{"id":4346,"date":"2025-02-17T14:06:47","date_gmt":"2025-02-17T14:06:47","guid":{"rendered":"https:\/\/www.d2na.com\/?p=4346"},"modified":"2025-02-17T14:11:25","modified_gmt":"2025-02-17T14:11:25","slug":"weekly-security-news-17th-february-2025","status":"publish","type":"post","link":"https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/","title":{"rendered":"Weekly Security News – 17th February 2025"},"content":{"rendered":"<\/span> 3<\/span> mins read<\/span><\/span>\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Exploits found targeting AWS and PostgreSQL, Microsoft 365 accounts being hijacked, Steam game installs malware and Microsoft patches released...<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Welcome to this week’s Security News. We’ve collated the best articles from the around the internet and put them all into one place. If you have any queries or concerns about anything in this week’s news, then please get in touch with our team who can advise further. For our existing clients, if we believe anything may affect your organisation, our team will be in touch directly.\u00a0<\/p>\n

<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Vulnerabilities and Patches<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

New 'whoAMI' Attack Exploits AWS AMI Name Confusion for Remote Code Execution<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

A new attack, dubbed “whoAMI,” targets AWS by exploiting a name confusion vulnerability in the Amazon Machine Image (AMI) system. Attackers can create a malicious AMI with a matching name pattern, tricking developers into using it instead of the legitimate image. This results in remote code execution (RCE) on EC2 instances. The attack, resembling a supply chain exploit, can affect organizations using misconfigured software. AWS has addressed the issue with new security controls, but researchers caution that such vulnerabilities remain a risk if not properly mitigated.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

A vulnerability in PostgreSQL (CVE-2025-1094) has been exploited by attackers in tandem with a BeyondTrust zero-day flaw (CVE-2024-12356) to conduct targeted attacks. This vulnerability affects the PostgreSQL interactive tool psql, allowing SQL injection attacks that lead to arbitrary code execution. The flaw is due to how PostgreSQL handles invalid UTF-8 characters and can be triggered using a meta-command, enabling attackers to execute shell commands. Updates have been released to address the issue, impacting PostgreSQL versions 13-17.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

New Golang-Based Backdoor Uses Telegram Bot API for Evasive C2 Operations<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

A new Golang-based backdoor malware has been discovered, leveraging the Telegram Bot API for command-and-control (C2) operations. The malware, still under development, checks for a specific location on the infected machine and uses Telegram to receive commands, allowing attackers to execute PowerShell commands, persist the backdoor, or self-destruct. It is believed to be of Russian origin, as indicated by Russian-language messages in the malware\u2019s commands. This method of using Telegram makes the backdoor more evasive, complicating detection by traditional security measures.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Cyber Attacks<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Microsoft has reported that Russian-linked hackers, identified as Storm-2372, are employing a new phishing method called “device code phishing” to hijack Microsoft 365 accounts. The attackers use messaging apps to build trust with targets and trick them into entering device codes on fake sign-in pages, allowing the attackers to capture authentication tokens and gain unauthorized access. Once inside, the hackers exfiltrate sensitive data and move laterally within networks. This technique has targeted various sectors globally. Microsoft advises organizations to block device code flow, use multi-factor authentication, and follow the principle of least privilege to mitigate risks.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

PirateFi Game on Steam Caught Installing Password-Stealing Malware<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

The free-to-play game PirateFi, available on Steam between February 6 and 12, 2025, was found to be distributing Vidar infostealer malware. Up to 1,500 users may have been impacted by the malicious file, which compromised sensitive data like passwords, session cookies, and cryptocurrency wallets. The game was initially well-received, but once discovered, Steam alerted users to the infection and advised them to reinstall Windows. Security researchers have linked the malware to intentional obfuscation techniques and possible targeting of web3\/cryptocurrency enthusiasts. Affected users are urged to change passwords and enable multi-factor authentication.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

In Other News...<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Microsoft's Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Microsoft’s February 2025 Patch Tuesday update addresses 63 security vulnerabilities, including two actively exploited flaws. Among them are critical privilege escalation vulnerabilities (CVE-2025-21391 and CVE-2025-21418) affecting Windows components, which attackers can leverage to gain SYSTEM-level privileges. Notably, these flaws are similar to those previously exploited by the Lazarus Group. Additionally, the update fixes several other vulnerabilities, including remote code execution flaws in High Performance Compute Pack and LDAP, with an emphasis on mitigating the risk of widespread network breaches. Organizations are advised to patch systems promptly.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

