Summary5 min read

Cybersecurity Today – The Good News Edition

Host: Jim Love
Original Release Date: September 19, 2025

Episode Overview

In this upbeat special edition, host Jim Love offers a refreshing break from negative headlines by highlighting three recent good news stories in the cybersecurity world. Each segment showcases successful outcomes or lessons learned from recent cyber threats, covering major industry actions against cybercrime, successful prevention and recovery efforts, and how major institutions can transform their security posture.

Key Discussion Points & Insights

1. Humble Opener – Owning Mistakes and Introducing Good News

Jim Love kicks off with an apology for a previous episode’s factual mistake regarding Canadian geography (“Yellowknife is in the Northwest Territories, not Yukon”).
Lighthearted acknowledgment:

"I never claim that I'm the tech genius of all time. So sometimes I struggle to make sure I think I've got the tech facts right. But I don't live in fear of making a mistake when we get it wrong... we fess up to it." (00:30)
Sets a positive tone by promising three good news stories.

2. Microsoft Shuts Down Raccoon O365 Phishing Service

[00:57]

Microsoft dismantled the infrastructure of “Raccoon O365,” a global phishing-as-a-service platform targeting Microsoft 365 users.
- Sold ready-made phishing kits enabling low-skill attackers to steal credentials.
- Kits were actively used since July 2024; estimated 5,000 credential sets stolen across 94 countries.
- Microsoft seized 338 domains after a federal court order in New York.
- Cloudflare collaboration: Kits sold via Telegram as 30–90 day subscriptions, generating $100,000+ in crypto payments. Channel had 850+ members.
- Microsoft investigators ran four test buys to examine the operation.
- Ring-leader: Allegedly Joseph Ogundipe, a Nigerian programmer. Case referred to international law enforcement; no FBI comment yet.
Severe Impact on Healthcare:
- At least 20 US hospitals breached – with some ransomware deployments.
- Health ISAC supported the lawsuit, given the risk to health sector targets.
Industry Reflection:

“Phishing kits have industrialized cybercrime, turning attacks into subscription services with customer support and global reach... Disruptions like this buy time, but as always, new services can emerge quickly. But for now, sometimes the good guys win.” (03:09)
Notable Quote:

“The takedown is another reminder of how phishing kits have industrialized cybercrime... Disruptions like this buy time, but as always, new services can emerge quickly. But for now, sometimes the good guys win.” (03:18)

3. Texas County Recovers Nearly $2 Million From BEC Attack

[04:00]

Nueces County, Texas, was hit by a business email compromise (BEC) scam, nearly losing $2 million.
- Attackers used fraudulent emails posing as vendors to alter payment details.
- Three transactions were affected, totaling ~$1.9 million.
Recovery Efforts:
- Nearly $1 million reversed with help from Frost Bank.
- $900,000+ still under investigation, expected to be recovered.
- $56,000 already secured.
Policy Response:
- County suspended electronic payments, switched to paper checks.
- Now requires in-person verification for vendor changes.
- FBI and local law enforcement involved; no staff disciplined as previous procedures were lacking.
- Cybersecurity insurance (purchased just prior to the attack) will help cover any losses.
Lesson for Businesses:

“Business email compromise doesn't always require sophisticated hacking. Simple policy changes like verifying vendor details in person can make the difference between a routine payment and a million dollar loss. But once again, there's some good news.” (05:23)
Notable Quote:

“Simple policy changes... can make the difference between a routine payment and a million dollar loss.” (05:34)

4. Commonwealth Bank of Australia (“CommBank”) Slashes Scam Losses With AI

[06:00]

