Tevora Cybersecurity News
Curated by Anir Desai and Hai-Trang Nguyen
?? Cloudflare Confirms Availability Incident
Cloudflare has confirmed experiencing operational outages which took multiple systems offline on February 6, 2025. The outage was caused as the result of human error and insufficient validation safeguards which resulted in product disablement for the R2 Gateway, further impacting additional services which depend on R2 infrastructure. The incident took almost one hour before systems could be securely brought back online and Cloudflare has identified areas of improvement to ensure similar incidents are prevented in the future.
More information regarding Cloudflare's R2 outage can be found here.
?? Lee Enterprises Confirms Cyberattack
American media company, Lee Enterprises, confirmed experiencing a cyberattack which led to operational disruptions in newspaper printing, subscription services, and internal systems. According to company representatives, Lee Enterprises? launched investigative operations immediately detecting the incident and is actively working on restoring services. No further information, including the potential scope of impact, has been shared at the time of this article's writing.
More information regarding Lee Enterprise's cyberattack can be found here.
领英推è
?? Sandworm Subgroup Expands Hacking Operations
A subgroup affiliated with Russian state-sponsored hacking group, Sandworm, has been discovered expanding initial access operations around the world. Previously focusing operations in Eastern Europe, the group has shown significant expansion efforts, increasing the scope of operations to countries in the Americas, Europe, Middle East, Africa, and Asia. Attacks carried out by the subgroup include opportunistic and targeted intrusion attempts to maintain access and obtain confidential information.?
More information regarding the Sandworm subgroup's expanding threat operations can be found here.
?? Palo Alto Networks Releases Patches for PAN-OS Software
Palo Alto Networks has released patches for a high-severity vulnerability in the PAN-OS software that could lead to an authentication bypass. The vulnerability allows unauthenticated threat actors with network access to the management web interface and invoke PHP scripts. Included in the patch are fixes for two additional vulnerabilities resulting in file deletion or command injection. Organizations and users are recommended to disable access to the management interface from the internet or untrusted networks and apply patches when feasible to prevent potential attacks.
More information regarding patches for the PAN-OS software can be found here.
Stay vigilant, stay alert, and please reach out if you have any questions!