← Cybersecurity Headlines
Cybersecurity Headlines
Japan finance hacks, Pearson suffers cyberattack, Teams blocks screen captures
00:08:28
Loading summary
Transcript1 lines
- [00:00]
Steve Prentiss
From the CISO series, it's Cybersecurity Headlines these are the cybersecurity headlines for Monday, May 12, 2025. I'm Steve Prentiss. Hackers hijack Japanese financial accounts to conduct billions in trades Japan's Financial Services Agency is warning of what it calls a sharp increase in the number of cases of unauthorized access and unauthor authorized trading through online trading services in the first three months of 2025, with almost $2 billion in funds moved by hackers from 5,000 breached accounts. The agency said hackers gain access to a victim's account through stolen login information and then use them to sell stocks or other securities. As reported in the record, the hackers typically use the breached accounts to raise the price of smaller stocks that they themselves have purchased. Once the stock price increases, the hackers sell their stock and earn a profit from the inflated value. Education giant Pearson hit by Cyberattack Based in the uk, Pearson is one of the world's largest providers of academic publishing, digital learning tools and standardized assessments serving academic institutions and individuals in more than 70 countries. The company has now confirmed a cyber attack that involved the theft of what it calls mostly legacy data. The company also confirmed that the stolen data did not include employee information. Microsoft Teams will soon block screen capture during meetings Microsoft will introduce a new Prevent Screen Capture feature in teams starting in July 2025, which will block users from taking screenshots of sensitive information during meetings. When a screenshot is attempted, the meeting window will turn black. Users joining from unsupported platforms will be restricted to audio only mode to protect content. The feature will be available on teams, desktop apps I.e. windows and Mac, and mobile apps iOS and Android. However, Microsoft notes that content can still be photographed externally. It remains unclear whether the feature will be enabled by default or controllable by meeting organizers or administrators. Ascension data breach exposed data of over 430,000 patients Ascension, one of the largest private healthcare systems in the United States, has suffered another data breach, this one occurring last December. The organization says that the data breach was actually suffered by a former business partner stating Ascension inadvertently disclosed information to a former business partner and some of this information was likely stolen from them due to a vulnerability in third party software used by the former business partner. The stolen data includes names, contact information, Social Security numbers and medical visit details, but representatives say this varies by individual. Huge thanks to our sponsor Vanta. Do you know the status of your compliance controls right now? Like right now, we know that real time visibility is critical for security, but when it comes to our GRC programs. We rely on point in time checks, but more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks like SoC2 and ISO 27001. They also centralize key workflows like policies, access reviews and reporting, and help you get security questionnaires done five times faster with AI. Now that's a new way to GRC. Get started at vanta.com headlines that is v a n t a dot com headlines IClicker site sends ClickFix malware to students via fake CAPTCHA IClicker is a service that helps get students more engaged in their classes through the use of polls, emojis and AI based questions. It is a subsidiary of the Macmillan Publishing Group. The company has revealed that the iClicker site was hacked in early April to display a fake captcha that delivered a PowerShell script by way of a click fix social engineering hack. The company warns students and faculty to run security software and use a password manager. It also adds that users who access iClicker through the mobile app or who did not encounter the fake captcha are not at risk from the attack. 23andMe customers have until July 14 to file claims the embattled ancestry company 23andMe, has announced that customers who are affected by the 2023 breach may file a cybersecurity incident claim. Those customers who suffered financial or other damages due to the breach can submit a claim as part of the bankruptcy case. Customers with other types of grievances unrelated to the cyber attack, such as issues with DNA test results or the company's telehealth services, may submit a separate claim under the General Bar Date package. Customers have until July 14th to file claims for losses incurred. Bluetooth 6.1 enhances privacy with randomized RPA timing this innovation, announced by the Bluetooth Special Interest Group, brings increased device privacy via randomized resolvable private addresses updates, which makes it much more difficult for third parties to track. Currently, RPAs are updated at fixed intervals, usually every 15 minutes, which introduces a level of predictability. This predictability can be exploited in correlation attacks, making long term tracking possible. The group continues. The controller picks a random value in the defined range using a NIST approved random number generator and updates the rpa. This makes tracking significantly harder as there is no pattern in the value selection. The next thing to worry ransomware infected CPUs. Christian Beek, senior director of threat analytics for Rapid7, told the Register that the technology exists to allow intruders to load unapproved microcode into CPUs, breaking encryption at the hardware level and modifying CPU behavior at will. His own proof of concept was spurred on by a recent incident in which AMD Zen chips were infected by a Google designed bug that allowed a security hold by ensuring that the random number required was always four. Beek says this is not rocket science and that developers working for the cybercrime group Conti were discussing this three years ago on their chat. Just because it's Monday does not mean you shouldn't start making plans for Friday. If you are anywhere near Boston, think about joining the CISO Series podcast live in Boston at the Battery Wharf Hotel. Join us for the episode as well as food, drink, networking and hanging out with David Spark. Huge thanks to our sponsor Zscaler. Admission is free with the password Wicked Smart. Later that same day, join us at 3:30pm Eastern for the Cybersecurity Headlines Week in Review show with our guest Nick Espinosa, host of the Deep Dive Radio show. It's a quick 20 minute show that looks at some of the most important stories of the week. You can join us on YouTube and add your comments for both of these. Go to the events page@cisoseries.com I'm Steve Prentiss reporting for the CISO series. Cybersecurity Headlines are available every weekday. Head to cisoseries.com for the full stories behind the headlines. It.