Cyber News 27OCT2025

General

• Jubair/Flowers from Scattered Spider appear in court over TfL hack
  • https://www.bbc.com/news/articles/cj97ekz07ezo
• Recent WSUS vulnerability is being exploited
  • https://www.bleepingcomputer.com/news/security/hackers-now-exploiting-critical-windows-server-wsus-flaw-in-attacks/
  • https://www.cybersecuritydive.com/news/hackers-exploiting-critical-vulnerability-windows-server-update-service/803810/
  • https://www.itnews.com.au/news/windows-server-update-services-bug-exploited-in-the-wild-621291
  • https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/critical-vulnerability-in-Microsoft-Windows-Server-Update-Service
• LastPass users being phished
  • https://www.bleepingcomputer.com/news/security/fake-lastpass-death-claims-used-to-breach-password-vaults/
• Situation Normal, WordPress plugins getting exploited
  • https://www.bleepingcomputer.com/news/security/hackers-launch-mass-attacks-exploiting-outdated-wordpress-plugins/
• Crims borrowing fake job-interview technique from North Koreans
  • https://cyberpress.org/fake-job-listings/
• Companies appear over-confident in their ability to survive ransomware
  • https://betanews.com/2025/10/24/confidence-in-ransomware-recovery-is-high-but-actual-success-rates-remain-low/
  • https://investors.opentext.com/press-releases/press-releases-details/2025/OpenText-Cybersecurity-2025-Global-Ransomware-Survey-Rising-Confidence-Meets-a-Growing-AI-Threat/default.aspx
• Cheating at Poker, with hacked "Deckmate 2" card shuffling machines
  • https://www.wired.com/story/how-hacked-card-shufflers-allegedly-enabled-a-mob-fueled-poker-scam-that-rocked-the-nba/
• Yet another BreachForums....do you really trust it?
  • https://infosec.exchange/@vxdb/115441877711179421

Getting Techy

• Hacking F1's Licence servers
  • https://ian.sh/fia

Privacy

• [AU] Australia and others to sign a cybercrime pact, no carve-outs for legitimate researchers, excessive search rights, overly broad definitions
  • https://www.reuters.com/sustainability/society-equity/un-cybercrime-pact-be-signed-hanoi-raises-hopes-concerns-2025-10-22/
  • https://www.itnews.com.au/news/australia-to-sign-un-surveillance-treaty-in-vietnam-621260
  • https://cybertechaccord.org/
• [US] ICE Attempting further crackdowns on social media accounts reporting on their movements.
  • https://archive.is/2r9zk
• [US] Meanwhile, DHS is looking for improved surveillance capabilities - trucks they can park and leave, which will alert them to movement
  • https://www.wired.com/story/dhs-wants-a-fleet-of-ai-powered-surveillance-trucks/

AI

• Phishing using CoPilot...but not through LLM's, modifying the Auth flow to steal the token
  • https://www.bleepingcomputer.com/news/security/new-cophish-attack-steals-oauth-tokens-via-copilot-studio-agents/