Latest Stories

Stay up-to-date with everything at Approach

Blog article

Weekly Digest Week 8 – 2025

Publication date

21.02.2025

Featured Story

Palo Alto Networks Tags New Firewall Bug as Exploited in Attacks

Palo Alto Networks warns that a newly discovered file read vulnerability (CVE-2025-0111) is now being exploited alongside two other flaws (CVE-2025-0108 and CVE-2024-9474) to target PAN-OS firewalls. These vulnerabilities can be chained to gain root access and read sensitive configuration files.

CISA has added CVE-2025-0108 to its KEV catalog and has given federal agencies until March 11, 2025, to apply patches. Reports suggest 65% of exposed devices remain unpatched and vulnerable.

SOC Analysis:
The active exploitation of these vulnerabilities highlights the critical need for immediate action. PAN-OS firewalls play a vital role in enterprise security, making them prime targets. Organizations must patch, restrict access to management interfaces, enforce access controls, and monitor proactively.

Other Stories

New OpenSSH Flaws Expose SSH Servers to MiTM and DoS Attacks

OpenSSH released version 9.9p2 to patch two vulnerabilities: CVE-2025-26465 (MiTM) and CVE-2025-26466 (DoS). The MiTM flaw stems from the VerifyHostKeyDNS setting and affects some FreeBSD systems dating back to 2013. The DoS issue allows resource exhaustion before authentication.

SOC Analysis:
We advise organizations to upgrade to OpenSSH 9.9p2 immediately, disable VerifyHostKeyDNS unless essential, enforce connection rate limiting, and monitor logs for SSH anomalies and suspicious access.

Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication

Juniper disclosed CVE-2025-21589 (CVSS 9.8), an authentication bypass flaw impacting various Session Smart and WAN Assurance router products. Affected versions range across multiple branches, and although no known exploitation has occurred, patches are now available.

SOC Analysis:
This is a critical vulnerability allowing admin-level access without authentication. Organizations must patch immediately and review router access configurations. Juniper products are often exploited soon after patch announcements.

50,000 Belgians Surf Safely Thanks to the Safeonweb Browser Extension

On Safer Internet Day, the CCB announced that over 50,000 users are now using the Safeonweb extension. The tool warns users about malicious websites through a color-coded system (green = safe, red = dangerous). It’s currently available on Chrome and Edge, with Firefox/Safari versions coming soon.

SOC Analysis:
Extensions like Safeonweb can be effective first-line defenses against phishing and malicious domains. While useful, they are not foolproof—so pairing them with security awareness and endpoint protections is essential.

Want to enhance your organization’s cyber awareness or compliance strategy? Contact the Approach Cyber SOC team for tailored support and training programs.

OTHER STORIES

Contact us to learn more about our services and solutions

Our team will help you start your journey towards cyber serenity

Do you prefer to send us an email?