Daily News Update: Thursday, March 13, 2025 (Australia/Melbourne)

_{This post is an AI-generated summary of News Articles from a handful of publications over the last 24 hours. No credit is taken for the contents of said articles or the accuracy thereof.}

Audio Summary: Thursday, March 13, 2025 (Australia/Melbourne)

0:00

/166.44

1×

Executive Summary

Over the past 24 hours, several noteworthy cyber security stories have emerged, focusing on critical vulnerabilities, cyber threats, and evolving ransomware operations.

• Apple disclosed a zero-day vulnerability in its WebKit engine, tracked as CVE-2025-24201, prompting emergency patches for iOS and macOS.
• Microsoft announced the patching of 57 vulnerabilities, including six zero-days, affecting core components and widely used products.
• CISA reported a significant impact from the Medusa ransomware, which has struck more than 300 organizations across critical sectors in the U.S.
• A Chinese hacking group, Volt Typhoon, was discovered to have persisted within a Massachusetts utility's systems for 10 months, underscoring threats to U.S. infrastructure.
• The Signal app has reportedly ceased collaboration with Ukrainian authorities on cyber threats from Russia, raising concerns about espionage operations.
• Garantex, a crypto exchange, saw the arrest of its co-founder for alleged involvement in facilitating money laundering for criminal activities.

These updates signal a pressing need for organizations to reassess their cyber defenses and update their systems promptly.

Apple's Zero-Day Vulnerability and Emergency Patches

Apple released critical patches addressing a zero-day flaw identified in the WebKit browser engine (CVE-2025-24201). This vulnerability risked unauthorized actions by allowing attackers to bypass the security sandbox that isolates untrusted web content. Apple classified the attack method as “extremely sophisticated,” linked to targeted assaults on certain individuals before the recent iOS 17.2 update.

This incident signifies Apple's third zero-day vulnerability response this year, mandating user updates to iOS 18.3.2, iPadOS 18.3.2, and other systems as early as possible to mitigate risks.

_{CyberScoop | "Apple discloses zero-day vulnerability, releases emergency patches"}

Microsoft's Patch Tuesday Highlights

This month's Patch Tuesday from Microsoft's Cybersecurity and Infrastructure Security Agency (CISA) revealed an extensive update covering 57 vulnerabilities, including six actively exploited zero-days. Notably, four zero-days posed high severity on the CVSS scale, spanning vulnerabilities within fundamental components like NTFS and the Windows Fast FAT File System Driver.

Adam Barnett from Rapid7 noted, “This is now the sixth consecutive month where Microsoft has published zero-day vulnerabilities without evaluating any of them as critical severity.”

Organizations are advised to implement the patch updates promptly to protect against ongoing exploits.

_{CyberScoop | "Microsoft patches 57 vulnerabilities, including 6 zero-days"}

_{The Register | "Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws"}

Medusa Ransomware Operations and Impact

CISA reported that the Medusa ransomware gang had affected over 300 critical infrastructure organizations in various sectors, including healthcare and education. Emerging in 2021, Medusa operates as a Ransomware-as-a-Service and has intensified its activities, particularly in 2023.

Its operations often exploit unpatched vulnerabilities, with encourages organizations to enhance their security protocols and prioritize timely patches to mitigate future attacks.

_{Bleeping Computer | "CISA: Medusa ransomware hit over 300 critical infrastructure orgs"}

_{The Record | "CISA: More than 300 critical infrastructure orgs attacked by Medusa ransomware"}

Volt Typhoon’s Long-term Infiltration

The Volt Typhoon hacking group persisted within the Littleton Electric Light and Water Department for approximately 10 months. Initial access was gained through a vulnerability in a FortiGate router. This incident reflects a worrying trend of state-sponsored groups aiming for long-term access to critical infrastructure for potential destructive capabilities.

Dragos, a cybersecurity firm, assisted the utility in responding to the breach, ensuring robust defense adjustments and monitoring in collaboration with federal authorities.

_{The Record | "Volt Typhoon hackers were in Massachusetts utility’s systems for 10 months"}

Signal App's Withdrawal from Cooperation

The encrypted messaging app Signal is no longer cooperating with Ukrainian government efforts aimed at combatting Russian cyber threats. This cessation in collaboration has raised alarms regarding the app's role in facilitating espionage operations against Ukrainian governmental and military personnel. Ukrainian officials expressed concerns that this shift could aid Russian intelligence efforts.

_{The Record | "Signal no longer cooperating with Ukraine on Russian cyber threats, official says"}

Arrest of Garantex Admin in India

A key administrator of the Garantex crypto-exchange, Aleksej Besciokov, was arrested in India, marking a notable step in global efforts to curb cryptocurrency-related crime. Accused of facilitating money laundering and operating an unlicensed money-transmitting business, the arrest follows charges of aiding various criminal organizations.

_{Bleeping Computer | "Garantex crypto exchange admin arrested while on vacation"}

Metadata

• Key Organisations and Individuals:
  • Apple, Microsoft, CISA, FBI, Elon Musk's DOGE
  • Filip Jurčacko (ESET), Mike Walters (Action1), Bill Marczak (Citizen Lab)
• Technical Terms:
  • Zero-day vulnerabilities, Ransomware, Malware, CVSS, Multi-State Information Sharing and Analysis Center (MS-ISAC)
• Countries and Industry Verticals:
  • U.S., China, North Korea
  • Critical Infrastructure, Cybersecurity, Information Technology, Crypto Exchanges, Utilities