Welcome to the Triad Recap, your trusted source for the latest cybersecurity and compliance news. In this edition, we bring you crucial updates on emerging cyber threats, including data breaches, phishing schemes, and sophisticated malware campaigns. Stay informed and take proactive steps to protect your business from evolving cyber risks.
- Critical Ivanti Vulnerability Exploited by UNC5221
A critical stack-based buffer overflow vulnerability (CVE-2025-22457) in Ivanti’s Connect Secure VPN appliances has been actively exploited by the Chinese state-sponsored group UNC5221. This flaw, with a severity score of 9.0, allows unauthenticated remote code execution. Attackers have deployed malware variants TRAILBLAZE and BRUSHFIRE, along with components from the SPAWN ecosystem, to establish persistent access and facilitate credential theft and data exfiltration. Ivanti has released patches and urges users to update to the latest versions to mitigate these risks.
Read More
- Limitations of Traditional CASB Solutions in Addressing Shadow SaaS
A recent report highlights the shortcomings of traditional Cloud Access Security Broker (CASB) solutions in managing ‘Shadow’ SaaS applications. These tools often fail to provide comprehensive visibility and control over unsanctioned apps, leading to potential data exposure and security breaches. The report advocates for a browser-based security approach to ensure real-time protection and governance over all SaaS applications.
Read More
- Port of Seattle Ransomware Breach Affects 90,000 Individuals
The Port of Seattle experienced a ransomware attack in August 2024, attributed to the Rhysida ransomware group, impacting approximately 90,000 individuals. The breach disrupted critical systems, including reservation check-ins and flight operations at Seattle-Tacoma International Airport. The Port declined to pay the ransom and has been notifying affected individuals while enhancing its cybersecurity measures.
Read More
- ‘PoisonSeed’ Phishing Campaign Targets Cryptocurrency Wallets
The ‘PoisonSeed’ phishing campaign has compromised corporate email marketing accounts to send fraudulent emails containing cryptocurrency wallet seed phrases. By hijacking accounts from platforms like Mailchimp and SendGrid, attackers aim to deceive recipients into revealing their wallet recovery phrases, leading to unauthorized access and theft of funds. This campaign underscores the need for heightened vigilance and robust email security protocols.
Read More
- Malicious DeepSeek Ads Distribute Infostealing Malware
Cybercriminals have exploited Google Ads by creating fake advertisements for DeepSeek, a Chinese generative AI platform. These ads redirect users to malicious websites that deliver the Heracles MSIL Trojan, an information stealer targeting cryptocurrency wallets. Users are advised to exercise caution when clicking on ads and ensure downloads are from legitimate sources.
Read More
These incidents highlight the evolving landscape of cybersecurity threats and the critical importance of proactive measures to protect personal and organizational data.
How Triad InfoSec Can Assist Your Business
Navigating the complexities of cybersecurity compliance can be challenging. Triad InfoSec is dedicated to helping businesses prepare for CMMC audits, ensuring compliance, and optimizing cybersecurity strategies. Our services include:
- CMMC Audit Preparation: Guiding your organization through the necessary steps to achieve CMMC certification.
- MSP Partnerships: Collaborating with Managed Service Providers to ensure your business remains compliant while reducing cyber insurance premiums.
- Comprehensive Cybersecurity Solutions: Offering a range of services tailored to meet all your cybersecurity needs.
Partner with Triad InfoSec to secure your business’s future.
Contact us today
Stay vigilant and proactive in addressing cybersecurity challenges to protect your business and its valuable assets.
