Laatste Verhalen

Blijf op de hoogte van alles bij Approach

Blog article

Weekly Digest Week 28 – 2025

Publicatiedatum

11.07.2025

Featured Story

Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server

Microsoft’s July 2025 Patch Tuesday addresses 130 vulnerabilities across its product portfolio, including a critical buffer overflow in SPNEGO (CVE-2025-47981, CVSS 9.8). While there are no active zero-days this month, this flaw allows unauthenticated remote code execution, with researchers warning it could be “wormable” like WannaCry.

SOC Analysis: This July Patch Tuesday marks a major shift with no zero-day exploits, but CVE-2025-47981 remains extremely dangerous. With Microsoft rating it as “More Likely” to be exploited and researchers drawing parallels to WannaCry, organizations should treat this as an emergency. Patch immediately and review network segmentation and lateral movement protections.

Other Stories

Public Exploits Released for Citrix Bleed 2 NetScaler Flaw

Researchers released proof-of-concept (PoC) exploits for CVE‑2025‑5777, a critical vulnerability dubbed CitrixBleed2. It allows memory content leakage during login via malformed POST requests. Attackers can extract session tokens to hijack user sessions.

SOC Analysis: The release of public exploits significantly raises the threat level. Externally facing NetScaler devices must be patched immediately. Admins should also monitor for unusual POST requests and terminate existing sessions. Expect widespread scanning and exploitation attempts in the wild.

Hundreds of Malicious Domains Registered Ahead of Prime Day

Over 1000 new domains resembling “Amazon” or “Prime Day” were registered in June 2025—87% of them flagged as malicious. These phishing sites impersonate login or checkout pages, aiming to steal credentials and personal data from unsuspecting shoppers.

SOC Analysis: The Prime Day attack campaign is a textbook case of opportunistic phishing. Users are more susceptible during major shopping events. Organizations should double down on seasonal phishing awareness, encourage users to verify domains, and avoid clicking promotional email links.

INAMI Phishing Campaign Targets Belgian Citizens

Cybercriminals are impersonating Belgium’s INAMI to phish citizens with refund offers and verification requests. These messages exploit trust in government institutions to lure users into sharing personal data.

SOC Analysis: Government impersonation campaigns continue to be effective due to their credibility. Organizations should promote user education around fake refund schemes and always validate the authenticity of any communication from institutions like INAMI. Suspicious messages can be forwarded to:
  • verdacht@safeonweb.be
  • suspect@safeonweb.be
  • suspicious@safeonweb.be

ANDERE VERHALEN

Weekly Digest Week 32 – 2025

Weekly Digest Week 30 – 2025

Weekly Digest Week 29 – 2025

Neem contact met ons op voor meer informatie over onze diensten en oplossingen

Ons team helpt je op weg naar cybersereniteit

Stuur je ons liever een e-mail?

info@approach-cyber.com

Facebook-f Linkedin-in Youtube

Onze certificeringen en labels

Facebook-f Linkedin-in Youtube
Facebook-f Linkedin-in Youtube