Cyber News 04DEC2025
General
- The Aisuru botnet keeps getting bigger - now just under 30Tbps, up from 22Tbps.
- Google's expanding its in-call scam protection trial, with more UK banks, and now some US banks.
When you launch a participating financial app while screen sharing and on a phone call with a number that is not saved in your contacts, your Android device will automatically warn you about the potential dangers and give you the option to end the call and to stop screen sharing with just one tap.
- https://security.googleblog.com/2025/12/android-expands-pilot-in-call-scam-protection-financial-apps.html
- https://www.bleepingcomputer.com/news/security/google-expands-android-scam-protection-feature-to-chase-cash-app-in-us/
- Let's Encrypt moving from 90-day to 45-day certificates, but it's a long timeline.
May 13, 2026: Let’s Encrypt will switch our tlsserver ACME profile to issue 45-day certificates. This profile is opt-in and can be used by early adopters and for testing.
February 10, 2027: Let’s Encrypt will switch our default classic ACME profile to issuing 64-day certificates with a 10-day authorization reuse period. This will affect all users who have not opted into the tlsserver or shortlived (6-day) profiles.
February 16, 2028: We will further update the classic profile to issue 45-day certificates with a 7 hour authorization reuse period.
- CISA's Secure By Design initiative isn't dead - Axis cameras makes the pledge.
- More quality Microsoft code - MS acknowledges bugs in 25H2
Documented in support bulletin KB5072911, the issue causes core UI elements such as the Taskbar, Start menu, and File Explorer to fail or crash unexpectedly.
- [AU] ASX suffered an outage on Monday, "related to a software deployment for a security upgrade". They're still on the very old CHESS system, with a replacement not scheduled to arrive till 2026.
In 1994, the CHESS electronic subregister was implemented. By the end of 1995, the subregister had been extended to include all securities of Australian domestic issuers
- https://www.itnews.com.au/news/asx-outage-caused-by-security-software-upgrade-622331
- https://asxonline.com/content/dam/asxonline/public/documents/manuals/chess-asx-settlement-procedure-guidelines/asx015307.pdf
- [AU] Social Media whack-a-mole - ByteDance advertises "Lemon8" as a bypass for the under-16 ban on Tik-Tok (which it also owns), eSafety Commission likely to expand restrictions.
- [AU] More investigation into the Triple Zero emergency call failures - as many as 591k Samsung devices (Optus: 470k, Telstra: 114k, Vodafone: 7k) might be impacted.
- [CN] Digging a bit further into the Knownsec leak from October/November this year.
- [ID] Report questions whether a gambling ring hacking sites, is for more than just profit. The evidence (or rather lack thereof) is rather underwhelming.
- https://www.malanta.ai/blog-posts/what-if-indonesias-gambling-network-is-actually-a-state-aligned-cyber-operation
- https://arstechnica.com/security/2025/12/fraudulent-gambling-network-may-be-a-nation-state-spying-operation/
- (Earlier report, nothing the large amount of money in this space) https://blog.sucuri.net/2025/11/slot-gacor-the-rise-of-online-casino-spam.html
- [IN] India backs down from mandatory install of their smartphone app. 6 lakh == 600,000.
Just in last one day, 6 lakh citizens have registered for downloading the App which is a 10x increase in its uptake
Given Sanchar Saathi’s increasing acceptance, Government has decided not to make the pre- installation mandatory for mobile manufacturers.
Getting Techy
- Acronis pull apart recent samples of the DragonForce ransomware (as used in the M&S attack). It's based on leaked Conti code.
Privacy
- Why does this even exist? When end-to-end is used incorrectly.
- [CA] Trial of Facial Recognition using police body-worn cameras.
When these body-worn cameras are actively recording, the facial-recognition technology will run automatically in “silent mode,” Cooke said.
Officers won’t get any alerts or notifications about facial resemblance while on duty.
If a person is within four metres of a bodycam, their face is detected and the data is sent to the cloud to compare against the EPS (Edmonton Police Service) database of persons of interest.
AI
- OpenAI concerned over Gemini's progress and market-share
ChatGPT has more than 800 million weekly users, according to OpenAI, while Google’s Gemini app has grown from 450 million monthly active users in July to 650 million in October
Altman’s memo also reportedly stated that OpenAI plans to release a new simulated reasoning model next week that may beat Gemini 3
- Microsoft slashes AI sales targets. There have been many reports of Microsoft sales reps fixated on selling AI, apparently without results.
The sales figures suggest enterprises aren’t yet willing to pay premium prices for these AI agent tools. ... Earlier this year, Bloomberg reported that Microsoft salespeople were having trouble selling Copilot to enterprises because many employees prefer ChatGPT instead. The drugmaker Amgen reportedly bought Copilot software for 20,000 staffers only for them to ignore it in favor of OpenAI’s chatbot.
- https://www.theinformation.com/articles/microsoft-lowers-ai-software-sales-quotas-customers-resist-newer-products
- https://arstechnica.com/ai/2025/12/microsoft-slashes-ai-sales-growth-targets-as-customers-resist-unproven-agents/
- https://www.reuters.com/technology/microsoft-lowers-ai-software-sales-quota-customers-resist-new-products-2025-12-03/
- [AU] Australia Energy Market Operator (AEMO) forecast data centres could consume 12% of the grid by 2050, up from 2% last year.