Senior Cyber Safety Briefing – September 26, 2025

🚨ALERT – CISA issues emergency directive over Cisco zero‑day flaws
👉Why it matters – The Cybersecurity and Infrastructure Security Agency (CISA) has identified two new exploited zero‑day vulnerabilities (CVE‑2025‑20333 and CVE‑2025‑20362) in Cisco ASA and Firepower devices, and mandated that federal agencies collect forensic data, mitigate compromises, and patch or disconnect old devices. 
📣Call to Action – If your network uses Cisco security appliances (or your service provider does), make sure they’ve applied updates or disabled vulnerable services immediately.

🔥PRIVACY & BIG TECH – Insurance giant claims 150,000 users’ data stolen
👉Why it matters – Hackers allege they breached American Income Life (AIL), claiming exposure of names, addresses, emails, birth dates, and policy info. Leaked data now being shared publicly, increasing phishing risk and identity theft. 
📣Call to Action – If you have or had an AIL policy, monitor your credit report and be skeptical of any communications that refer to “your policy” or “benefits” you didn’t request.

📈ECONOMY & SECURITY – Manufacturing & infrastructure exposed
👉Why it matters – A surge in exposed ICS/OT (industrial control / operational technology) systems makes critical infrastructure more vulnerable to attacks. 
📣Call to Action – Even at home, devices like smart thermostats, garage systems, or utility controllers should be isolated from your main computer network and kept on their own guest or segregated subnet.

🧠MUST‑READ – Deepfake scams targeting older adults on the rise
👉Why it matters – New research shows that scammers are increasingly using AI‑powered deepfake audio/video to impersonate family members, claiming emergencies and pressuring older adults to send money. 
📣Call to Action – If someone calls or messages claiming to be a loved one in trouble, pause and call them via a known number (not the one they used) to verify.

💡OPPORTUNITY – Defense strategy: security “crash tests” over assumptions
👉Why it matters – Just like car crash testing proves a structure actually works, continuous testing of security (not just ticking boxes) is becoming essential to find real weaknesses before attackers do. 


📣Call to Action – If you use security software with “test” or “attack simulation” modules (in anti‑malware or firewall suites), activate them and review results.

✅Quick Safety Tip of the Day
Beware the urgency trap: when someone pressures you to “act now or lose everything,” take a deep breath and verify before you respond.

(AI was used to create this article.)

Stay safe, stay secure, stay curious, and remember my friends—you’re never too old to outsmart a scammer👋 

Comments

Post a Comment

Popular posts from this blog

8-9-2024 Breaking Security News

Image
CISA and FBI Warn of Potential DDoS Attacks on Election Systems (August 8, 2024) : The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a joint alert about possible Distributed Denial of Service (DDoS) attacks targeting U.S. election infrastructure. These attacks could disrupt access to election-related information but will not affect the integrity of the voting process. This warning is part of efforts to safeguard the upcoming elections​ ( GovConWire ) ​ ( CISA ) . Apache HTTP Server Vulnerabilities Disclosed at Black Hat USA (August 9, 2024) : Researchers at Black Hat USA 2024 have exposed vulnerabilities in the Apache HTTP Server, a critical web server software used globally. These vulnerabilities could allow attackers to gain unauthorized access or disrupt services. Administrators are urged to apply the necessary patches to protect their systems​ ( Cyber Security News ) ​ ( Help Net Security ) . OPSWAT Enhances Cybersecurity Capabilities with InQu...
Read more