you’re a Windows user who has automatic updates turned off and haven’t updated in a while, it’s probably time to play catch up. Please consider backing up important files and/or the entire hard drive before updating. And if you run into any problems installing this month’s patch batch, drop a line in the comments below, please.
Further reading on today’s patches from Microsoft:
Krebs on Security – Read More
Company has issued patches for an unprecedented 159 CVEs, including eight zero-days, three of which attackers are already exploiting.
darkreading – Read More
