Cyber Security Headlines

Episode: Cyber laws reprieved, Microsoft screen capture, FBI highlights Akira
Date: November 14, 2025
Host: Steve Prentiss

Overview

This episode delivers a rapid-fire summary of the latest developments in cybersecurity, covering topics from the temporary reinstatement of key US cyber laws to the FBI’s warnings about the Akira ransomware, significant vulnerabilities, corporate responses to ransomware, major law enforcement actions, and new security technology rollouts. Each story highlights changing threat landscapes and evolving defenses.

Main Discussion Points & Insights

1. US Cybersecurity Laws Temporarily Revived

[00:13] The US President signed a government funding bill ending a 43-day shutdown, restoring two major cybersecurity laws through January 30th:
- 2015 Cybersecurity and Infrastructure Security Act
- State and Local Cybersecurity Grant Program
This fix is temporary: “Congress must now find a more permanent fix before another funding deadline.”
- Quote: “Two key cyber laws are back as President signs bill to end shutdown … Congress must now find a more permanent fix.” (Steve Prentiss, 00:13)
Impact: Leaves law enforcement and state/local agencies in limbo until a longer-term solution is found.

2. Microsoft Teams Rolls Out Screen Capture Prevention

[01:09] Microsoft is releasing “Prevent screen capture,” a new premium security feature for Microsoft Teams:
- Blocks screenshots/recordings during meetings (Windows Desktop only).
- Displays a “black rectangle around the meeting window” where not supported.
- Forces audio-only mode for attendees.
- Disabled by default; organizers must enable per meeting.
Significance: Responds to long-standing privacy concerns for sensitive meetings.

3. FBI Ranks Akira Ransomware as a Top 5 US Threat

[02:03] Akira ransomware group highlighted as a “top five” variant by the FBI.
- Active since March 2023, uses double extortion: data theft + encryption.
- Over $244 million extorted, targeting SMBs in manufacturing, education, IT, healthcare, finance, and agriculture.
- Possible ties to the infamous Conti gang.
- FBI notes: “Ransomware overall remains its leading cybercrime threat, with more than 130 active variants attacking US organizations.”
Quote: “Akira … uses double extortion attacks that steal and encrypt data to pressure victims…The FBI ranks Akira amongst its top five most consequential ransomware variants.” (Steve Prentiss, 02:03)

4. Fortinet FortiWeb Critical Flaw Exploited Globally

[02:47] Path traversal vulnerability in FortiWeb is being used to generate unauthorized admin users on internet-exposed devices:
- Fixed in FortiWeb version 8.0.2.
- Exploit observed since October 6; “attacks have increased globally.”
- Exploited by sending HTTP POST requests with payloads for admin access.
Advice: Urgent patching and review of all appliances for evidence of compromise.

5. Checkout.com Refuses Ransom, Donates to Cyber Research

[04:08] After a ransomware incident by Shiny Hunters, payment provider Checkout.com:
- Publicly refused to pay ransom.
- Donated the ransom-equivalent to Carnegie Mellon University and the University of Oxford Cybersecurity Centre.
- CTO Mariano Albera: “takes full responsibility for the security incident and apologized for the circumstances that allowed the breach to happen.” (Steve Prentiss quoting Albera, 04:30)
- Breach cause: Legacy third-party cloud storage not properly decommissioned (last used in 2020+).
Significance: Highlights a defiant, transparent stance and support for the research community.

6. Akira Ransomware Targets Nutanix VMs

[05:12] Akira expands Linux encryptor to attack Nutanix AHV virtual machines:
- Started June 2025 onwards.
- Expands from prior focus on VMware ESXi and HyperV.
- Joint advisory issued by CISA, FBI, DoD Cybercrime Center, HHS.
- Leverages CVE vulnerability in Nutanix’s AHV platform.
Emergence: Represents ransomware’s evolving attacks on virtualization infrastructure.

7. Major Police Operation Ends Three Infamous Cybercrime Tools

[05:51] Authorities from Europe, US, UK & Canada announce Operation Endgame’s third phase:
- Dismantled “RATamanthus” infostealer, “Venom RAT” remote access trojan, and “Elysium” botnet.
- Coincides with arrest in Greece of Venom RAT’s main suspect.
- Impact: “Hundreds of thousands of victims worldwide.”
Law enforcement’s coordinated international response delivers a major blow to cybercriminal toolsets.

8. Washington Post Data Breach Impacts Nearly 10,000 Employees

[06:37] Data theft/extortion from Oracle E-Business Suite used by The Washington Post:
- HR data of 9,720 current/former staffers stolen (names, bank details, SSNs).
- Believed to be the work of the Cl0p ransomware gang.
- Incident occurred September 29.
Reveals rising trend of attacks targeting widely used business platforms and high-profile organizations.

Notable Quotes & Memorable Moments

On ransomware’s pervasiveness:
“Ransomware overall remains its leading cybercrime threat, with more than 130 active variants attacking US organizations.” – Steve Prentiss, 02:35
Transparency in breach response:
"[Checkout.com] takes full responsibility for the security incident and apologized for the circumstances that allowed the breach to happen.” – CTO Mariano Albera (quoted by Steve Prentiss, 04:30)
On global law enforcement action:
“Authorities from numerous European countries, along with Canada, the US and the UK have announced that the takedown affects...hundreds of thousands of victims worldwide with malware.” – Steve Prentiss, 05:59

Key Timestamps

[00:13] - US government shutdown ends; major cyber laws temporarily revived
[01:09] - Microsoft Teams introduces screen capture protection
[02:03] - FBI identifies Akira as top ransomware threat
[02:47] - FortiWeb vulnerability exploited globally
[04:08] - Checkout.com refuses ransom, donates to research
[05:12] - Akira ransomware targets Nutanix VMs
[05:51] - Operation Endgame: Global takedown of cyber tools
[06:37] - Washington Post Oracle data breach

Tone & Language

Steve Prentiss maintains the brisk, matter-of-fact style customary for the CISO Series, emphasizing critical facts with clarity, but also pausing to highlight both the sobering scale of cyber threats and the positive steps being taken by the security community and law enforcement.

Summary

This concise episode spotlights how cybersecurity remains central in US governance, the accelerating arms race between defenders and ransomware actors, emerging risks from software vulnerabilities, and a shift toward bold, transparent risk responses. Notably, both authorities and private sector actors are taking innovative measures—from international police takedowns to philanthropic stances on ransom demands—against a growing tide of sophisticated threats.

Cyber Security Headlines

Episode: Cyber laws reprieved, Microsoft screen capture, FBI highlights Akira
Date: November 14, 2025
Host: Steve Prentiss

Overview

Main Discussion Points & Insights

1. US Cybersecurity Laws Temporarily Revived

[00:13] The US President signed a government funding bill ending a 43-day shutdown, restoring two major cybersecurity laws through January 30th:
- 2015 Cybersecurity and Infrastructure Security Act
- State and Local Cybersecurity Grant Program
This fix is temporary: “Congress must now find a more permanent fix before another funding deadline.”
- Quote: “Two key cyber laws are back as President signs bill to end shutdown … Congress must now find a more permanent fix.” (Steve Prentiss, 00:13)
Impact: Leaves law enforcement and state/local agencies in limbo until a longer-term solution is found.

2. Microsoft Teams Rolls Out Screen Capture Prevention

[01:09] Microsoft is releasing “Prevent screen capture,” a new premium security feature for Microsoft Teams:
- Blocks screenshots/recordings during meetings (Windows Desktop only).
- Displays a “black rectangle around the meeting window” where not supported.
- Forces audio-only mode for attendees.
- Disabled by default; organizers must enable per meeting.
Significance: Responds to long-standing privacy concerns for sensitive meetings.

3. FBI Ranks Akira Ransomware as a Top 5 US Threat

[02:03] Akira ransomware group highlighted as a “top five” variant by the FBI.
- Active since March 2023, uses double extortion: data theft + encryption.
- Over $244 million extorted, targeting SMBs in manufacturing, education, IT, healthcare, finance, and agriculture.
- Possible ties to the infamous Conti gang.
- FBI notes: “Ransomware overall remains its leading cybercrime threat, with more than 130 active variants attacking US organizations.”
Quote: “Akira … uses double extortion attacks that steal and encrypt data to pressure victims…The FBI ranks Akira amongst its top five most consequential ransomware variants.” (Steve Prentiss, 02:03)

4. Fortinet FortiWeb Critical Flaw Exploited Globally

[02:47] Path traversal vulnerability in FortiWeb is being used to generate unauthorized admin users on internet-exposed devices:
- Fixed in FortiWeb version 8.0.2.
- Exploit observed since October 6; “attacks have increased globally.”
- Exploited by sending HTTP POST requests with payloads for admin access.
Advice: Urgent patching and review of all appliances for evidence of compromise.

5. Checkout.com Refuses Ransom, Donates to Cyber Research

[04:08] After a ransomware incident by Shiny Hunters, payment provider Checkout.com:
- Publicly refused to pay ransom.
- Donated the ransom-equivalent to Carnegie Mellon University and the University of Oxford Cybersecurity Centre.
- CTO Mariano Albera: “takes full responsibility for the security incident and apologized for the circumstances that allowed the breach to happen.” (Steve Prentiss quoting Albera, 04:30)
- Breach cause: Legacy third-party cloud storage not properly decommissioned (last used in 2020+).
Significance: Highlights a defiant, transparent stance and support for the research community.

6. Akira Ransomware Targets Nutanix VMs

[05:12] Akira expands Linux encryptor to attack Nutanix AHV virtual machines:
- Started June 2025 onwards.
- Expands from prior focus on VMware ESXi and HyperV.
- Joint advisory issued by CISA, FBI, DoD Cybercrime Center, HHS.
- Leverages CVE vulnerability in Nutanix’s AHV platform.
Emergence: Represents ransomware’s evolving attacks on virtualization infrastructure.

7. Major Police Operation Ends Three Infamous Cybercrime Tools

[05:51] Authorities from Europe, US, UK & Canada announce Operation Endgame’s third phase:
- Dismantled “RATamanthus” infostealer, “Venom RAT” remote access trojan, and “Elysium” botnet.
- Coincides with arrest in Greece of Venom RAT’s main suspect.
- Impact: “Hundreds of thousands of victims worldwide.”
Law enforcement’s coordinated international response delivers a major blow to cybercriminal toolsets.

8. Washington Post Data Breach Impacts Nearly 10,000 Employees

[06:37] Data theft/extortion from Oracle E-Business Suite used by The Washington Post:
- HR data of 9,720 current/former staffers stolen (names, bank details, SSNs).
- Believed to be the work of the Cl0p ransomware gang.
- Incident occurred September 29.
Reveals rising trend of attacks targeting widely used business platforms and high-profile organizations.

Notable Quotes & Memorable Moments

On ransomware’s pervasiveness:
“Ransomware overall remains its leading cybercrime threat, with more than 130 active variants attacking US organizations.” – Steve Prentiss, 02:35
Transparency in breach response:
"[Checkout.com] takes full responsibility for the security incident and apologized for the circumstances that allowed the breach to happen.” – CTO Mariano Albera (quoted by Steve Prentiss, 04:30)
On global law enforcement action:
“Authorities from numerous European countries, along with Canada, the US and the UK have announced that the takedown affects...hundreds of thousands of victims worldwide with malware.” – Steve Prentiss, 05:59

Key Timestamps

[00:13] - US government shutdown ends; major cyber laws temporarily revived
[01:09] - Microsoft Teams introduces screen capture protection
[02:03] - FBI identifies Akira as top ransomware threat
[02:47] - FortiWeb vulnerability exploited globally
[04:08] - Checkout.com refuses ransom, donates to research
[05:12] - Akira ransomware targets Nutanix VMs
[05:51] - Operation Endgame: Global takedown of cyber tools
[06:37] - Washington Post Oracle data breach

wavePod

Cyber laws reprieved, Microsoft screen capture, FBI highlights Akira

Powered by Wave AI

Summary

Cyber Security Headlines

Overview

Main Discussion Points & Insights

1. US Cybersecurity Laws Temporarily Revived

2. Microsoft Teams Rolls Out Screen Capture Prevention

3. FBI Ranks Akira Ransomware as a Top 5 US Threat

4. Fortinet FortiWeb Critical Flaw Exploited Globally

5. Checkout.com Refuses Ransom, Donates to Cyber Research

6. Akira Ransomware Targets Nutanix VMs

7. Major Police Operation Ends Three Infamous Cybercrime Tools

8. Washington Post Data Breach Impacts Nearly 10,000 Employees

Notable Quotes & Memorable Moments

Key Timestamps

Tone & Language

Summary

Summary

Cyber Security Headlines

Overview

Main Discussion Points & Insights

1. US Cybersecurity Laws Temporarily Revived

2. Microsoft Teams Rolls Out Screen Capture Prevention

3. FBI Ranks Akira Ransomware as a Top 5 US Threat

4. Fortinet FortiWeb Critical Flaw Exploited Globally

5. Checkout.com Refuses Ransom, Donates to Cyber Research

6. Akira Ransomware Targets Nutanix VMs

7. Major Police Operation Ends Three Infamous Cybercrime Tools

8. Washington Post Data Breach Impacts Nearly 10,000 Employees

Notable Quotes & Memorable Moments

Key Timestamps

Tone & Language

Summary