<\/span> 3<\/span> mins read<\/span><\/span>Exploits found targeting AWS and PostgreSQL, Microsoft 365 accounts being hijacked, Steam game installs malware and Microsoft patches released… Welcome to this week’s Security News. We’ve collated the best articles from the around the internet and put them all into one place. If you have any queries or concerns about anything in this week’s news, […]<\/p>\n","protected":false},"author":1,"featured_media":4351,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[355],"tags":[287,285,286,289,288,284],"class_list":["post-4346","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-news","tag-cyber-attacks","tag-cyber-security","tag-news","tag-patches","tag-vulnerabilities","tag-weekly-security-news"],"yoast_head":"\nWeekly Security News - 17th February 2025 - D2NA<\/title>\n<meta name=\"description\" content=\"Exploits found targeting AWS and PostgreSQL, Microsoft 365 accounts being hijacked, Steam game installs malware and Microsoft patches...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Weekly Security News - 17th February 2025\" \/>\n<meta property=\"og:description\" content=\"Exploits found targeting AWS and PostgreSQL, Microsoft 365 accounts being hijacked, Steam game installs malware and Microsoft patches...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/\" \/>\n<meta property=\"og:site_name\" content=\"D2NA\" \/>\n<meta property=\"article:published_time\" content=\"2025-02-17T14:06:47+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-02-17T14:11:25+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/02\/2025-02-17.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"627\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Shaun Conway\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@D2NA\" \/>\n<meta name=\"twitter:site\" content=\"@D2NA\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Shaun Conway\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/02\\\/17\\\/weekly-security-news-17th-february-2025\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/02\\\/17\\\/weekly-security-news-17th-february-2025\\\/\"},\"author\":{\"name\":\"Shaun Conway\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/person\\\/624fbd3965489b22f6dcfc6d7eb4fb36\"},\"headline\":\"Weekly Security News – 17th February 2025\",\"datePublished\":\"2025-02-17T14:06:47+00:00\",\"dateModified\":\"2025-02-17T14:11:25+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/02\\\/17\\\/weekly-security-news-17th-february-2025\\\/\"},\"wordCount\":679,\"publisher\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/02\\\/17\\\/weekly-security-news-17th-february-2025\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/02\\\/2025-02-17.jpg\",\"keywords\":[\"cyber attacks\",\"cyber security\",\"news\",\"patches\",\"vulnerabilities\",\"weekly security news\"],\"articleSection\":[\"Security News\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/02\\\/17\\\/weekly-security-news-17th-february-2025\\\/\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/02\\\/17\\\/weekly-security-news-17th-february-2025\\\/\",\"name\":\"Weekly Security News - 17th February 2025 - D2NA\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/02\\\/17\\\/weekly-security-news-17th-february-2025\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/02\\\/17\\\/weekly-security-news-17th-february-2025\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/02\\\/2025-02-17.jpg\",\"datePublished\":\"2025-02-17T14:06:47+00:00\",\"dateModified\":\"2025-02-17T14:11:25+00:00\",\"description\":\"Exploits found targeting AWS and PostgreSQL, Microsoft 365 accounts being hijacked, Steam game installs malware and Microsoft patches...\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/02\\\/17\\\/weekly-security-news-17th-february-2025\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/02\\\/17\\\/weekly-security-news-17th-february-2025\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/02\\\/17\\\/weekly-security-news-17th-february-2025\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/02\\\/2025-02-17.jpg\",\"contentUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/02\\\/2025-02-17.jpg\",\"width\":1200,\"height\":627,\"caption\":\"2025-02-17\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/2025\\\/02\\\/17\\\/weekly-security-news-17th-february-2025\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.d2na.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Weekly Security News – 17th February 2025\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#website\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/\",\"name\":\"D2NA\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.d2na.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#organization\",\"name\":\"D2 Network Associates Limited\",\"alternateName\":\"D2NA\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Header-Logo.png\",\"contentUrl\":\"https:\\\/\\\/www.d2na.com\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Header-Logo.png\",\"width\":180,\"height\":60,\"caption\":\"D2 Network Associates Limited\"},\"image\":{\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/D2NA\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/d2-network-associates-ltd\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.d2na.com\\\/#\\\/schema\\\/person\\\/624fbd3965489b22f6dcfc6d7eb4fb36\",\"name\":\"Shaun Conway\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g\",\"caption\":\"Shaun Conway\"},\"sameAs\":[\"https:\\\/\\\/www.d2na.com\"],\"url\":\"https:\\\/\\\/www.d2na.com\\\/index.php\\\/author\\\/shaun-conway\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Weekly Security News - 17th February 2025 - D2NA","description":"Exploits found targeting AWS and PostgreSQL, Microsoft 365 accounts being hijacked, Steam game installs malware and Microsoft patches...