Cyber Security Headlines: Week in Review Summary

Released on February 21, 2025

The latest episode of Cyber Security Headlines by the CISO Series offers a comprehensive overview of the week's most impactful stories in information security. Hosted by Rich Stroffelino and featuring insights from returning guest TC Nijikowski, the episode delves into significant breaches, policy changes, compliance issues, and evolving threats shaping the cybersecurity landscape. Below is a detailed summary of the key discussions and expert analyses presented in the episode.

1. Telecoms Breached via Cisco Routers

Overview:
The episode opens with alarming news from Recorded Futures about ongoing breaches targeting telecommunications providers worldwide. The Chinese-backed Salt Typhoon Group has exploited unpatched Cisco iOS XE network devices, affecting telecoms in the US, South Africa, Italy, and Thailand. This incident is distinct from a previous exploit involving different vulnerabilities and threat actors.

Expert Insight:
TC Nijikowski emphasizes the gravity of the situation, highlighting the multifaceted nature of the threat:

“This is something that we're not ready for in terms of really pulling together all these threads, crafting a whole of society response and facing this adversary. I think this is an example of essentially gray zone or hybrid warfare...”
(04:52)

He underscores the challenge of addressing widespread espionage and the limitations of traditional patching measures in mitigating such sophisticated, state-sponsored attacks.

2. Chase Blocks Zelle Payments on Social Media

Overview:
JPMorgan Chase has announced that starting March 23, it will delay, decline, or block Zelle payments to contacts on social media platforms. This decision comes in response to a surge in online scams leveraging Zelle's rapid, unsecured transfer capabilities. Bitdefender supports the move, advocating for Zelle's use strictly among trusted individuals.

Expert Insight:
TC Nijikowski critiques the decision, questioning its timing and effectiveness:

“The big banks wanted to have a product compete with Venmo and PayPal, and they just didn't build in consumer protection... this seems like a pretty broad control just disallowing anything from social media, period.”
(07:07)

He points out the inherent lack of purchase protection in Zelle, making it a prime target for scams, and discusses the broader implications of weakened consumer protections in digital payment systems.

3. Military Healthcare Outfit Settles Compliance Case

Overview:
HealthNet Federal Services (HNFS), alongside its parent company Centene Corporation, has agreed to pay over $11 million to resolve claims of falsely certifying compliance with information security requirements in a Department of Defense contract from a decade ago. Neither company admitted wrongdoing.

Expert Insight:
TC Nijikowski reflects on the persistent challenges of vulnerability and patch management:

“These are still challenges that a lot of organizations have, and maybe we're always going to have them... How do we maintain honesty and integrity within this large supply chain without the expense of validating their claims?”
(11:19)

He questions whether the settlement amount serves as a sufficient deterrent and emphasizes the difficulty organizations face in ensuring compliance across complex supply chains.

4. South Korea, Taiwan, and Australia Ban Deepseek App

Overview:
South Korea’s Personal Information Protection Commission has removed the Deepseek app from major app stores following security and privacy concerns. Taiwan and Australia have extended bans on Deepseek for government devices. Existing users can continue using the app or access it via the web.

Expert Insight:
TC Nijikowski contextualizes the ban within geopolitical tensions:

“In South Korea, their president was impeached recently, and there are concerns about Chinese interference... This is happening within the context of what's affecting that nation and their relationships with other countries.”
(14:51)

He highlights how domestic politics and international relations, particularly involving China, influence cybersecurity decisions and app restrictions.

5. Palo Alto Firewalls Under Attack Through Chained Flaws

Overview:
Palo Alto Networks is currently facing active attacks exploiting chained vulnerabilities in their firewalls. A recent patch for a critical privilege escalation flaw in Pan OS is being targeted alongside older vulnerabilities, potentially granting attackers root access to affected systems.

Expert Insight:
TC Nijikowski discusses the implications for organizations managing legacy infrastructure:

“The challenges when you have your front door, your firewalls, your VPNs being legacy software... it's easier to keep things updated and patched from the cloud-native perspective.”
(19:19)

He advocates for transitioning to cloud-native solutions to enhance patch management and reduce the risk associated with maintaining on-premises legacy systems.

6. Russian Hackers Exploit Signal's Link Devices Feature

Overview:
State-backed Russian attackers are hijacking Signal accounts by deceiving Ukrainian military personnel into scanning malicious QR codes. This exploit allows attackers to intercept messages in real-time without fully compromising the victim's device. Google researchers have identified multiple threat groups utilizing this technique, which undermines Signal’s reputation for secure communications.

Expert Insight:
TC Nijikowski analyzes the evolving threat landscape and the balance between convenience and security:

“These are novel techniques... how do we know that it's really this user adding this other device to their account and how can we be sure of that?”
(22:56)

He stresses the importance of adapting security measures to counteract dynamic adversaries who continuously develop new attack vectors.

Closing Remarks and Community Engagement

The episode concludes with acknowledgments to listeners and community members, emphasizing the importance of shared insights and continued vigilance in the cybersecurity field. TC Nijikowski shares personal reflections on the Zelle story and highlights the ongoing challenges in consumer education regarding digital payment protections.

Final Thoughts from TC Nijikowski:

“The Zell story... was something that our day care provider was the only one that asked for it. I didn't know the difference myself until I drilled down and looked at it.”
(26:16)

He underscores the necessity of educating consumers to navigate the complexities of modern digital financial tools safely.

Connect with TC Nijikowski:
For those interested in further insights from TC Nijikowski, he is available on LinkedIn and active in Slack communities such as Forward, Cloudsec, and Mac Admins.

Stay Updated:
To keep abreast of daily cybersecurity news, visit CISOseries.com for more detailed stories and future episodes.

This episode of Cyber Security Headlines provides a nuanced examination of current cybersecurity threats and organizational responses, enriched by expert commentary that underscores the complexities of today's digital security environment.