Senior Cyber Safety Briefing for September 27, 2025

🛑 Alerts

  • A ransomware attack disrupted airport check‑in and baggage systems in Europe via a software provider (Collins Aerospace’s systems were compromised) — travelers across multiple airports experienced delays. 

  • There’s a newly discovered zero‑day vulnerability in Cisco firewalls / VPNs (CVE‑2025‑20333 and CVE‑2025‑20362) being actively exploited. 

  • The U.S. Secret Service claims to have dismantled a massive network of devices capable of jamming or interfering with cellular services near NYC — included were over 100,000 SIM cards. 

📖 Must-Reads

  • AI-powered attacks rising. Security teams report increasing alarm about threat actors weaponizing AI for phishing, impersonation, and faster evasion. 

  • Threat-sharing law may expire. A critical U.S. law enabling agencies to share cyber threat information could lapse soon, potentially weakening coordination across agencies. 

  • Apple vs. EU over tech rules. Apple is lobbying to overturn parts of the EU’s Digital Markets Act, claiming the regulations force compromises that weaken security and delay features. 

  • UK digital ID plans raise alarm. Proposed mandatory digital ID cards (to launch by 2029) are criticized for creating tempting central points of failure for hackers. 

💼 Economy & Security

  • The disruption at airports underscores how cyberattacks now target services that touch everyday life (travel, logistics, etc.), not just financial or government systems. 

  • The potential expiration of cybersecurity data‑sharing laws could weaken collective defense, making it harder to respond rapidly to emergent threats. 

  • Big Tech is pushing back on regulation, claiming that forced openness (e.g. “sideloading” apps) introduces security risks. 

🔒 Privacy & Big Tech

  • The EU is preparing to bar major U.S. tech firms from participating in a new financial data sharing initiative (called FiDA), to curb their influence over consumer financial data. 

  • Moving forward, centralizing identity (digital IDs) or financial records may increase risks if not designed with strong safeguards. 

  • Big Tech’s resistance to regulation signals a tension: more openness and interoperability could support fairness, but might also introduce new attack vectors or lower security guardrails. 

💡 Quick Safety Tip

If you use a home router or firewall device (or one at your community center), check for and install firmware updates regularly. Older firmware is a favorite target for attackers, and many vulnerabilities (like the ones in Cisco gear) exploit outdated systems.

Bonus: Use a strong, unique password for your router’s admin page (not “admin123” or “password”) and disable remote management if you don’t use it.

(AI was used to create this article.)

Stay safe, stay secure, stay curious, and remember my friends—you’re never too old to outsmart a scammer 👋 

Comments

Post a Comment

Popular posts from this blog

8-9-2024 Breaking Security News

Image
CISA and FBI Warn of Potential DDoS Attacks on Election Systems (August 8, 2024) : The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a joint alert about possible Distributed Denial of Service (DDoS) attacks targeting U.S. election infrastructure. These attacks could disrupt access to election-related information but will not affect the integrity of the voting process. This warning is part of efforts to safeguard the upcoming elections​ ( GovConWire ) ​ ( CISA ) . Apache HTTP Server Vulnerabilities Disclosed at Black Hat USA (August 9, 2024) : Researchers at Black Hat USA 2024 have exposed vulnerabilities in the Apache HTTP Server, a critical web server software used globally. These vulnerabilities could allow attackers to gain unauthorized access or disrupt services. Administrators are urged to apply the necessary patches to protect their systems​ ( Cyber Security News ) ​ ( Help Net Security ) . OPSWAT Enhances Cybersecurity Capabilities with InQu...
Read more