Transcript
A (0:00)
From the CISO series. It's Cybersecurity Headlines.
B (0:07)
These are the cybersecurity headlines for Tuesday, October 14, 2025. I'm Lauren Verno. Scattered Lapsus Hunters has leaked millions of records allegedly stolen from Salesforce customers after the company refused to pay ransom demands. The extortion group believed to be linked to Lapsus, Scattered Spider and Shiny Hunters, claimed it breached 39 Salesforce customers but has so far only published data from six, including Albertsons NG Resources, Fujifilm, Gap, Qantas and Vietnam Airlines. Qantas confirmed it's investigating the leak and that it aligns with a July breach that exposed up to 6 million customer records through a third party contact center. Meanwhile, the FBI and French investigators announce the takedown of at least one of the cybercrime forums used in connection with the recent Salesforce breach. But unfortunately, while this may be a win for the good guys, it's only a small one, as a seizure of the site will not have much of an impact on the ongoing Salesforce extortion. That's mainly because the takedown only impacted the Breach forum's HN site while the Onion site remains online. Simon Medbreach Grows from Hundreds to Over a million more than 1.2 million people have been impacted by a ransomware attack on SimonMed Imaging, one of the largest medical imaging providers in the U.S. the Medusa ransomware group claimed responsibility in February, demanding $1 million and alleging it stole over 200 gigabytes of data. Stolen information included the normal like Social Security numbers, financial details and medical records from Systems accessed between January 21 and February 1. Simon Med initially reported only 500 people were affected, but has since confirmed the breach was far more extensive, to say the least. Dutch government Freezes Chinese owned chipmaker the Dutch government has placed Chinese owned semiconductor company Nexperia under special administrative measures, citing governance failures that threaten Dutch and European tech security. The intervention allows the government to block or reverse corporate decisions and freezes nextperia's global operations for a year amid concerns the company might transfer sensitive chip technology to its China based parent Wingtech. Now Wingtech condemned the move as politically motivated and accepted, claiming foreign executives colluded with Dutch authorities to alter ownership under the guise of national security. Huge thanks to today's episode sponsor vanta. What's your 2am Security worry? Is it do I have the right controls in place or are my vendors secure? Or the really scary one? How do I get out from under these old tools and manual processes? Enter Vanta. Vanta automates manual work so you can stop sweating over spreadsheets, chasing audit evidence and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data and simplifies your security at scale, Vanta also fits right into your workflows, using AI to streamline evidence collection, flag risk, and keep your program audit ready all the time. With Vanta, you get everything you need to move faster, scale confidently, and get back to sleep. Get started at vanta.com headlines that's V A N T A dot com headlines Harvard gets schooled by EBS Vulnerability it's safe to assume Harvard University likes being number one. Maybe that's why the Klopp ransomware gang chose the university as the first named organization linked to the Oracle EE business suite zero day attacks. In all seriousness, though, the university is investigating a potential data breach after the Klopp ransomware gang listed the school on its leak site. Harvard said the incident likely affects a small administrative unit and has applied Oracle's patch with no evidence of a wider system compromise. Meanwhile, Oracle released a new emergency patch over the weekend for another E business suite vulnerability. The flaw affects versions 12.14 and allows unauthenticated attackers to remotely access sensitive data and is in the runtime UI component. It carries a CVSS score of 7.5 and can be exploited over a network without credentials. So like always, go patch it Microsoft 365 outage Microsoft is investigating an ongoing issue preventing some customers from accessing Microsoft 365 applications. On Monday, the company is analyzing telemetry and recent service changes to determine the root cause and develop a fix. The outage follows multiple major incidents last week, including MFA related teams and and exchange outages and a Europe wide disruption caused by an Azure front door CDN issue. Microsoft has not yet shared which regions are affected and as of this recording, the situation is still very much developing US national security gets a private boost JPMorgan Chase announced their plans to invest up to $10 billion in US companies tied to national security, focusing on critical minerals, defense, energy independence and strategic technologies like AI, cybersecurity and quantum computing. This initiative is part of the bank's $1.5 trillion, 10 year security and resiliency initiative aimed at strengthening domestic supply chains and technological capabilities. JP Morgan, CEO and chairman, said in a release, quote, our security is predicated on the strength and resiliency of America's economy. America needs more speed and investment. End quote. Is AI red teaming simply a more specialized version of something we already understand or do we need to think differently about the risk in LLMs. Do any of our existing tools and methodologies still hold value? That's what we're trying to answer on this week's episode of the CISO Series podcast. Look for the episode. The difference with AI Red teaming is we added the word AI wherever you get your podcast. And if you have some thoughts on the news from today or about the show in general, be sure to reach out to us@feedbackisoseries.com we'd love to hear from you. I'm Lauren Verno reporting for the CISO series.