Progressive Infotech (Workelevate) Recognized in the 2025 Gartner® Magic Quadrant™ for Digital Employee Experience Management Tools for the Second Consecutive Year
Daily Threat Intelligence Report - July 2, 2025
Source: Cyware Daily Threat Briefings
URL: https://www.cyware.com/resources/threat-briefings/daily-threat-briefing
Threat 1: Malware Campaign via Fake Installers
Date: June 30, 2025
Summary
A new malware campaign uncovered by Netskope is stealthily infecting victims using fake installers of popular Chinese-language software like WPS Office and Sogou. This campaign deploys a cocktail of malware, including Sainbox RAT (a Gh0stRAT variant) and a powerful rootkit.
Recommended Steps:
- Be cautious of software downloaded from unofficial sources, especially for popular applications.
- Verify the authenticity of software installers before running them.
- Use reputable antivirus and anti-malware solutions and keep them updated.
- Implement application whitelisting to prevent unauthorized software execution.
Threat 2: Critical Flaws in Airoha Chipsets (Bluetooth Vulnerabilities)
Date: June 30, 2025
Summary
Researchers disclosed three critical flaws (CVE-2025-20700, CVE-2025-20701, and CVE-2025-20702) in Airoha chipsets used in Bluetooth devices from top audio brands (Bose, Sony, Beyerdynamic). Exploiting these vulnerabilities could allow attackers to hijack Bluetooth connections, snoop on calls, access contacts, or even rewrite firmware for remote code execution.
Recommended Steps:
- Check for firmware updates for your Bluetooth devices, especially those from affected brands.
- Limit Bluetooth visibility and pairing to trusted devices only.
- Be wary of unsolicited Bluetooth pairing requests.
- Keep operating systems and device drivers updated.
Threat 3: Phishing Campaign Abusing Microsoft 365 Direct Send
Date: June 30, 2025
Summary
A new phishing campaign flagged by Varonis is abusing Microsoft 365’s Direct Send feature to impersonate internal users and send phishing emails without ever breaching a mailbox. This method bypasses standard email protections like SPF and DMARC due to the lack of authentication in Direct Send.
Recommended Steps:
- Educate users about sophisticated phishing techniques, including those that appear to originate from internal sources.
- Implement strong email authentication protocols beyond SPF and DMARC, if possible.
- Review and restrict the use of Microsoft 365 Direct Send if it's not essential for business operations.
- Encourage users to report suspicious emails, even if they appear legitimate.