Good Morning, Security Gang! Welcome to 2025
Happy New Year, everyone! It’s a privilege to kick off this year with the CyberHub Podcast, packed with insights, news, and some reflective moments about where we’ve been and where we’re headed. If you’re tuned in today, let’s dive into the significant stories shaping our world and cybersecurity.
Summary of Today’s Podcast Stories
Terror Attack in New Orleans
A tragic terror attack in New Orleans on New Year’s Eve claimed 12 lives and injured 30 others. Law enforcement neutralized the attacker, and investigations are ongoing. Our hearts are with the victims, their families, and first responders during this difficult time.
Hostages in Gaza
A stark reminder of ongoing global crises: 100 hostages remain in Gaza, marking over a year in captivity. Efforts for their freedom appear stalled, highlighting the ongoing human impact of international conflicts.
25 Years of Vladimir Putin’s Rule
As 2025 begins, it also marks 25 years of Vladimir Putin’s leadership in Russia. His influence spans cybersecurity, AI, and geopolitics. This Saturday, CyberHub Podcast will explore his impact over this quarter-century.
Snowflake “Non-Breach” Explained
A misunderstanding around Snowflake persists: the company itself wasn’t breached, but over 100 of its customers were compromised due to weak passwords and lack of MFA. Police detained Cameron John Wagenius, 20, on Dec. 20 near the U.S. Army's military base Fort Cavazos, formerly known as Fort Hood, in Texas, as cybersecurity blogger Brian Krebs first reported. A U.S. Army private Wagenius, was indicted in connection to the broader AT&T and Verizon data breaches tied to this case. More charges may follow.
A two-count indictment against Wagenius, filed under seal on Dec. 18 in Seattle federal court, charges him with "knowingly and intentionally" selling and transferring "confidential phone records information," without first obtaining "prior authorization from the customer to whom such confidential phone records information related" to do so, as well as "having reason to know such information was obtained fraudulently."
The indictment makes no mention of the cloud-based data warehousing platform Snowflake. Wagenius' mother told Krebs that her son confirmed to her that he'd been associating with Connor Riley Moucka - aka "Judische," "Waifu" - and that her son was stationed at a U.S.
Rhode Island Data Breach
The Rhode Island Bridges health and benefits program suffered a breach with stolen data now leaked online. Deloitte, the system’s developer, is under scrutiny as the state encourages residents to take protective measures like freezing credit and requesting fraud alerts.
Chrome Extension Compromise
A campaign targeting 35 Chrome extensions, including CyberHaven, injected data-stealing code. Users are urged to only download extensions from trusted sources and remain cautious about misleading browser add-ons.
Controversial UN Cybercrime Treaty
The UN General Assembly adopted a widely criticized Cybercrime Treaty, requiring cooperation among nations with varying human rights records. The treaty faces significant hurdles, including ratification in the U.S., which is unlikely. For the treaty to be ratified 40 nations must adopt it and at this time that seems unlikely.
GitHub’s Fake Stars Problem
A study revealed 4.5 million fake GitHub stars, used to inflate repository popularity pushing malware and malicious projects in the platform. Developers are urged to rely on code quality, not ratings, as a measure of trustworthiness and organizations should implement more controls for developers.
OFAC Sanctions for Election Interference
The U.S. Treasury’s OFAC sanctioned entities in Iran and Russia for attempts to influence the 2024 presidential election. However, sanctions' effectiveness remains debatable as adversaries increasingly trade outside U.S. dollar systems.
The federal agency said the entities – a subordinate organization of Iran's Islamic Revolutionary Guard Corps and a Moscow-based affiliate of Russia's Main Intelligence Directorate (GRU) – sought to influence the electoral outcome and divide the American people through targeted disinformation campaigns.
The latest Iranian entity to fall under the purview of U.S. sanctions is the Cognitive Design Production Center (CDPC), a subsidiary of the IRGC that's said to have planned influence operations designed to incite socio-political tensions in the lead up to the 2024 elections.
Also sanctioned by OFAC is a Moscow-based entity called the Center for Geopolitical Expertise (CGE), which works directly with a GRU unit responsible for sabotage, political interference operations, and cyber warfare aimed at the West.
SEC Disclosure Rules and Cybersecurity
New SEC rules have led to increased reporting of cybersecurity incidents, but critics argue they may inadvertently open avenues for malicious actors to profit by shorting stocks.
Finnish Undersea Cable Sabotage
Seven crew members of a Russian tanker are detained in Finland for allegedly severing critical undersea cables. This highlights the strategic importance of satellite systems like Starlink for maintaining global communications.
Action List for 2025
Stay Updated: Follow verified cybersecurity sources like Brian Krebs and CyberHub Podcast for real-time updates.
Enable MFA: Protect accounts with multi-factor authentication.
Audit Browser Extensions: Regularly review and remove untrusted extensions.
Monitor Credit: If affected by breaches, freeze your credit and monitor reports.
Engage in Policy Discussions: Stay informed and voice concerns about international treaties impacting cybersecurity.
Strengthen DevOps: Evaluate open-source code for security, regardless of popularity metrics.
Use Secure Browsers: Consider browsers like Brave or DuckDuckGo for enhanced privacy.
Support Cyber Resiliency: Advocate for resilient systems, including satellite technologies, in national and global infrastructure.
Thank you all for starting 2025 with us! Let’s make this year one of innovation, collaboration, and strengthened cybersecurity. Cheers to a new year, and as always, stay cyber safe!
✅ Story Links:
https://www.bankinfosecurity.com/arrest-us-army-soldier-tied-to-att-verizon-extortion-a-27192
https://thehackernews.com/2025/01/iranian-and-russian-entities-sanctioned.html
https://cyberscoop.com/sec-cybersecurity-disclosure-uptick-paul-hastings/
https://therecord.media/finland-suspects-identified-alleged-russian-spy-ship
🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1
✅ Important Links to Follow:
👉Website:
👉Listen here: https://linktr.ee/cyberhubpodcast
✅ Stay Connected With Us.
👉Facebook: https://www.facebook.com/CyberHubpodcast/
👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/
👉Twitter (X): https://twitter.com/cyberhubpodcast
👉Instagram: https://www.instagram.com/cyberhubpodcast
✅ For Business Inquiries: info@cyberhubpodcast.com
=============================
✅ About The CyberHub Podcast.
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.
Share this post