February 5, 2025

Monthly Threat Digest: January 2025

For a detailed threat digest, download the pdf file here


Summary

In January, the cybersecurity arena drew significant attention due to the active exploitation of ten zero-day vulnerabilities. Among them, CVE-2025-0282 in multiple Ivanti products was exploited by UNC5337 and CL-UNK-0979 to execute arbitrary code remotely without requiring authentication, with active exploitation detected since December 2024. Fortinet also fixed the critical zero-day flaw CVE-2024-55591 in FortiOS and FortiProxy, which has been actively exploited by threat actors to compromise Fortinet firewalls and breach enterprise networks.

During this period, ransomware attacks surged, with variants such as HexaLocker, FunkSec, and Daixin Team aggressively targeting victims. As ransomware tactics grow more sophisticated, organizations must bolster their defenses by implementing comprehensive backup and disaster recovery strategies. Additionally, training employees to detect and prevent phishing attacks remains essential.

FunkSec emerged in late 2024 as a fast-moving ransomware group, blending cybercrime with hacktivism. Using AI-driven tools, they have targeted dozens of victims, demanded low ransoms, and evolved rapidly. Their origins remain unclear, but they are a rising force in AI-powered cyber threats.

Concurrently, seven threat actors have engaged in various campaigns. The Russian threat actor Star Blizzard has launched a new spear-phishing campaign, using WhatsApp group invitations as lures to compromise accounts, marking a shift in their tactics. At the same time, the Paper Werewolf cyberespionage group, active since 2022, has been targeting Russian organizations with phishing emails embedded with malicious macros to deploy PowerRAT for unauthorized access and data exfiltration. As the cybersecurity landscape evolves, organizations must remain vigilant and proactively address emerging threats.


Subscribe to keep up on a weekly basis with our weekly threat digests and newsletters.

Recent Resources

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo