Cyber Security Headlines – August 12, 2025

Hosted by Lauren Verno, CISO Series

North Korean Crypto Theft

Timestamp: [00:00]

Lauren Verno opens the episode by highlighting a significant cyber theft orchestrated by North Korean operatives. Three IT specialists, allegedly working for the North Korean government, managed to steal approximately US$1 million in cryptocurrency from a New York-based company. The criminals exploited a vulnerability in the company's wallet system, utilizing a fake Malaysian ID to secure their positions within the company.

"Now the criminals used a fake Malaysian ID to get hired and they laundered the stolen tether tokens through multiple blockchains over three months." – Lauren Verno [00:00]

The stolen tether tokens were laundered across various blockchains over a period of three months. The FBI seized the illicit funds in July, and the Department of Justice is currently working to return the money to the affected company. In response to such operations, the Rewards for Justice program is offering a US$5 million reward for information that can disrupt similar North Korean activities.

Microsoft Rolls Out PC Backup Solution During Attacks

Timestamp: [02:30]

Microsoft has introduced a new service called Windows 365 Reserve, which is currently in a limited public preview. This service is designed to provide employees with temporary access to cloud PCs in the event their primary devices fail or are compromised by a cyber attack.

"Now you get up to 10 days per year of access with pre-configured desktops that come ready with your company's apps and security policies." – Lauren Verno [02:30]

Key features of Windows 365 Reserve include:

• Temporary Access: Employees can access their work environment for up to 10 days per year.
• Pre-configured Desktops: These cloud PCs come pre-installed with necessary company applications and adhere to security policies.
• Accessibility: Users can log in from any device using a browser or the Windows app, ensuring continuity in work operations while resolving device issues.

The preview phase is currently invite-only, but Microsoft plans to expand access once the service gains traction.

US Charges Four Individuals in $100 Million Global Fraud Scheme

Timestamp: [04:15]

Four high-ranking members of a Ghana-based criminal organization have been charged by US authorities for their involvement in a massive fraud scheme amounting to over US$100 million. The operation involved a combination of romance scams and business email compromise (BEC) attacks.

"Prosecutors say the group, which operated between 2016 and 2023, tricked businesses into wiring funds using spoofed email accounts and forged authorization letters while also targeting individuals in online romance scams." – Lauren Verno [04:15]

The perpetrators used spoofed email accounts and forged authorization letters to deceive businesses into transferring funds. Simultaneously, they engaged individuals through online romance scams to extract personal and financial information. Of the four charged, one suspect remains at large, while the others face potential decades-long prison sentences.

Wikipedia Loses UK Legal Challenge

Timestamp: [06:00]

In a recent legal battle, Wikipedia's operator lost its challenge against the UK's Online Safety Act. The legislation could compel Wikipedia to verify users if the platform is classified as a Category 1 platform.

"The Wikimedia foundation warned that such rules would threaten volunteer privacy, expose contributors to risks like data breaches, and hurt Wikipedia's ability to operate freely." – Lauren Verno [06:00]

While the court dismissed the challenge, it left the door open for future reviews based on Wikipedia's classification. Importantly, this ruling only affects operations within the UK and does not directly impact Wikipedia's policies or functionality in other regions, including the United States.

Conex Credit Union Hack Exposes 172,000 Individuals

Timestamp: [07:45]

Conex Credit Union, one of Connecticut's largest credit unions, reported a cybersecurity breach that occurred in early June. The attack compromised the personal and financial data of 172,000 members.

"The breach lasted just a day but may have exposed names, account numbers, debit card details, Social Security numbers, and even government IDs." – Lauren Verno [07:45]

Fortunately, there is no evidence that any accounts or funds were accessed or stolen. Nonetheless, Conex Credit Union is advising its members to remain vigilant against potential scam calls and texts from individuals impersonating employees.

Known Exchange Flaw Leaves Thousands Exposed

Timestamp: [09:20]

A critical vulnerability in Microsoft Exchange Server remains unpatched for over 29,000 servers, including more than 7,200 within the United States. This high severity flaw allows attackers to escalate privileges within connected Exchange online environments.

"CISA has ordered federal agencies to patch or discontinue vulnerable servers by Monday, warning the bug could lead to total domain compromise." – Lauren Verno [09:20]

The vulnerability affects Exchange Server versions 2016, 2019, and the subscription-based edition in hybrid setups. Although Microsoft disclosed the flaw and released a hotfix in April, many organizations have yet to implement the necessary patches. The Cybersecurity and Infrastructure Security Agency (CISA) has mandated that all federal agencies address the vulnerability by the upcoming Monday to prevent potential domain-wide compromises.

Ransomware Gang Hiring Penetration Testers

Timestamp: [11:10]

In an alarming development, the Medusa Locker ransomware gang is reportedly recruiting penetration testers on its Tor leak site. Unlike legitimate security professionals who work to identify and fix vulnerabilities, these hired individuals will be used to maximize ransom payouts.

"I don't mean that seriously, but the Medusa Locker ransomware gang is openly recruiting new penetration testers on its Tor leak site." – Lauren Verno [11:10]

The group is seeking candidates with skills in targeting ESXi, Windows, and ARM systems, particularly those with direct access to corporate networks. These "pen testers" will be tasked with mapping and exploiting vulnerabilities, furthering the gang's cybercriminal activities rather than enhancing security defenses.

Google Pays Out Biggest Chrome Bug Bounty Yet

Timestamp: [13:05]

Google has awarded its largest bug bounty to date, granting US$250,000 to a researcher known as Mickey. Mickey discovered a high severity vulnerability in Google Chrome that allows attackers to escape the browser sandbox and execute system commands.

"He discovered a high severity Chrome vulnerability that lets attackers escape the browser sandbox and execute system commands." – Lauren Verno [13:05]

The vulnerability was identified in Chrome's Mojo Inter-Process Communication (IPC) system and was promptly patched in May. Google praised Mickey for both the complexity of the flaw and the quality of the exploit demonstration, highlighting the importance of ethical hacking in strengthening cybersecurity measures.

The Role of Human Verification in Large Language Models

Timestamp: [14:50]

Lauren Verno concludes the episode by addressing the burgeoning reliance on Large Language Models (LLMs) in various organizations. While LLMs offer impressive capabilities, they are not infallible. Instances have emerged where organizations depended solely on LLM outputs without sufficient human review, leading to outcomes ranging from the amusing to the catastrophic.

"So how do we build in human in the loop verification when the scale of LLM output can be so daunting?" – Lauren Verno [14:50]

This week's episode of the CISO Series podcast delves deeper into this topic, exploring strategies to integrate human oversight into processes heavily reliant on artificial intelligence to mitigate risks and enhance accuracy.

Conclusion

Lauren Verno wraps up by encouraging listeners to engage with the content and share their thoughts.

"If you have some thoughts on the news from today or about the show in general, be sure to reach out to us@feedbackisoseries.com we'd love to hear from you." – Lauren Verno [16:20]

Cybersecurity headlines are available every weekday, with detailed stories available on cisoseries.com. Stay informed and secure by following the latest developments in the world of information security.

This summary encapsulates the key points discussed in the August 12, 2025, episode of Cyber Security Headlines by CISO Series, hosted by Lauren Verno. For more detailed information, listeners are encouraged to visit CISOseries.com.