• The FTC has mandated Marriott and Starwood to implement a comprehensive security program for 20 years.


• Data breaches can lead to significant regulatory actions and long-term consequences for companies.


• The hijacking of browser extensions poses a serious risk to user data and security.


• Emerging threats for 2025 include zero-day exploits and supply chain attacks.


• AI governance is crucial as employees increasingly use AI tools without oversight.

Links

• https://www.bleepingcomputer.com/news/security/ftc-orders-marriott-and-starwood-to-implement-strict-data-security/


• https://www.bleepingcomputer.com/news/security/cybersecurity-firms-chrome-extension-hijacked-to-steal-users-data/


• https://www.darkreading.com/vulnerabilities-threats/emerging-threats-vulnerabilities-prepare-2025


• https://www.securityweek.com/beware-of-shadow-ai-shadow-its-less-well-known-brother/

<iframe title="Defensive Security Podcast Episode 290" width="604" height="453" src="https://www.youtube.com/embed/zGzMZPbd890?feature=oembed" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe>