← Cybersecurity Headlines
Cybersecurity Headlines
Urgent iOS update, CISA officials on administrative leave, newspaper operations impacted
00:09:37
Loading summary
Transcript1 lines
- [00:00]
Lauren Verno
From the CISO series, it's Cybersecurity Headlines these are the cybersecurity headlines for Tuesday, February 11, 2025. I'm Lauren Verno. Urgent iOS update fixes critical USB security Flaw Even if you just updated your Apple phone to the latest version, go ahead and do it again. On Monday, Apple released an urgent patch for a zero day vulnerability in iOS and iPad OS 4-2-18 that allowed attackers to disable USB restricted mode unlocked devices now discovered by Citizens Lab. The flaw was used in a quote, extremely sophisticated attack likely for nation state surveillance. USB restricted mode introduced to block forensic tools from extracting data, could be bypassed due to an authorization issue in Apple's OS logic. CISA officials placed on administrative leave now this is a developing story. Several members of CISA's election security team were placed on administrative leave late last week, primarily those working on misinformation and disinformation efforts. That's according to cyberscoop. The move follows the Trump administration's pressure to scale back CISA's role in countering election related falsehoods, despite the agency's past efforts to combat foreign influence and assist local election officials. Former election security lead Kim Wyman warns that shutting down these efforts will hit citizen smaller jurisdictions the hardest, leaving them more vulnerable to misinformation. As of this recording, CISA has not responded to CyberScoop's request for comment. Cyberattack disrupts newspaper giants operations Extra, extra. Read all about it. Lee Enterprises, one of the largest newspaper groups in the US with a daily circulation of over 1.2 million and a digital reach of 44 million, confirmed a cyber attack on February 3rd that caused widespread outages and disrupted operations including printing and delivery. The company has not yet determined if any data was compromised, but warned that the ongoing investigation could take weeks. According to Believing Computer, the attack caused, quote, chaos across the printing group, with VPNs not working and journalists unable to access files. This marks the second major cyber incident for Lee Enterprises in recent years, following a 2020 breach linked to Iranian hackers. UK military drops basic training requirements for cyber recruits In a move to fill a growing need, the UK's Ministry of Defence is fast tracking cyberspecialists by cutting basic training from 10 weeks to four, followed by three months of cyberspecialist training. As an added bonus, successful applicants will earn a starting salary far higher than their fellow recruits and will either work on securing military networks or or conducting cyber operations against adversaries as a part of the National Cyber Force. Now with plans to expand in 2026. The initiative aims to address a critical skill shortage as the MOD says it has faced more than 90,000 sub threshold attacks in the past two years, thanks to today's episode sponsor Vanta. Do you know the status of your compliance controls right now? Like right now, we know that real time visibility is critical for security, but when it comes to our GRC programs we rely on point in time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks like SoC2 and ISO 27001. They also centralize key workflows like policies, access reviews and reporting, and helps you get security questionnaires done five times faster with AI. Now that's a new way to GRC. Get started at vanta.com/headlines that's V A N T A dot com slash headlines Global Sting takes down Phobos ransomware hackers A global law enforcement operation targeting the Phobos ransomware gang has led to the arrest of four four European suspects in Thailand and the takedown of eight bases dark web sites. The hackers allegedly extorted 16 million in Bitcoin from over 1000 victims, including at least 17 Swiss companies. Authorities across multiple countries Coordinated raids seizing laptops, cryptocurrency wallets and other evidence. Swiss officials sought extradition for the high profile ransomware group linked to attacks on organizations like the United Nations Development Program and Japanese tech giant NYDIC Corp. US hacker sentence for 37 million in crypto theft at just 22 years old, Indiana resident Evan Light was sentenced to 20 years in federal prison for hacking an Investment holdings company servers and stealing over 37 million in cryptocurrency. Using a stolen identity of an invested holdings client, Light accessed client data of hundreds of other clients, which he then used to drain 571 accounts and laundered the funds through mixing services and gambling sites. Prosecutors say he previously stole millions more, bringing the total amount stolen to to a whopping $80 million. Hacker behind SCC X account breach pleads guilty Speaking of crypto scams, an Alabama man has pleaded guilty to hijacking the SEC's X account in a January 2024 SIM swapping attack, enabling a fake Bitcoin ETF approval post that briefly sent Bitcoin's prices soaring. The man behind the attack, Air Council, used a fraudulent ID to take over the SEC's phone number, reset the X account password and grant access to co conspirators who paid him $50,000 in Bitcoin he now faces up to five years in prison, with sentencing set for May. Georgia Hospital hit by ransomware Memorial Hospital and Manor, a small rural hospital in Bainbridge, Georgia, is notifying 120,000 individuals that their personal and health information was stolen in a November 2024 ransomware attack, with leaked data now publicly available. To put this into perspective, a 2023 census estimated that the city of Bainbridge had just over 14,000 residents. The embargo Ransomer gang claimed responsibility, saying it stole 1.15 terabytes of data, including Social Security numbers, medical records and insurance details. The hospital is offering a year of free identity protection, but but says there's no evidence of misuse of the data at this time. Buzzwords might have value in cybersecurity marketing, but they don't do anything to help translate cybersecurity concepts to the business. So how can CISOs build a better lexicon that can connect with other leaders in an organization? That's one of the things we're breaking down this week on the CISO Series podcast. Look for the episode titled Zero Trust Purple Team DevSecOps Mesh A CASB Journey through the Identity Fabric. Wherever you get your podcast, I'm Lauren Verno reporting for the CISO Series. Cybersecurity headlines are available every weekday. Head to cisoseries.com for the full stories behind the headlines. Don't.