CyberWire Daily: "From Cryptomixers to Recipe Mixers"
Date: December 1, 2025
Host: Dave Bittner, N2K Networks
Guest Segment: Ann Johnson (Microsoft) interviews Amy Hogan Burney (Corporate VP, Customer Security & Trust, Microsoft)
Episode Overview
This episode delivers a comprehensive update on the week’s major cybersecurity events, high-profile breaches, evolving threat actor tactics, and the intersection of AI with cyber risk. It includes in-depth industry news, regulatory updates, research findings, and a business/finance roundup. The highlight is an interview from Microsoft's Afternoon Cyber Tea with Amy Hogan Burney, focusing on international collaboration, the role of AI, and optimism for the future of cybersecurity.
Key Discussion Points & Insights
1. Major Cybercrime and Law Enforcement Operations
- Take-down of Illegal CryptoMixer.io ([03:23])
- European authorities (Europol, Eurojust) shut down a major crypto-mixer platform, seizing servers in Zurich and collecting 12TB of data.
- The mixer laundered over 1.3 billion euros in Bitcoin since 2016, primarily serving ransomware operators for hiding illicit funds.
- Operation follows similar actions like the 2023 ChipMixer bust.
2. Arrest for Evil Twin Wi-Fi Attacks
- Australian Man Sentenced ([04:30])
- 44-year-old sentenced to 7 years for operating fake airport Wi-Fi to steal data and private images, using Wi-Fi pineapple devices.
- After being caught, attempted to destroy evidence and access sensitive data on employer laptop.
- Authorities warn travelers about the danger of public Wi-Fi.
3. Threat Intelligence Updates
- Scattered Lapsus Hunters Unmasked ([05:49])
- Investigative reporting identified "Ray," a 15-year-old from Amman, Jordan, as a leader in data breach/extortion group SLSH.
- Group linked to social engineering, insider recruitment, and new RaaS (Ransomware-As-A-Service) operations.
4. Vulnerabilities and Exploits
- CISA Adds OpenPLC Cross-Site Scripting Flaw to its KEV Catalog ([07:11])
- Vulnerability actively exploited by Russian group Twonet, targeting industrial systems.
- Agencies must patch by December 19; broad warning for private orgs.
5. Major Data Breach in South Korea
- Retail Giant Coupang Breached ([08:21])
- Over 33.7 million customer records exposed—names, contact details, purchase histories.
- Incident attributed to possible insider threat (former Chinese employee under investigation).
- Follows large breaches at other major Korean firms, sparking debate over national data protection gaps.
6. Emerging Attack Vectors
- Abusing Calendar Subscriptions for Malicious Content ([10:02])
- BitSight research: Attackers are misusing digital calendar subscription features to push malicious events with links or attachments.
- Millions of devices potentially affected due to expired or hijacked domains used for calendar syncs.
- Highlights a security blind spot, as these features lack email-style protections.
7. Regulatory and Industry Shifts
- New York Hospital Cybersecurity Mandates ([11:18])
- Mandates for hospitals: MFA, risk analysis, incident planning, appointed CISOs.
- Industry expects ripple effects nationwide; CISO talent shortage may worsen.
8. Consumer and Business Threats
-
Holiday Season Scam Sites ([12:42])
- Cloudsec reports over 2,000 fake online stores spoofing brands (Amazon, Apple, etc.) to steal payment info during peak shopping.
- Organized clusters, many hosted in China. Each scam can net thousands quickly.
-
Cybersecurity Investment and M&A Activity ([14:37])
- Guardio, 20, Clover, Method Security, Opti, Coverbase, Vigil, Run Layer all raised significant rounds.
- Notable M&A: Palo Alto’s $3.35 billion Chronosphere acquisition.
Featured Interview: Amy Hogan Burney (Microsoft) on Afternoon Cyber Tea
Time Block: [16:30] – [22:44]
Career Path & State of Cybersecurity
-
On Accidentally Entering Cybersecurity
"I accidentally stumbled into cyber because it just became my calling..."
