Daily Cyber Threat Brief Podcast

Episode: Nov 28’s Top Cyber News NOW! — Ep 1015
Host: Dr. Gerald Auger (Simply Cyber Media Group)
Date: November 28, 2025

Episode Overview

This Black Friday episode delivers eight of the day’s most pressing cybersecurity stories for industry insiders, analysts, and business leaders—presented with expert context, practical advice, and the trademark camaraderie of #TeamSC. Dr. Gerald Auger blends insightful commentary and career advice, tackles live audience questions, and wraps with a relaxed, community-focused jawjacking session.

Key Cybersecurity Stories & Insights

1. Microsoft to Block Unauthorized Scripts in Entra ID Logins (00:09)

• Headline: Microsoft will implement a stricter Content Security Policy for Entra ID (formerly Azure AD) logins in late 2026.
• What’s Changing: Only scripts from trusted Microsoft domains will be allowed in browser-based sign-ins, effectively defending against cross-site scripting (XSS) and script injection during authentication. External ID sign-ins are not affected.
• Recommended Actions:
  • Organizations should audit sign-in flows, identify browser extensions or tools injecting scripts, and update them as recommended by Microsoft.
  • Anticipate “onesie-twosie” issues with power users running special Chrome extensions or homemade enterprise tools.
• Host Insight:
  • “We get the extra level of security without the cost of the end user experience suffering…a technical control that’s blocking injected scripts.” (11:48) — Gerald
  • However, security teams must prepare for edge cases where legitimate internal tools/extensions might break.
  • Always position security as business enablement, not just as “the office of no.”

2. New Bipartisan AI Fraud Deterrence Act Raises Penalties (16:03)

• Headline: Proposed U.S. legislation would ramp up penalties for crimes (like fraud and impersonation) committed with the aid of AI tools.
• Details:
  • Fines: $1–2 million.
  • Prison Sentences: Up to 20–30 years if AI is involved; 3 years and $1M for impersonating government officials using AI.
• Host Response:
  • “Did these guys get hammered and then come up with this legislation?...30 years in prison if you commit a crime using AI? Are you kidding me?” (16:50) — Gerald
  • Host raises skepticism about enforceability and overreach as “everything’s going to have AI,” and wonders if this is a negotiating stance.
  • “Let me know when we start using it.” (19:46)
• Broader Context:
  • Example from Australia: swift legislative response to cyberattacks resulted in toothless laws when not enforced promptly.
  • Real value will be seen in case law and first prosecutions.

3. ASUS Patches Critical AI Cloud Vulnerabilities (22:52)

• Summary: ASUS issued updates for nine CVEs, including one 9.2 Critical (auth bypass) affecting routers with the “AI Cloud” feature.
• Vulnerable Devices: The “AI Cloud” feature (misleadingly labeled—no real AI) exposes remote-access/personal cloud router services.
• Critical Flaw: Samba functionality bug lets attackers bypass auth checks.
• Advice: Patch immediately, particularly in SOHO/small business/higher-ed and home environments.
• Host’s Take:
  • “This is the laziest marketing thing I’ve ever seen. It doesn’t sound like it has anything to do with AI except the name.” (24:08)
  • Run network scans, and verify exposure.

4. OpenAI Cuts Off Mixpanel after Analytics Leak (27:34)

• Incident: Analytics provider Mixpanel had a data breach; OpenAI API user profile info was exposed (name, email, location, system details, account IDs).
• Impact: Primarily limited to API users—not regular ChatGPT. Potential data for targeted phishing/social engineering.
• Response: OpenAI removed Mixpanel, notified impacted users, and is reviewing other vendors.
• Takeaway:
  • “Textbook example of how you would deal with a third-party breach.” (29:05)

5. Cyber Incident Hits Three Wealthy London Councils (35:32)

• Incident: IT services for Kensington and Chelsea, Westminster, and Hammersmith/Fulham down after a cyber issue.
• Attribution/Data Impact: Unknown at the time; incident is under assessment.
• Host’s Analysis:
  • Alerts listeners to possible links between regional socio-political unrest (ongoing farmer protests) and timing of coordinated IT incidents.
  • “When you’re doing threat modeling, give consideration to current trends.” (38:06)

6. Dartmouth College: Oracle E-Business Suite Breach (38:41)

• Context: Ivy League college breached via Oracle EBS campaign; 35,000 impacted, with data exfiltration (names, SSNs, account numbers) between Aug 9–12, 2025.
• Likely Culprit: Clop ransomware (based on well-publicized EBS vulnerabilities).
• Reflections on Higher Ed:
  • High access needs, collaborative culture, legacy systems, and tenured staff make remediation and prevention tricky.
  • “Clop ransomware—solid, dependable, methodical…stick with consistent.” (42:24)

7. Microsoft Exchange Online Outage (43:03)

• Impact: Classic Outlook desktop users in APAC/NA affected; webmail remained online. Non-indicative of cyber attack, more likely software/APIs.
• Host Memory Lane:
  • “You youngs aren’t gonna know this…custom mods made Outlook unusable.” (43:41)
• Resource Mention: Down Detector recommended for quick outage checks.