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/","og_locale":"en_GB","og_type":"article","og_title":"Weekly Security News - 17th February 2025","og_description":"Exploits found targeting AWS and PostgreSQL, Microsoft 365 accounts being hijacked, Steam game installs malware and Microsoft patches...","og_url":"https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/","og_site_name":"D2NA","article_published_time":"2025-02-17T14:06:47+00:00","article_modified_time":"2025-02-17T14:11:25+00:00","og_image":[{"width":1200,"height":627,"url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/02\/2025-02-17.jpg","type":"image\/jpeg"}],"author":"Shaun Conway","twitter_card":"summary_large_image","twitter_creator":"@D2NA","twitter_site":"@D2NA","twitter_misc":{"Written by":"Shaun Conway","Estimated reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/#article","isPartOf":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/"},"author":{"name":"Shaun Conway","@id":"https:\/\/www.d2na.com\/#\/schema\/person\/624fbd3965489b22f6dcfc6d7eb4fb36"},"headline":"Weekly Security News – 17th February 2025","datePublished":"2025-02-17T14:06:47+00:00","dateModified":"2025-02-17T14:11:25+00:00","mainEntityOfPage":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/"},"wordCount":679,"publisher":{"@id":"https:\/\/www.d2na.com\/#organization"},"image":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/02\/2025-02-17.jpg","keywords":["cyber attacks","cyber security","news","patches","vulnerabilities","weekly security news"],"articleSection":["Security News"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/","url":"https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/","name":"Weekly Security News - 17th February 2025 - D2NA","isPartOf":{"@id":"https:\/\/www.d2na.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/#primaryimage"},"image":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/02\/2025-02-17.jpg","datePublished":"2025-02-17T14:06:47+00:00","dateModified":"2025-02-17T14:11:25+00:00","description":"Exploits found targeting AWS and PostgreSQL, Microsoft 365 accounts being hijacked, Steam game installs malware and Microsoft patches...","breadcrumb":{"@id":"https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/#primaryimage","url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/02\/2025-02-17.jpg","contentUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/02\/2025-02-17.jpg","width":1200,"height":627,"caption":"2025-02-17"},{"@type":"BreadcrumbList","@id":"https:\/\/www.d2na.com\/index.php\/2025\/02\/17\/weekly-security-news-17th-february-2025\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.d2na.com\/"},{"@type":"ListItem","position":2,"name":"Weekly Security News – 17th February 2025"}]},{"@type":"WebSite","@id":"https:\/\/www.d2na.com\/#website","url":"https:\/\/www.d2na.com\/","name":"D2NA","description":"","publisher":{"@id":"https:\/\/www.d2na.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.d2na.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.d2na.com\/#organization","name":"D2 Network Associates Limited","alternateName":"D2NA","url":"https:\/\/www.d2na.com\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.d2na.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/12\/Header-Logo.png","contentUrl":"https:\/\/www.d2na.com\/wp-content\/uploads\/2025\/12\/Header-Logo.png","width":180,"height":60,"caption":"D2 Network Associates Limited"},"image":{"@id":"https:\/\/www.d2na.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/D2NA","https:\/\/www.linkedin.com\/company\/d2-network-associates-ltd\/"]},{"@type":"Person","@id":"https:\/\/www.d2na.com\/#\/schema\/person\/624fbd3965489b22f6dcfc6d7eb4fb36","name":"Shaun Conway","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7668c1fa014f994d5e689f28c828adb47f75821deca52ce9f6d05fa69447ffaf?s=96&d=mm&r=g","caption":"Shaun Conway"},"sameAs":["https:\/\/www.d2na.com"],"url":"https:\/\/www.d2na.com\/index.php\/author\/shaun-conway\/"}]}},"_links":{"self":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4346","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/comments?post=4346"}],"version-history":[{"count":5,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4346\/revisions"}],"predecessor-version":[{"id":4352,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/posts\/4346\/revisions\/4352"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/media\/4351"}],"wp:attachment":[{"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/media?parent=4346"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/categories?post=4346"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.d2na.com\/index.php\/wp-json\/wp\/v2\/tags?post=4346"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}