Infosec bits for 2025 week 9

Zoya Vilakazi | Feb. 28, 2025, 10:32 a.m.

Cybersecurity News:

Threat Actors Delivering Ransomware Via Microsoft Teams Using Voice Calls [Tushar Subhra Dutta, Cyber Security News]

Growing Cyber Threats [Mamsi Nkosi, IT News Africa]

Malware and breaches:

PowerSchool data breach [Guest Author, Ed Tech Innovation Hub]

Ransomware threats [Mandvi, Cyber Press]

Microsoft 365 Accounts Get Sprayed by Mega-Botnet [Kristina Beek, Dark Reading]

VSCode extensions with 9 million installs pulled over secuirty risks [Bill Toulas, Bleeping Computer]

Vulnerabilities:

Open Source Vulnerabilities [Jordyn Alger, Security Magazine]

GitLab Vulnerabilities [Divya, GB Hackers]

SonicWall firewall vulnerabilities [David Jones, Cybersecurity Dive]

Industrial System Cyberattacks [Robert Lemos, Dark Reading]

Other:

NEC XON, Fortinet join forces to strengthen telco, ISP cyber security [Scarlet Letter, Scarlet Letter]

Ciaco opens PoP in South Africa [Schalk Burger, Creamer Media's Engineering News]

Five best practices for securing Active Directory service accounts [Specops Software, Bleeping Computer]

AI Can Supercharge Productivity, But We Still Need a Human-in-the-Loop [Marc Solomon, Secuirty Week]