Podcast Summary: Cyber Security Headlines

Host: Steve Prentiss, CISO Series
Episode: Asahi ransomware details, California browser law, Windows Teams accelerated
Date: December 1, 2025

Overview

This episode of Cyber Security Headlines delivers a rapid update on key information security developments as of December 1, 2025. The episode covers the specifics of the high-profile Asahi ransomware attack, a significant new California privacy law affecting web browsers nationwide, Microsoft Teams enhancements, and other news such as a French Soccer Federation data breach and the notable role of data centers in a Virginia legislative campaign. Each story is concisely examined with broader context and potential impacts discussed.

Key Stories and Discussion Points

1. Actively Exploited XSS Bug Added to CISA's KEV Catalog

[00:07 – 01:05]

What happened:
CISA has identified a cross-site scripting (XSS) vulnerability in OpenPLC SCADA BR and added it to its Known Exploited Vulnerabilities (KEV) catalog, following evidence of active exploitation by a pro-Russian hacktivist group (“twonet”).
Potential impact:
The flaw affects both Windows and Linux systems through the SystemsSetting.shtm file and has a CVSS score of 5.4.
The attack was notable for hackers mistaking a security honeypot for a water treatment facility.

2. Asahi Ransomware Attack Details

[01:05 – 01:46]

Incident summary:
Japanese brewer Asahi revealed that an October ransomware attack may have exposed the personal information (PII) of 1.5 million customers, plus thousands of employees, their families, and contacts — but not credit card data.
Operational impact:
The attack disrupted production, delayed product launches, and interfered with order processing and shipping across Japan.
Containment:
No evidence yet of data being published online, and the company notes the breach seems confined to systems in Japan.
Memorable quote:
“The impact appears limited to systems managed in Japan.”
— Steve Prentiss [01:30]

3. Groundbreaking California Browser Law Could Have National Impact

[01:46 – 02:31]

Law details:
California’s Consumer Privacy Act now requires all web browsers to provide a one-click, turnkey option for users to opt out of data sharing and sales, effective January 1, 2027.
National ramifications:
While California-specific, the browser update is expected to reach all American users, potentially providing tens of millions with an easier path to protect their privacy when browsing.
Memorable quote:
“Tens of millions of consumers, including those outside of California, may benefit.”
— Steve Prentiss [02:25]

4. Windows 11 Password Icon Issue

[02:31 – 03:04]

Issue:
Since August updates, Windows 11 users may notice the password sign-in option is missing from the lock screen, although the functionality is still present.
Workaround:
The password icon is revealed by hovering over the expected area, but no fix timeline from Microsoft yet.
Quote:
“Microsoft has yet to provide a timeline for the fix.”
— Steve Prentiss [03:03]

5. Microsoft Teams Desktop Client Acceleration

[03:42 – 04:22]

Update:
A new Teams call handler (ms.teamsmodulehost.exe) will be rolled out in January, designed to speed up launch times and improve call quality on Windows.
Admin action:
IT administrators are advised to allow list the new process to avoid false positives in security systems.
Benefits:
“Enhance meeting experiences without requiring additional end user training.”
— Steve Prentiss [04:13]

6. French Soccer Federation Data Breach

[04:23 – 04:51]

Incident:
Attackers stole personal data (PII) from members via a compromised administrative management software account.
Scope:
The number of impacted individuals was not disclosed.

7. Virginia Legislative Race Focuses on Data Centers

[04:52 – 05:50]

Political outcome:
John McAuliffe won a seat in Virginia’s legislature, with voter concerns over data centers and associated electricity costs as a key campaign issue.
Broader implications:
Loudoun County hosts the world’s densest cluster of data centers, central to U.S. internet infrastructure, but imposing costs and disturbances on local communities.
Notable quote:
“[This is] an artificial tax on everyday Virginians to benefit Amazon, Google, and some of the companies with the biggest market caps in human history…we need to do a much, much better job of extracting those benefits because the companies can afford them.”
— Steve Prentiss, quoting McAuliffe [05:37]

Notable Quotes & Memorable Moments

“The vulnerability has a CVSS score of 5.4 and it's a cross site scripting flaw that affects Windows and Linux versions…”
— Steve Prentiss [00:16]
“The attack forced production shutdowns, delayed product launches and disrupted order processing and shipping nationwide.”
— Steve Prentiss [01:41]
“California law regulating Web browsers might impact national data privacy…”
— Steve Prentiss [01:46]
“IT admins are advised to prepare for the change by allow listing the new process…”
— Steve Prentiss [04:17]
McAuliffe on data centers: “...an artificial tax on everyday Virginians to benefit Amazon, Google, and some of the companies with the biggest market caps in human history.”
— Quoted by Steve Prentiss [05:36]

Timestamps for Key Segments

Active XSS bug (OpenPLC): [00:07 – 01:05]
Asahi ransomware: [01:05 – 01:46]
California privacy law: [01:46 – 02:31]
Windows 11 password issue: [02:31 – 03:04]
Microsoft Teams sped up: [03:42 – 04:22]
French Soccer Federation breach: [04:23 – 04:51]
Virginia data centers and election: [04:52 – 05:50]

Overall Tone and Style

The episode stays crisp, factual, and focused, delivering technical and policy updates for business and security professionals. Steve Prentiss maintains a professional and direct tone, emphasizing actionable facts and the broader context behind each headline.

For full details and to explore any of these stories further, visit CISOseries.com.

Transcript

A (0:00)

From the CISO series. It's Cybersecurity Headlines.

B (0:06)

These are the cybersecurity headlines for Monday, December 1, 2025. I'm Steve Prentiss. CISA adds actively exploited XSS bug to Kev CISA has added a security flaw that impacts OpenPLC SCADA BR to its known exploited Vulnerabilities catalog, citing evidence of active exploitation. The vulnerability has a CVSS score of 5.4 and it's a cross site scripting flaw that affects Windows and Linux versions of the software via SystemsSetting SHTM. The security company Forescout had seen a pro Russian hacktivist group called twonet targeting its honeypot in September 2025, mistaking it for a water treatment facility. Japanese brewer Asahi provides details regarding October ransomware attack the Japanese brewer announced on Thursday that the ransomware attack that occurred in October may have exposed personal PII of about 1.5 million customers, as well as thousands of employees, their family members and external contacts, but not credit card details. The company has seen no evidence the data had been published online and said the impact appears limited to systems managed in Japan, end quote. The attack forced production shutdowns, delayed product launches and disrupted order processing and shipping nationwide. California law regulating Web browsers might impact national data Privacy In October, California governor Gavin Newsom signed a law to amend the state's Consumer Privacy act in order to mandate that Web browsers create a turnkey tool for residents to opt out from data sharing once instead of having to do so each time they visit a website. Now, privacy changes required by a newly enacted California law could mean Web browsers will soon offer all Americans a mechanism to easily opt out of all data sharing and sales when surfing the Web. Currently, most web browsers do not offer mechanisms for residents to exercise these rights, but once they do, tens of millions of consumers, including those outside of California, may benefit. The law goes into effect on January 1, 2027. Windows 11 password window disappears Microsoft is warning its customers that Windows 11 updates released since August may cause the password sign in option to disappear from the lock screen options, even though the button remains functional. The password icon appears only when multiple sign in options such as pin, security key, password and fingerprint are available. For users who just use passwords, the icon may not appear at all, since Windows will just show the password field by default. However, hovering over the space where the icon should appear reveals the button allowing users to sign in with their password. Microsoft has yet to provide a timeline for the fix. Huge thanks to our sponsor Vanta. This message comes from what's your 2am Security worry? Is it? Do I have the right controls in place or are my vendors secure? Enter Vanta Vanta automates manual work so you can stop sweating over spreadsheets, chasing audit evidence and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data and simplifies your security at scale. Get started@vanta.com CISO that is V A N T A. Microsoft to Speed up Teams in additional Microsoft news, the company says that in January it will be adding a new teams call handler to reduce launch times and boost call performance for the Windows desktop client. The process will be named ms.teamsmodulehostexe, which will handle the calling stack separately from the main application process to optimize resource usage and enhance meeting experiences without requiring requiring additional end user training. IT admins are advised to prepare for the change by allow listing the new process in security software and endpoint protection systems to prevent false positive detections and calling issues as well as user confusion French Soccer Federation suffers data Breach this breach came as a result of a compromised account which allowed attackers to steal PII belonging to its members. The breach involved software used by clubs for their administrative management and in particular that of their members. The organization did not disclose the number of members impacted Democrat wins Virginia Largely on the topic of Data Centers John McAuliffe, a 33 year old small business owner and former civil servant, won election to Virginia's legislature this month in part due to voters concern over the deleterious effects of data centers and their impact on electricity bills. The data centers of Loudoun county handle more traffic than any other concentration in the world and are central to the functioning of much of the Internet. The warehouse sized facilities impose upon farmland and create significant noise in addition to electricity bills. A 2024 report from the Virginia General Assembly's Joint Legislative Audit and Review Commission stated that Virginia's rate structure charges the facilities themselves for the use of electric power. However, energy prices are likely to increase for all customers to cover costs of new infrastructure and power importing needed. McAuliffe described this as an artificial tax on everyday Virginians to benefit Amazon, Google and some of the companies with the biggest market caps in human history. Which is not to say they don't provide benefits to those communities, but that we need to do a much, much better job of extracting those benefits because the companies can afford them. End quote. Do you want to know more about the most pressing stories of the last few days in time for your weekly stand up? Join us today at 4pm Eastern Time for the Department of Know Where. Our guests, Matthew Bibby, director of Cybersecurity at tiktrac, and Derek Fisher, director of the Cyber Defense and Information Assurance Program at Temple University, will sort out the priority stories and do a deep dive on the ones that matter most. And of course, we will actively involve you in the conversation. Just go to YouTube, search for CISO series, and look for Rich Stroffolino's smiling face under upcoming live streams. If you have some thoughts on the news from today or about our show in general, please be sure to reach out to us@feedbackisoseries.com we would love to hear from you. I'm Steve Prentiss reporting for the CISO series.