Senior Cyber Safety Briefing – September 11, 2025

🚨 ALERT – Microsoft patches 80 serious flaws, including SMB privilege escalation

👉 Why it matters – One of the flaws (CVE‑2025‑55234) lets attackers abuse Windows SMB (the file‑sharing/communication part) to gain elevated privileges if your system isn’t up‑to‑date. That can lead to attackers getting deeper access to your computer or your network. The Hacker News

📣 Call to Action – Make sure you install the latest Windows updates today. If you use a desktop PC or laptop with Windows, go to Settings → Update & Security and ensure your Patch Tuesday updates are applied.

📈 ECONOMY & SECURITY – Senator Wyden urges FTC to probe Microsoft over “cybersecurity negligence”

👉 Why it matters – The investigation is about claims Microsoft left default settings in Windows too weak, which may have helped past attacks on healthcare providers and insurers (including millions of people). Reuters Seniors could be impacted not only from device vulnerabilities, but also when healthcare data (doctors, hospitals) isn’t properly protected.

📣 Call to Action – Ask your healthcare providers whether they follow industry standard security practices (like encryption, strong authentication) when dealing with your data. If you hear anything like “we don’t know” or “it’s not our priority,” press for more information or change providers.

🔥 PRIVACY & BIG TECH – 23andMe seeks to expand data breach settlement after exposing genetic data

👉 Why it matters – Personal and genetic data is deeply private. If exposed, it can affect not just privacy, but also insurance, family history, even identity theft. Reuters

📣 Call to Action – If you ever used services like 23andMe, check whether your information was affected. Enroll for any offered monitoring or protection. And think twice before sharing even more sensitive DNA data online.

🧠 MUST‑READ – Android zero‑touch zero‑day and privilege bugs fixed; update ASAP

👉 Why it matters – Some Android vulnerabilities (for example, CVE‑2025‑38352) allow attackers to take control without you clicking a link — simply because the system has a weakness. These are advanced, but if your phone is old or updates are delayed, you're exposed. Cyber Security News

📣 Call to Action – Check your Android phone’s “System Update” or “Security Patch Level” and install the latest patch. If your phone manufacturer has ended support (older models), consider whether you need a newer device for better protection.

💡 OPPORTUNITY – Improvements at Kaseya highlight security progress among service providers

👉 Why it matters – After a devastating hack, Kaseya has overhauled its security practices. Since MSPs (managed service providers) often handle data for many companies, what they do—or don’t do—ripples outward. Stronger security at service providers means less risk for everyone, including seniors.

📣 Call to Action – When using services (insurance, utilities, healthcare) check whether they mention third‑party/vendor security practices. Ask “is my data handled in a secure, audited environment?” Businesses that do better will recognize it matters to customers.

Quick Safety Tip of the Day

Always use multi‑factor authentication (MFA) wherever possible—especially for your email, banking, and medical accounts. It adds a second lock that makes life much harder for hackers.

(AI was used to create this article.)

🙋 Closing Note

Stay safe, stay secure, stay curious, and remember my friends—you’re never too old to outsmart a scammer👋

Comments

Post a Comment

Popular posts from this blog

8-9-2024 Breaking Security News

Image
CISA and FBI Warn of Potential DDoS Attacks on Election Systems (August 8, 2024) : The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a joint alert about possible Distributed Denial of Service (DDoS) attacks targeting U.S. election infrastructure. These attacks could disrupt access to election-related information but will not affect the integrity of the voting process. This warning is part of efforts to safeguard the upcoming elections​ ( GovConWire ) ​ ( CISA ) . Apache HTTP Server Vulnerabilities Disclosed at Black Hat USA (August 9, 2024) : Researchers at Black Hat USA 2024 have exposed vulnerabilities in the Apache HTTP Server, a critical web server software used globally. These vulnerabilities could allow attackers to gain unauthorized access or disrupt services. Administrators are urged to apply the necessary patches to protect their systems​ ( Cyber Security News ) ​ ( Help Net Security ) . OPSWAT Enhances Cybersecurity Capabilities with InQu...
Read more