<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 3/14/2025

SHARE

Top News

Salt Typhoon: A Wake-up Call for Critical Infrastructure

The Salt Typhoon cyberattacks marked a sobering milestone in the evolution of large-scale cyber threats. These sophisticated intrusions targeted critical infrastructure across the United States, specifically US Internet service provider (ISP) networks, thus disrupting essential services in sectors that include energy, transportation, and healthcare. The attackers not only caused operational downtime and financial losses but also evaded detection with alarming precision. READ MORE...

Software Updates

Juniper patches bug that let Chinese cyberspies backdoor routers

?Juniper Networks has released emergency security updates to patch a Junos OS vulnerability exploited by Chinese hackers to backdoor routers for stealthy access. This medium severity flaw (CVE-2025-21590) was reported by Amazon security engineer Matteo Memelli and is caused by an improper isolation or compartmentalization weakness. Successful exploitation lets local attackers with high privileges execute arbitrary code on vulnerable routers to compromise the devices' integrity. READ MORE...


Cisco Patches 10 Vulnerabilities in IOS XR

Cisco on Wednesday announced patches for 10 vulnerabilities in IOS XR, including five that could be exploited to cause denial-of-service (DoS) conditions. The most severe of the DoS flaws are CVE-2025-20142 and CVE-2025-20146, high-severity issues that impact the IPv4 access control list (ACL) feature, quality of service (QoS) policy, and the Layer 3 multicast feature of ASR 9000 series, ASR 9902, and ASR 9903 routers. READ MORE...

Exploits/Vulnerabilities

94% of Wi-Fi networks lack protection against deauthentication attacks

A recent report from Nozomi Networks Labs, based on an analysis of over 500,000 wireless networks worldwide, reveals that only 6% are adequately protected against wireless deauthentication attacks. Most wireless networks, including those in mission-critical environments, remain highly exposed to these attacks. In healthcare, for example, vulnerabilities in wireless networks could lead to unauthorized access to patient data or interference with critical systems. READ MORE...


Car Exploit Allows You to Spy on Drivers in Real Time

Researchers have demonstrated how to plant spyware in someone's car using a third-party in-vehicle infotainment system (IVI). The Pioneer DMH-WT7600NEX is a thousand-dollar aftermarket IVI in 2010s-era consumer vehicles. But it carries a kind of bring-your-own-device (BYOD) risk to the family SUV. At Pwn2Own Automotive 2024, security researchers combined a trio of zero-day exploits together to burrow inside of the Pioneer DMH and plant spyware capable of exfiltrating a variety of data. READ MORE...

On This Date

  • ...in 1879, theoretical physicist Albert Einstein, responsible for the Theory of Relativity, is born in Ulm, Germany.
  • ...in 1923, American photographer Diane Arbus, known for her images of ordinary people and outsiders, is born in New York City.
  • ...in 1994, version 1.0.0 of the Linux kernel is released by Linus Torvalds and other various contributors.
  • ...in 2009, the first officially-recognized National Pi Day was celebrated in honor of the indispensable mathematical constant.