Weekly Security Sprint EP 136. A full menu of insiders, a new AWS report, and a lot of quick hits
Description
On this week's Security Sprint, Dave and Andy get ready for hte holidays with a full menu of topics that include:
Warm Open:
· Happy23rd birthday to DHS!
· WaterISAC’s Quarterly Water SectorIncident Summary, April to June 2025 – Executive Summary
· GridEx VIII – Surge in ParticipationReflects Importance of Exercising Emergency Preparedness
· Cloudflare outage on November 18, 2025
Main Topics:
Insider Threats: Former contractor admits to hackingemployer in retaliation for termination
· CrowdStrike catches insider feeding information to hackers
Blended Threats, you say? AWS: New Amazon Threat Intelligence findings: Nation-state actors bridging cyber and kinetic warfare & Amazon details Iranian “cyber-enabled kinetic targeting” operations
Quick Hits:
· House AI terrorism bill spotlights extremist use of generative AI for propaganda and training
· Obscura Ransomware: A Case Study in Ransomware Data Loss
· Overconfidence is the new zero-day as teams stumble through cyber simulations
· The SANS 2025 State of ICS Security Report: Progress, Pressure, and the Path to Resilience
· CISA Releases New Guides to Safeguard Critical Infrastructure from Unmanned Aircraft SystemsThreats
· Bulletproof Defense: Mitigating Risks From Bulletproof Hosting Providers
United States
