NEWSLETTER- 27th JANUARY, 2025
CISA and FBI Release Updated Guidance on Product Security Bad Practices
In partnership with the Federal Bureau of Investigation (FBI), CISA released an update to joint guidance Product Security Bad Practices in furtherance of CISA’s Secure by Design initiative. This updated guidance incorporates public comments CISA received in response to a Request for Information, adding additional bad practices, context regarding memory-safe languages, clarifying timelines for patching Known Exploited Vulnerabilities (KEVs), and other recommendations.
While this voluntary guidance is intended for software manufacturers who develop software products and services in support of critical infrastructure, all software manufacturers are strongly encouraged to avoid these product security bad practices.
For more details: CISA and FBI Release Updated Guidance on Product Security Bad Practices | CISA
Microsoft starts force upgrading Windows 11 22H2, 23H3 devices
Microsoft has started the forced rollout of Windows 11 24H2 to eligible, non-managed systems running the Home and Pro editions of Windows 11 22H2 and 23H2.
According to the company’s Lifecycle Policy site, Windows 11 23H2 will reach the end of support in October 2025, while Windows 11 22H2 Home and Pro have already reached it in October 2024.
“We have reached a new stage in the phased rollout of version 24H2. Eligible devices running Home and Pro editions of Windows 11, versions 23H3 and 22H2 will be gradually updated to version 24H2,” the company said in a Thursday update to the Windows release health page.
| **Windows 11 2024 Update – 23H3 devices | |
| This automatic update targets only devices that are not managed by IT departments. Users can choose the time to restart their device or postpone the update. | |
|
Options for upgrade |
If users don’t want to wait for the automatic upgrade, they can manually check if the update is available by going to Settings > Windows Update and clicking ‘Check for updates.’ If device is ready for the update, they’ll see the option to “Download and install” Windows 11 24H2. |
| If users are not ready to install the Microsoft-recommended 24H2 upgrade, they can also pause the update from being downloaded and installed from Settings > Windows Update by selecting the amount of time they’d like to pause the updates. | |
For more details: Microsoft starts force upgrading Windows 11 22H2, 23H3 devices
North Korea’s Lazarus APT Evolves Developer-Recruitment Attacks
North Korea’s Lazarus threat group has launched a fresh wave of attacks targeting software developers, using recruitment tactics on job-hiring platforms. This time, the group is using job postings on LinkedIn to lure freelance developers in particular into downloading malicious Git repositories; these contain malware for stealing source code, cryptocurrency, and other sensitive data.
The Security Scorecard STRIKE team on Jan. 9 discovered the ongoing attack, dubbed Operation 99, in which attackers pose as recruiters to entice the developers with project tests or code reviews, the researchers revealed in a report (PDF) published today.
| **Recommended Actions | |
| As these campaigns become more sophisticated through the use of AI and advanced social engineering, it’s becoming “easier for attackers to gain the confidence of their targets, demonstrating a significant evolution in the level of precision and realism in their campaigns. | |
|
Mitigation Strategies |
Reinforcing social engineering awareness and adhering to the basics of cybersecurity for everyday employees. |
| Employees also should exercise extreme caution when interacting with recruiters, particularly if asked to download files, clone repositories, or engage with unfamiliar software,” especially over platforms like LinkedIn or email | |
For more details: http://go.pardot.com/e/
15K Fortinet Device Configs Leaked to the Dark Web
Dated configuration data and virtual private network (VPN) credentials for 15,474 Fortinet devices have been posted for free to the Dark Web.
On Jan. 14, Fortinet disclosed a severe authentication bypass vulnerability in its FortiOS operating system and FortiProxy Web gateway, CVE-2024-55591. For a model of what the aftermath of such a vulnerability could look like, one need only look to a parallel bug from October 2022 that’s still making waves today.
Back then, Fortinet published an urgent security warning regarding CVE-2022-40684, an equivalent authentication bypass vulnerability affecting FortiOS, FortiProxy, and the autological FortiSwitchManager. Earning a “critical” 9.8 rating in the Common Vulnerability Scoring System (CVSS), it allowed any unauthenticated attacker to perform administrative operations on vulnerable devices via specially crafted HTTP requests.
For more details: 15K Fortinet Device Configs Leaked to the Dark Web
Documentation for security hardening best practices: System administrator best practices | FortiGate / FortiOS 6.4.0 | Fortinet Document Library
HPE investigates breach as hacker claims to steal source code
Hewlett Packard Enterprise (HPE) is investigating claims of a new breach after a threat actor said they stole documents from the company’s developer environments.
The company has told BleepingComputer that it hasn’t found any evidence of a security breach, but it is investigating the threat actor’s claims.
“HPE became aware on January 16 of claims being made by a group called IntelBroker that it was in possession of information belonging to HPE,” – spokesperson Clare Loxley.
For more details: HPE investigates breach as hacker claims to steal source code
US sanctions hacker and company allegedly behind Treasury and telecom breaches
The China-based hackers allegedly responsible for breaches of the Treasury Department and at least nine telecommunications companies have been sanctioned by the U.S. government following new revelations about both campaigns.
The Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Yin Kecheng — “a Shanghai-based cyber actor” allegedly involved in the attack on the Treasury Department — as well as Chinese cybersecurity firm Sichuan Juxinhe Network Technology.
For more details: US sanctions hacker and company allegedly behind Treasury and telecom breaches – The Cyber Post
Reference: CISA, Darkreading, Bleepingcomputer, Thecyberpost
U.S. Access Board Shares AI Accessibility Guidelines for People with Disabilities
The U.S. Access Board has released recommendations on making AI accessible for people with disabilities, following President Biden’s 2023 AI executive order. Their efforts include community engagement, technical assistance, and improving access to technology and
In a Tuesday webinar, the Access Board shared its initial findings on the risks and benefits of AI for people with disabilities. President Biden’s October 2023 AI executive order emphasized the need for accessibility best practices.
In collaboration with the American Association of People with Disabilities and the Center for Democracy and Technology, the Access Board signed a memorandum of understanding (MOU) in May to complete the tasks outlined in the EO. They also launched a webpage with resources and recordings from their AI series. This series highlighted AI’s benefits, such as aiding daily tasks, enhancing assistive technologies, and improving communication and
For more details: Federal Agency Outlines Recommendations for Accessible AI
GLOBAL SOLUTIONS GROUP (GSG) @ EVENTS
What an incredible experience at ServiceNow SKO25 in Las Vegas!
Global Solutions Group (GSG) Team had the privilege of engaging with fellow innovators and thought leaders, exchanging valuable insights, and highlighting how we are driving transformation in the business world. The discussions were both enlightening and inspiring, as we explored new ideas and challenged the limits of what’s possible alongside so many distinguished professionals.
The theme was all about innovation, and it’s clear: AI Agents, Data, and Workflows are converging to create a truly transformative future.
Key takeaways are:
Agentic AI – intelligent virtual assistants automating tasks and enhancing user experiences
Workflow Data Fabric – connecting data seamlessly across silos for better insights
Raptor DB – providing speed and scalability for real-time decisions
CRM – keeping the customer at the heart of everything
You create a powerful engine that Sells, Fulfills, and Delivers like never before. The trust built through these integrated solutions will redefine what’s possible in the industry.
The future is now, built on confidence and momentum. Let’s make 2025 the year we push the boundaries of innovation!
*Disclaimer: This newsletter contains links to sites on the Internet that are owned and operated by third parties. We do not claim ownership of any third-party content. Trademarks, logos, and brand names are the property of their respective owners.
**These are basic steps; advanced issues may need expert intervention. Consult our team for detailed analysis.