CommBank customers saw a 76% drop in scam losses since early 2023, driven by new AI-enabled tools and robust investments:
- Introduced a “scam checker” in mobile app: verifies messages for signs of fraud.
- In-app verification for card transactions.
- Advanced fraud detection using device recognition and behavioral analytics.
- $900 million AUD invested in FY2025 for anti-fraud & scam defences.
Tactics and Partnerships:
- Use of AI bots to tie up scammer resources while gathering intelligence.
- Independent reviews corroborate the reduction in scam success and increased disruption of phishing.
Notable Organizational Turnaround:
- 2018: Lost backup tapes with 20M records (“claimed risk was low”).
- 2024: Fined $7.5M AUD for violating anti-spam regulations.
- Now: “Presenting itself as a leader in scam prevention.”
Broader Message:

“Even large institutions, even if you've had some troubles in the past, you can turn things around with sustained investment, technical innovation, cultural change and leadership.” (08:08)
Notable Quote:

“The lesson is clear. Even large institutions, even if you've had some troubles in the past, you can turn things around... with sustained investment, technical innovation, cultural change and leadership.” (08:18)

Memorable Moments & Tone

Self-deprecating humor from Jim Love regarding his geography gaffe and IT expertise, fostering listener trust and relatability.
Emphasis throughout on practical takeaways—policy, investment, collaboration—as drivers of positive change.
Repeated motif: “sometimes the good guys win,” making optimism the show's signature note for this episode.

Timestamps for Key Segments

| Segment | Timestamp | |-----------------------------------------|-----------| | Host’s Opening & Apology | 00:01 | | Microsoft Dismantles Raccoon O365 | 00:57 | | Impact on Healthcare, Platform Details | 02:00 | | Business Email Compromise in Texas | 04:00 | | Recovery Tactics and Lessons | 05:00 | | Commonwealth Bank’s AI Scam Drop | 06:00 | | Bank’s Turnaround and Broader Message | 07:30 | | Closing Thoughts & Contact | 09:08 |

Conclusion

Jim Love wraps up by highlighting the value of sharing positive stories, encouraging listeners to submit tips—and even more good news. This episode offers actionable lessons and reminds industry practitioners that progress is possible, even when news cycles are typically grim.

Host’s parting words:

“I thought a good news show would be a fun thing to do... I'm your host Jim Love. Thanks for listening. David Shipley will be back in the news chair on Monday morning. I'm sure we'll have some depressing news for you.” (09:20)

