top of page
Untitled design.png

Weekly INK

Each week we compile an advisory on the latest threats, trends and newsworthy topics from the cyber security industry affecting small and medium enterprises. Join our subscribers below and help us prevent cybersecurity breaches.

watermark4.png

Issue #133 - January 20, 2025

Record-Breaking DDoS Attack Reached 5.6 Tbps

Source: Security Week

The largest DDoS attack blocked during the last three months of 2024 was a 5.6 terabit per second (Tbps) UDP DDoS assault launched by a Mirai-variant botnet against an internet service provider in Eastern Asia. The attack lasted 80 seconds and originated from 13,000 unique source IP addresses, each contributing, on average, around 1 gigabit per second.




PowerSchool Faces 23 Lawsuits Over Schools' Mega Data Breach

Source: Data Breach Today

Educational software-maker PowerSchool faces at least 23 lawsuits seeking class-action status, filed in the wake of a massive data breach involving student and faculty data. The Folsom, California-based company began warning multiple schools and districts around Jan. 8 that an attacker stole student and faculty database tables from the PowerSchool student information system platform sometime between Dec. 10 and Dec. 28, 2024.




Ransomware attackers are “vishing” organizations via Microsoft Teams

Source: Help Net Security

The “email bombing + posing as tech support via Microsoft Teams” combination is proving fruitful for two threat actors looking to deliver ransomware to organizations, and they seem to be ramping up their efforts. The threat actors are social-engineering their way in.




Black 'Magic' Targets Enterprise Juniper Routers With Backdoor

Source: Dark Reading

Such routers typically lack endpoint detection and response protection, are in front of a firewall, and don't run monitoring software like Sysmon, making the attacks harder to detect. Dozens of organizations have been infected with router malware that uses a packet-sniffing technique to minimize its footprint.




Tesla EV charger hacked twice on second day of Pwn2Own Tokyo

Source: Bleeping Computer

Security researchers hacked Tesla's Wall Connector electric vehicle charger twice on the second day of the Pwn2Own Automotive 2025 hacking contest. PHP Hooligans were the first to crash the Tesla Wall Connector after using a Numeric Range Comparison Without Minimum Check zero-day bug to take over the device.



104 views

Help us Prevent Breaches.

We will never share or sell your information. Unsubscribe at any time.

Email: *

Received.

bottom of page