Welcome to this week’s edition of The Keys To Cyber Digest by MSC Security! We’re here to arm you with knowledge, protect what matters, and sprinkle in a little humor along the way. Because while cybersecurity is serious business, staying safe online can still be a little fun.

This Week’s Highlights

Should You Be Worried About The Safety Of Your Credit Union Savings?

Are cyber criminals lurking in the shadows, waiting to snatch your hard-earned cash? In today's digital age, it's more important than ever to protect your money from online threats. From phishing scams to identity theft, the risks are real and the consequences can be devastating. In this video, we'll explore the ways in which cyber criminals operate and what you can do to safeguard your finances. From password protection to two-factor authentication, we'll cover the essential tips and tricks to keep your money safe online. Don't let cyber criminals get the best of you - watch now and take control of your financial security!

Google OAuth Vulnerability Exposes Millions via Failed Startup Domains

New research has uncovered a vulnerability in Google's "Sign in with Google" authentication process that leverages a domain ownership loophole to access sensitive information.

According to Dylan Ayrey, co-founder and CEO of Truffle Security, Google's OAuth login lacks safeguards against attackers who purchase the expired domains of defunct startups. By doing so, they can recreate former employee email accounts.

"Although these attackers can't retrieve past email data, they can exploit these accounts to log into various SaaS platforms previously used by the organization," Ayrey explained in a report released Monday.

Microsoft brings in 2025 with over 159 vulnerabilities!

Microsoft's January update delivers fixes for a record-breaking 159 vulnerabilities, including eight zero-day flaws—three of which are currently being actively exploited by attackers.

This release marks Microsoft's largest patch update to date and is particularly significant because three of the vulnerabilities were identified by an artificial intelligence (AI) platform.

Microsoft classified 10 of these vulnerabilities as critically severe, with the remaining labeled as important. The patches cover a wide range of Microsoft products, including Windows OS, Microsoft Office, .NET, Azure, Kerberos, and Windows Hyper-V. The update addresses over 20 remote code execution (RCE) vulnerabilities, nearly as many elevation-of-privilege issues, and various other flaws related to denial-of-service, security bypass, spoofing, and information disclosure.

Join our Webinar tonight January 15th at 4pm PST!

Join us for our "Cybersecurity for All" webinar, a free live session designed to empower business leaders and mission-driven organizations with the knowledge needed to combat cyber threats. This comprehensive webinar will cover essential steps to safeguard your organization, ensuring your critical data and operations remain secure in today’s evolving digital landscape. Don’t miss this opportunity to enhance your cybersecurity strategy and protect what matters most.

Stay Connected & Take Action!

Click the link below to stay connected to everything we are doing at MSC Security!

We’re on a mission to make cybersecurity understandable, approachable, and even a bit entertaining. Every click and every decision can make a difference. Thanks for trusting MSC Security to help keep your digital life safe.

Talk soon,

The MSC Security Team

PS: “You’re only one bad password away from inviting hackers to the party. Make your password strong enough to crash their plans.”