Cyber Briefing: 2025.01.21

👉 What’s the latest in the cyber world today?

DoNot Team, Tanzeem, Android Malware, Microsoft Azure DevOps, Server-Side Request Forgery, OpenVPN, Easy-RSA Encryption Tool, Ukraine Computer Emergency Team, AnyDesk, TP-Link Routers, Swiss Websites, DDoS Attacks, Philippines National Bureau of Investigation, Data Breach, CODAC Behavioral Health, Iannuzzi Manetta Co, Allegheny Health Network, OWASP, Smart Contract, US Coast Guard, Cybersecurity Rules, Former CIA Analyst, US Department of Justice, Privacy Professionals, Compliance Challenges, United Arab Emirates Cyber Security Council, Cyberattacks Surge

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please subscribe.

🚨 Cyber Alerts

1. DoNot Team Deploys Targeted Android Malware

The hacking group DoNot Team has been linked to new Android malware named Tanzeem and Tanzeem Update, designed to gather intelligence through highly targeted cyberattacks. The apps, disguised as chat applications, request sensitive permissions, enabling them to collect call logs, contacts, locations, and more. Cyfirma noted the malware uses push notifications to deploy additional threats, revealing the group’s evolving tactics for intelligence gathering.

2. Azure DevOps Faces Critical Security Flaws

Researchers discovered several Server-Side Request Forgery (SSRF) vulnerabilities in Azure DevOps, exposing significant security weaknesses in its cloud-based development environment. These flaws enabled unauthorized access to internal services, with one vulnerability allowing outbound requests using valid Azure tokens. Despite previous fixes from Microsoft, the researcher demonstrated that these could be bypassed using techniques like DNS rebinding. The findings underscore the critical need for stronger API security and access controls to protect sensitive data and prevent privilege…