Global Cyber Pulse: January 17, 2025

January 17, 2025 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

A pivotal week in cybersecurity saw President Biden issue an executive order targeting ransomware and foreign threats, bolstering U.S. defenses. In Europe, privacy group noyb filed GDPR complaints against TikTok and Temu over unlawful data transfers to China, while the EU launched a healthcare cybersecurity plan to combat rising cyberattacks.

Meanwhile, CISA unveiled an AI Cybersecurity Playbook to tackle AI vulnerabilities, and Wolf Haldenstein revealed a data breach impacting 3.5 million individuals. Adding to concerns, HP Wolf Security exposed malware campaigns hiding keyloggers in images, exploiting Excel vulnerabilities. These developments underscore the growing urgency of global cybersecurity collaboration.

Biden’s Cybersecurity Executive Order Targets Ransomware, Foreign Threats

President Biden issued a pivotal executive order emphasizing ransomware sanctions, federal cybersecurity, and software security.

Following a seven-month review of major cyber incidents, Deputy National Security Adviser Anne Neuberger stated the order strengthens America’s digital resilience and signals firm action against foreign and ransomware threats. It aims to deter attacks from China, Russia, and others while bolstering national defenses.

GDPR Complaints Filed Against TikTok, Temu Over Data Transfers

Privacy group noyb filed six GDPR complaints against TikTok, Temu, and others for allegedly transferring European users’ data to China.

Led by Max Schrems, noyb targeted data authorities in Greece, Italy, and Austria. Schrems highlighted the need for accountability in handling user privacy and stopping unlawful data practices.

EU Unveils Cybersecurity Plan for Healthcare Sector

The European Commission launched an action plan to secure hospitals and healthcare systems from rising cyberattacks. In 2023, over 300 incidents targeted EU healthcare providers, risking patient safety.

The plan emphasizes prevention, response, and tailored cybersecurity guidelines, alongside financial aid for small healthcare providers.

CISA’s Playbook Secures AI Against Cyber Risks

CISA introduced the AI Cybersecurity Collaboration Playbook, a framework to address AI vulnerabilities and incidents. Developed with 150 experts, it facilitates information sharing among AI developers and adopters.

CISA Director Jen Easterly stressed collaboration as key to securing AI systems amid rapid industry adoption.

Wolf Haldenstein Data Breach Exposes 3.5 Million Records

American law firm Wolf Haldenstein reported a December 2023 breach impacting 3.5 million individuals.

Delayed forensic analysis revealed personal data exposure, with notices pending due to incomplete contact information. Founded in 1888, the firm operates across major U.S. cities.

Hackers Hide Malware in Images to Deploy Keylogger

Threat actors used images on archive.org to conceal malware like VIP Keylogger, exploiting Excel vulnerabilities (CVE-2017-11882).

HP Wolf Security’s Q3 2024 report revealed the phishing-based campaign used malicious attachments to deliver payloads, underlining the need for heightened vigilance.