Latest Stories

Stay up-to-date with everything at Approach

Blog article

Weekly Digest Week 17 – 2025

Publication date

25.04.2025

Featured Story

Lazarus hackers breach six South Korean companies in watering hole attacks

South Korea has been targeted by the prolific North Korea-linked Lazarus Group as part of an espionage campaign dubbed “Operation SyncHole” by researchers at Kaspersky. At least six organizations in sectors including IT, finance, and telecom were compromised between November 2024 and February 2025.

SOC Analysis: In order to avoid this type of attack, we recommend implementing proactive security measures including web traffic monitoring and domain filtering. Ensure all software (especially browsers and plugins) is kept up to date. Utilize endpoint protection and behavioral analytics to detect exploitation attempts.

Other Stories

159 CVEs Exploited in Q1 2025

VulnCheck reports that 159 vulnerabilities were exploited in the wild during Q1 2025 — up from 151 in Q4 2024. Notably, 28.3% were exploited within 24 hours of disclosure. CMS platforms, network edge devices, and operating systems were the most common targets.

SOC Analysis: Prevention is key in cybersecurity. Regularly scan systems for known CVEs and prioritize patching. Use network segmentation and access controls, and ensure endpoint protection is up to date to detect CVE-based attacks.

Cisco Confirms Some Products Impacted by Critical Erlang/OTP Flaw

A critical SSH vulnerability (CVE-2025-32433) in Erlang/OTP may allow unauthenticated attackers to execute arbitrary code. Cisco confirmed exposure in some products and recommends urgent updates to patched OTP versions.

SOC Analysis: Cisco advises updating to fixed Erlang/OTP versions: OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. As a temporary workaround, restrict access to vulnerable SSH servers via firewall rules.

Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts

Russian-linked threat actors are exploiting OAuth 2.0 flows to hijack Microsoft 365 accounts, targeting individuals via WhatsApp and Signal. Victims are tricked into sharing authorization codes or clicking malicious links.

SOC Analysis: Educate users to recognize red flags in mobile phishing (“smishing”) messages. Use mobile threat defense tools and encourage verification via official channels. Set up internal reporting procedures for suspected smishing.

Beware of fraudulent text messages sent in the name of AG Insurance

Smishing messages pretending to be from AG Insurance invite recipients to click a link to receive a refund. These fraudulent messages are part of a wider phishing campaign targeting financial data.

SOC Analysis: Never click links in suspicious SMS messages. Visit the official website directly or use your banking app. Forward suspicious messages to:
verdacht@safeonweb.be, suspect@safeonweb.be, suspicious@safeonweb.be.

OTHER STORIES

Weekly Digest Week 32 – 2025

Weekly Digest Week 30 – 2025

Weekly Digest Week 29 – 2025

Contact us to learn more about our services and solutions

Our team will help you start your journey towards cyber serenity

Do you prefer to send us an email?

info@approach-cyber.com

Facebook-f Linkedin-in Youtube

Our certifications & labels

Facebook-f Linkedin-in Youtube