Loading summary

Transcript1 lines

[00:02]
A
A couple of quick notes as we start the show. First, an apology for an error. I actually spend a lot of time trying to double check the facts in the stories that we run. And although I've been doing this IT thing for 40 years, I never claim that I'm the tech genius of all time. So sometimes I struggle to make sure I think I've got the tech facts right. But I don't live in fear of making a mistake when we get it wrong. And we're often not alone in that. We fess up to it. Sometimes, though, the Homer Simpson moment is just so embarrassing. When I wrote the script for Wednesday's show, I was obsessing with the details on the two lead stories and then decided I'd put a short story in about a small city in Canada that had been hit. I could leave that with a really good moral. We have to provide more assistance to smaller cities and towns. Bingo. Got it. All great. Until somebody wrote me and told me I'd made a big mistake that any Canadian should never have made. I said that Yellowknife was in the Yukon when everybody knows it's in the Northwest Territories. It's the capital city, duh. So mea culpa and apologies to listeners in Yellowknife. And another note on today's show, it turns out that Jim, you never take me anywhere. Love, your host, has found both a house sitter and a dog sitter and is taking his lovely wife to Niagara on the lake. And yes, I know where that is. So rather than try to predict the future, I thought if I'm going to have a good time, so should you. So I went looking for three good news stories to start your weekend. That's right, good news stories. Microsoft dismantles Raccoon0365 phishing as a service operations targeting health care A Texas county loses $2 million in business email compromise attacks, but gets it back CommBank's AI tools/scam losses A sharp turnaround from past troubles this is Cybersecurity Today, the good news edition. I'm your host Jim Love. Microsoft says it's dismantled the infrastructure behind a global phishing as a service platform known as Raccoon O365. The operation sold ready made phishing kits that let even low Skill attackers steal Microsoft 365 usernames and passwords since July 2024. Microsoft estimates the kits were used to steal about 5,000 sets of credentials across 94 countries. The company seized 338 domains tied to the scheme after A federal judge in New York approved the action. According to Cloudflare, which worked with Microsoft, the kits were sold on Telegram through 30 to 90 day subscriptions, generating more than $100,000 in cryptocurrency payments. The group's channel had at least 850 members. Court filings say that Microsoft investigators made four test buys to understand how the service worked. The alleged ringleader is Joseph Ogundipe, a Nigerian programmer. Microsoft has referred the case to international law enforcement, although the FBI has not yet commented. The impact was particularly severe on healthcare. Microsoft said at least 20 US hospitals were breached, with some incidents leading to ransomware deployment. The threat was considered so serious that Health ISAC joined Microsoft's lawsuit in support of taking down the domains. The takedown is another reminder of how phishing kits have industrialized cybercrime, turning attacks into subscription services with customer support and global reach. Disruptions like this buy time, but as always, new services can emerge quickly. But for now, sometimes the good guys win. Nue's County I hope I'm saying it right in Texas says a business email compromise scam cost it almost $2 million this summer. Officials believe that almost all of the money can be recovered. Attackers used fraudulent emails posing as vendors, tricking staff into changing banking details for county payments. In three separate transactions, the county wired close to $1.9 million. One payment, close to a million, is being reversed with the help of Frost bank, while another, just over $900,000, is still under investigation and they do expect to get that back. And a smaller loss of about $56,000 has already been recovered. In response, the county suspended electronic payments and switched to paper checks while they reviewed all vendor accounts. New rules now require in person verification for any vendor requesting changes to payment details. It seems like a pretty good idea. The FBI is still investigating alongside local law enforcement. Officials stressed that no employees will be disciplined, noting that written procedures weren't in place under prior management. County Judge Connie Scott said cybersecurity insurance purchased just before the attack will also help cover losses. The lesson's clear. Business email compromise doesn't always require sophisticated hacking. Simple policy changes like verifying vendor details in person can make the difference between a routine payment and a million dollar loss. But once again, there's some good news. And finally, the Commonwealth bank of Australia said scam losses among its customers have dropped 76% since early 2023, thanks to a new wave of AI powered defenses. The bank has rolled out a scam checker feature in in its app, allowing customers to scan suspicious messages for signs of fraud. It has also introduced in app verification for certain card transactions and invested heavily in fraud detection systems that use device recognition and behavioral analysis. Commbank has backed these efforts with nearly $900 million Australian in spending on cyber fraud and scam prevention for the current financial year. The strategy does appear to be paying off, with independent reporting confirming a sharp decline in successful scams and increased disruption of phishing attempts. The bank has also partnered with firms to deploy AI bots that waste scammers time while gathering intelligence on their tactics. This progress marks a notable shift for an institution that has faced its share of cybersecurity and compliance embarrassments. You may not remember the story, but in 2018 it admitted that its backup tapes containing 20 million customer records had gone missing, though it claimed the risk of exposure was low. And more recently, although not Cybersecurity related, in 2024 the bank was fined 7.5 million Australian by the Australian Communications and Media Authority for breaching spam rules by sending millions of non compliant marketing emails. The contrast highlights how much has changed in a few years from data mishandling and compliance failures. Commbank is now presenting itself as a leader in scam prevention. The lesson is clear. Even large institutions, even if you've had some troubles in the past, you can turn things around with sustained investment, technical innovation, cultural change and leadership. And that's our show for today. I thought a good news show would be a fun thing to do. You can reach me with tips, comments and even some constructive criticism or lessons on geography. Even some good news stories. TechNewsDay.com just go to the Contact Us tab. I'm your host Jim Love. Thanks for listening. David Shipley will be back in the news chair on Monday morning. I'm sure we'll have some depressing news for you.