8. FIDO2 Security Keys Now Prompt for PINs (46:29)

• Update: After Sept 2025 Windows patch, FIDO2 keys may require PINs per WEBAuthN specs—even if PIN wasn’t set up previously.
• Host Experiences:
  • “I’ve been holding off on 25H2. When you’re a small business, you don’t get to do vulnerability management the correct way. You just push it to prod.” (47:38)
  • IT teams must ready for fresh helpdesk calls re: PIN prompts and plan accordingly.
  • Hilarious soundbite: “Microsoft has a setting—Discouraged. What? Hold on. I’ve never seen something like that.” (49:18)

Notable Quotes & Memorable Moments

• On introducing security controls:
  “My job is to advise…Here are five options with varying levels of risk that you’re going to be accepting. What do you want to do?” (15:14) — Gerald

• On breakneck AI policy proposals:
  “This is a police state’s fantasy…To me, this law is like a police state's wet dream.” (17:59)

• On Asus's ‘AI Cloud’ branding:
  “This is the laziest marketing I’ve ever seen…The marketing team said AI is hot.” (24:08)

• On OpenAI’s vendor breach:
  “This is kind of a textbook example of how you would deal with a third-party breach.” (29:05)

• On holiday cyber culture:
  “This was simply Cyber’s daily Cyber Threat Brief Podcast. Definitely a renegade episode, 166 of you diehards here today…this stream, this AMA, this almost felt like holiday vibes.” (71:00, 118:59)

Community AMA & Career Insights (“Jawjacking” Panel, 53:14+)

Panelists:

• Dr. Gerald Auger
• Daniel Lowry
• DJ B Sec

Interview Advice and Career Insights

• On bringing notes to interviews:
  • “I personally always brought a notebook...Never been held against me.” (58:24) — Gerald
  • “Nothing wrong with having bullet points, but the way you worded the question makes it sound you’re reading off some sort of script—this is no bueno.” (59:57) — Daniel Lowry
• On “culture fit":
  • “Have a conversation…they're not just looking for skills, but for you as well. Do you fit here?” (59:41 — Daniel, 75:41 — DJ B Sec)
• How to answer unfair GRC/quantum encryption questions:
  • “That’s a jerk question. NIST has quantum-resistant algorithms, but good luck getting apps to support them in practice.” (68:00 — Gerald)

Tech & Presentation Tips

• On staying natural on camera:
  • “It's actually a lot easier because there's nobody looking back at you…you're just talking.” (63:54 — DJ B Sec)
  • Eye contact tricks: “We used to put googly eyes on the camera.” (64:18 — Daniel Lowry)
  • Product plug: “Elgato teleprompter is very good.” (65:17 — Gerald)

Panel Banter & Community Vibes

• Holiday gift and bonus talk (85:45+)
• Favorite holiday movies (86:54+)
• Rap and hip-hop nostalgia, music in cybersecurity culture (102:53+)
• Hallmark movies, family traditions, grilling, and scheduling downtime
• Practical advice for handling workplace credit-thieves (97:03): “Everything I put together had my watermark on it.”

Time-Stamped Highlights

| Topic | Timestamp | |------------------------------------------------|---------------| | Microsoft Entra ID Security Update | 09:09–16:03 | | US AI Crime Penalty Law | 16:03–22:52 | | ASUS Router Vulnerabilities & “AI Cloud” | 22:52–27:34 | | OpenAI Mixpanel Vendor Breach | 27:34–30:45 | | London Council Cyber Incident | 35:32–38:41 | | Dartmouth College (Oracle EBS Breach) | 38:41–43:03 | | Outlook/Exchange Online Client Outage | 43:03–46:29 | | FIDO2 Keys & PIN Prompt Policy Change | 46:29–50:00 | | Career AMA & Interview Advice | 53:14–71:00 | | API Security/Governance Guidance | 103:14–106:49 | | Pop Culture & Cyber Nostalgia | 107:30–114:45 |

Conclusion & Tone

Dynamic, supportive, honest, and loaded with both practical cybersecurity insight and lighter, relatable moments. The show invites engagement, showcases industry wisdom, and never shies away from strong opinions—whether on regulatory overreach, legacy tech woes, or grilling techniques.

Memorable sign-off:
“I’m Jerry from Simply Cyber. Have a great weekend and, until next time, stay secure.” (118:58)

For Listeners Who Missed It

This episode is especially rich if you want:

• Real-world interpretations of major cyber news headlines
• Tactical and strategic advice for security practitioners
• A grounded sense of cybersecurity community and career support
• Laughs, nostalgia, and Monday-ready energy

For more episodes and live streams, visit Simply Cyber Streams.