— Amy Hogan Burney ([16:48]) -
Changing Nature of Threats
"We call them advanced persistence disruptions. Now there's no way that we are disrupting these networks in totality. We have to think completely differently..."
— Amy Hogan Burney ([17:27]) -
What's Unchanged: Human Element
"Social engineering is still one of the biggest problems, one of the biggest ways that cyber criminals and nation state actors get into systems."
— Amy Hogan Burney ([18:04])
Microsoft Digital Defense Report (MDDR)
-
Importance of Basics Amid AI Advances
"As AI is advancing, it is more important than ever that people understand the basics for hardening your system and for being resilient are more important than they have ever been..."
— Amy Hogan Burney ([18:44])- Hope is that a year from now, organizations will measurably improve their security posture due to the report.
International Collaboration & Cyber Diplomacy
-
Collaboration Success Story
"Microsoft's Digital Crimes Unit… partnered... to disrupt a widespread tech support scam... Generative AI was used to impersonate Microsoft and mass produce malicious pop ups."
— Amy Hogan Burney ([20:05]) -
On Cyber Diplomacy
"As nations operate in the digital space… we need to think about what kind of rules and norms that we should have... The private sector holds the vast amount of critical infrastructure."
— Amy Hogan Burney ([21:00])
Optimism for the Future
"I am so optimistic because of the people that I work with every single day… the combination of [talent and AI-driven innovation] just makes me incredibly optimistic."
— Amy Hogan Burney ([22:09])
Notable Quotes
-
On the persistent threat of social engineering:
"The same is the human element... social engineering is still one of the biggest problems..."
— Amy Hogan Burney ([18:04]) -
On the evolving cyber defense landscape:
"We have to think completely differently about how we are working."
— Amy Hogan Burney ([17:27]) -
On international cybercrime collaboration:
"...looking for creative ways to partner with law enforcement and to look for ways to protect the most vulnerable is incredibly important."
— Amy Hogan Burney ([20:24])
Memorable Moment
- Google’s "Recipe Mixer" Blunder ([24:12])
- Google’s AI-generated recipe promo plagiarized content from the How Sweet Eats blog, raising questions about AI content origins and the future of sponsored answers.
“…matched a How Sweet Eats Blog post almost ingredient for ingredient... Google deleted the post with the same enthusiasm one deletes burnt stuffing and moved on.”
- Google’s AI-generated recipe promo plagiarized content from the How Sweet Eats blog, raising questions about AI content origins and the future of sponsored answers.
Timestamps for Key Segments
| Segment | Timestamp | |----------------------------------------------------|:-------------:| | News Headlines Introduction | [01:01] | | Europol/Cryptomixer Takedown | [03:23] | | Evil Twin Wi-Fi Arrest and Sentencing | [04:30] | | Scattered Lapsus Hunters Unmasked | [05:49] | | CISA OpenPLC XSS Vulnerability | [07:11] | | Coupang Data Breach (South Korea) | [08:21] | | Calendar Subscription Abuse | [10:02] | | NY Hospital Cyber Mandates | [11:18] | | Holiday Season Scam Sites | [12:42] | | Business Brief and M&A Updates | [14:37] | | Interview: Amy Hogan Burney | [16:30] | | Google’s AI Recipe Plagiarism Incident | [24:12] |
Additional Highlights
- Upcoming CyberWire NATO Cyber Coalition Coverage
- Podcast team invited for exclusive on-the-ground episode in Tallinn, Estonia.
- Reminder: Full Afternoon Cyber Tea episode with Amy Hogan Burney available for deep dive ([22:44]).
This episode delivers a whirlwind tour of global cyber events, practical takeaways on social engineering and attack prevention, and an insider's view on Microsoft's evolving strategy for AI-driven defenses and international cooperation. It also offers a dose of levity regarding AI's limits in recipe creation—mixing industry gravitas with relatable tech blunders.