Risk and Resilience

Happy New Year! This is our first episode of 2025, and I want to start by wishing all my listeners a happy, healthy, and successful year ahead. In this week’s episode - Week 2 of 2025 - we’ll dive into the most critical updates in the world of cybersecurity and geopolitics. Here’s a sneak peek at what’s coming up: Volt and Salt Typhoon: Chinese state-sponsored hackers targeting critical U.S. infrastructure. Gravy Analytics Breach: Hackers threaten to expose sensitive location data and personal movements. AI Spear Phishing Study: A chilling revelation—AI now matches human experts in creating deceptive phishing campaigns. UK Ministry of Defence: Stronger cybersecurity demands for its supply chain in response to escalating threats. Geopolitical Cyber Warfare: A cyber clash between the Philippines and China over territorial disputes. From state-sponsored hackers embedding themselves in U.S. networks to the alarming rise of AI-driven cyber threats, this episode has it all. Let’s dive in, starting with the evolving cyber warfare landscape involving Volt and Salt Typhoon.

Welcome to Risk and Resilience and you're tuned into the weekly update where I bring you the latest and most crucial developments in cybersecurity and technology.    This week I will be covering    Interbank Data Breach: Extortion Attempt and Customer Data Leak  CrowdStrike Outage: Impact, Response, and Lessons for Operational Resilience  Delta Air Lines Seeks Damages from CrowdStrike and Microsoft After Costly Outage  Ledger Fined €750,000 by French Data Protection Authority for Data Breaches  Russian "Doppelganger" Campaign Exploits Domain Registrars to Spread Disinformation  RedLine and Meta: Disruption of Two Major Infostealer Operations  Senator Warner Calls for Action from Domain Registrars to Combat Foreign Influence Campaign  If you liked this week's update, then do share this with your friends and colleagues. 

Welcome to Risk and Resilience and you're tuned into the weekly update where I bring you the latest and most crucial developments in cybersecurity and technology.   This week I will be covering   Internet Archive Suffers Major Security Breach, Affecting 31 Million Accounts Google Launches Global Signal Exchange to Combat Online Scams and Fraud Critical Security Flaws Discovered in Fortinet Products, CISA Issues Warning Palo Alto Networks Discloses Multiple Vulnerabilities in Expedition Software Cisco Patches Critical Command Execution Flaw in Nexus Dashboard Fabric Controller Microsoft's October Patch Tuesday Addresses 118 Vulnerabilities, Including Five Zero-Days UK Financial Sector Conducts SIMEX 24 Simulation Exercise to Test Resilience MoneyGram Confirms Cyberattack, Customer Data Compromised MITRE Launches AI Incident Sharing Initiative to Enhance AI System Security UK Government Announces Upcoming Cyber Security and Resilience Bill to Strengthen National Defenses If you liked this week's update then do share this with your friends and colleagues.

Welcome to Risk and Resilience and you're tuned into the weekly update where I bring you the latest and most crucial developments in cybersecurity and technology.   This week I will be covering   China-linked threat actors compromised some U.S. internet service providers   Kaspersky deleted its anti-malware software from customers' computers across the United States  Google says several major US companies have unknowingly hired North Korean IT workers.  US to ban connected vehicle tech from China, Russia due to national security risks.  DOJ, FBI need better metrics for tracking ransomware disruption efforts, audit finds  NIST Scraps Passwords Complexity and Mandatory Changes in New Guidelines  In a recent survey, it found that ore than a third  of employees share sensitive work information with AI tools without their employer’s permission.  If you liked this weeks update then do share this with your friends and colleagues.

Risk and Resilience Week 38 Podcast: This week I cover the following in my podcast. Meta's AI training: Using public Facebook/Instagram posts since 2007 Microsoft's Patch Tuesday: 79 updates, 4 zero-day fixes Fortinet breach: 440GB data leaked, affecting 0.3% of customers TfL cyber attack: Passenger data compromised, 17-year-old arrested UK data centers now critical infrastructure: Boosting protection and investment Apple drops NSO Group lawsuit: Protecting threat intelligence Indonesian crypto exchange Indodax: $22 million theft California regulates deepfakes in election ads: Combating misinformation

Key Headlines: Russian Military Cyber Actors Targeting Critical Infrastructure – FBI, CISA, NSA, and international partners release a critical advisory on Russian cyber threats to US and global infrastructure. Massive IT Crime Damages – IT crimes cause a staggering 91 billion rubles in damage over just seven months. Election Security Concerns – Intelligence officials warn of increasing foreign influence efforts leading up to Election Day. WordPress Sites at Risk – A vulnerability in the LiteSpeed Cache Plugin puts millions of WordPress sites in jeopardy. Singapore's Stance on Deepfakes – Proposed ban on deepfakes during elections as part of efforts to maintain electoral integrity. CISA's New Cyber Reporting Portal – A new platform to streamline and improve cyber incident reporting. NATO's Focus on Undersea Infrastructure – Reinforcing resilience and security for critical undersea infrastructure. In this week's episode, we dive into the latest cybersecurity landscape, focusing on a newly released advisory about Russian military cyber actors targeting global critical infrastructure. We unpack the financial damage caused by IT crimes reaching into the billions and discuss the escalating foreign influence threats as we approach Election Day. Additionally, we explore a newly discovered vulnerability affecting millions of WordPress sites and Singapore's proactive stance on banning deepfakes during elections. To wrap up, we examine CISA's launch of a new cyber reporting portal and NATO's strategies to protect vital undersea infrastructure. Tune in for an in-depth breakdown of these critical updates!