Digital Forensics Magazine — 48h News Roundup
Window: 2026-01-21 11:21 to 2026-01-23 11:21 (UTC)
Snapshot Summary
| Sector / Section | Headline Highlights | Count |
|---|---|---|
| DFIR & Incident Response | Cisco UC patch-and-hunt; ICS advisory burst; DDoS botnet escalation | 2 |
| Cyber Investigations | Illicit Telegram market stalls; Ransomware leader unmasked; Botnet attribution signals | 2 |
| Major Cyber Incidents | Space-agency breach fallout; Hospitality leak probe | 2 |
| Exploits & Threat Intelligence | Cisco UC zero-day exploited; Chainlit SSRF+file read; Singapore issues urgent alert | 3 |
| Law Enforcement | Accra cybercrime raids; Black Basta suspects targeted | 2 |
| Policy | Ireland spyware legal basis; EU high-risk vendor phase-out; UK NIS bill update | 3 |
| Standards & Compliance | Transit CSF profile draft; Support-life transparency push | 2 |
| Consumer App Data Leaks | Under Armour account probe; Retailer credential-stuffing denial | 2 |
Digital Forensics & Incident Response
Cisco fixes Unified Communications RCE zero day exploited in attacks — Cisco released emergency patches for CVE-2026-20045 affecting Unified CM, IM&P, Unity Connection and Webex Calling Dedicated Instance after confirming attempted in-the-wild exploitation, with patch guidance published on 21-01-2026 [AMER]. For IR teams, prioritize external exposure triage, collect web UI and auth logs for crafted-request patterns, and preserve VM snapshots before patching to support root-cause analysis and potential lateral-movement scoping. (Source: BleepingComputer, 21-01-2026).
CISA releases 10 Industrial Control Systems advisories — CISA published a bundled set of ICS advisories covering multiple vendors and product lines, prompting operators to review mitigations and update plans for OT environments on 22-01-2026 [AMER]. For DFIR and response leads, this is a reminder to validate asset inventories against affected versions, ensure offline evidence capture procedures exist for safety-critical systems, and pre-stage patch windows and compensating controls to reduce dwell time if exploitation starts. (Source: CISA (GovDelivery), 22-01-2026).