In this week's Security Sprint, Dave and Andy covered the following topics:

Warm Open:

• Nerd Out EP 61. The 2/3 of the Year Awards!

Main Topics:

FBI PSA - Russian Government Cyber Actors Targeting Networking Devices, Critical Infrastructure. The Federal Bureau of Investigation (FBI) is warning the public, private sector, and international community of the threat posed to computer networks and critical infrastructure by cyber actors attributed to the Russian Federal Security Service's (FSB) Center 16. The FBI detected Russian FSB cyber actors exploiting Simple Network Management Protocol (SNMP) and end-of-life networking devices running an unpatched vulnerability (CVE-2018-0171) in Cisco Smart Install (SMI) to broadly target entities in the United States and globally.

Info Ops:

• Most Adults in 25 Countries Say Spread of False Information Is a Top National Threat. The findings come from Pew’s seventh iteration of its Global Attitudes Survey: International Opinion on Global Threats, which was last published in 2022.

• Foreign disinformation enters AI-powered era. At least one China-based technology company, GoLaxy, seems to be using generative AI to build influence operations in Taiwan and Hong Kong… Documents also show that GoLaxy has created profiles for at least 117 members of Congress and over 2,000 American political figures and thought leaders.

• Toxic politics and TikTok engagement in the 2024 U.S. election

• Why wind farms attract so much misinformation and conspiracy theory

UN - Terror threat posed by ISIL ‘remains volatile and complex,’ Security Council hears. The threat posed by the terrorist group ISIL – known more widely in the Middle East as Da’esh – remains dynamic and diverse, with Africa currently experiencing the highest level of activity worldwide.

• PDF: Remarks by Mr. Vladimir Voronkov, Under-Secretary-General for Counter-Terrorism, United Nations Office of Counter-Terrorism.

• PDF: Remarks by Mr. Vladimir Voronkov, Under-Secretary-General, United Nations Office of Counter-Terrorism.

• UN Report: ISIS Fighters’ Migration to Afghanistan and the Taliban’s Failure

• ISIS-K poses major threat with 2,000 fighters in Afghanistan, UN says

FEMA Employees Warn That Trump Is Gutting Disaster Response. After Hurricane Katrina, Congress passed a law to strengthen the nation’s disaster response. FEMA employees say the Trump administration has reversed that progress. Employees at the Federal Emergency Management Agency wrote to Congress on Monday warning that the Trump administration had reversed much of the progress made in disaster response and recovery since Hurricane Katrina pummeled the Gulf Coast two decades ago. The letter to Congress, titled the “Katrina Declaration,” rebuked President Trump’s plan to drastically scale down FEMA and shift more responsibility for disaster response — and more costs — to the states. It came days before the 20th anniversary of Hurricane Katrina, one of the deadliest and costliest storms to ever strike the United States.

Quick Hits:

• 25% of security leaders replaced after ransomware attack

• Gate 15: Hack Yourself First: Pen Testing for Prevention

• FB-ISAO: Ransomware Incident Review January to June 2025

• Dissecting PipeMagic: Inside the architecture of a modular backdoor framework

• Maryland Transit Administration says cybersecurity incident is affecting some of its servicesNevada state government offices closed after network security incident

• Audit of Antisemitic Incidents 2024

• MIT report: 95% of generative AI pilots at companies are failing

• Report: Russian Sabotage Operations In Europe Have Quadrupled Since 2023

• CISA Requests Public Comment for Updated Guidance on Software Bill of Materials

• Risky Bulletin: NIST releases face-morphing detection guideline

• CVE-2025–41688: Bypassing Restrictions in an OT Remote Access Device

• Think before you Click(Fix): Analyzing the ClickFix social engineering technique