EPISODE · Nov 15, 2025 · 11 MIN
RadioCSIRT – Your Cybersecurity Update for Saturday, November 15, 2025 (Ep. 19)
from RadioCSIRT - English Edition · host Marc Frédéric GOMEZ
Bonjour and Welcome to your daily cybersecurity podcast.🧩 AMD Zen 5: AMD confirms a critical flaw in the rdseed instruction causing severe entropy reduction, weakening cryptographic material generated on Zen 5 processors prior to microcode updates.🛡️ Akira Ransomware: CISA, the FBI, and international partners release major updates on newly observed TTPs and IOCs, highlighting widespread targeting of SMBs and multiple critical infrastructure sectors.🌐 FortiWeb: Active exploitation of CVE-2025-64446, a relative path traversal vulnerability enabling administrative command execution through crafted HTTP(S) requests.🏨 Fake Travel Platforms: A Russian-speaking threat actor registered over 4,300 domains imitating Booking, Airbnb, Expedia, and Agoda to steal payment card data via a multilingual phishing kit.🧬 FormBook Stealer: A new campaign chains weaponized ZIP archives, obfuscated VBS and PowerShell layers, and msiexec.exe injection to deploy an updated variant of the FormBook information stealer.💼 Logitech: The company confirms a data breach via exploitation of a third-party zero-day vulnerability, claimed by the Clop extortion group, with nearly 1.8 TB of data allegedly leaked.⚡️ Don’t think — patch! 🚀📚 Sources:🔗 AMD Zen 5 RNG: https://www.tomshardware.com/pc-components/cpus/amd-confirms-zen-5-rng-flaw-when-random-isnt-random-enough🔗 Akira – CISA/FBI: https://www.cisa.gov/news-events/alerts/2025/11/13/cisa-fbi-and-partners-unveil-critical-guidance-protect-against-akira-ransomware-threat🔗 FortiWeb CVE-2025-64446: https://www.cisa.gov/news-events/alerts/2025/11/14/fortinet-releases-security-advisory-relative-path-traversal-vulnerability-affecting-fortiweb-products🔗 Fake Travel Sites: https://thehackernews.com/2025/11/russian-hackers-create-4300-fake-travel.html🔗 FormBook Campaign: https://cybersecuritynews.com/weaponized-zip-archives-and-multi-script-chains-used-to-deploy-formbook-malware🔗 Logitech / Clop: https://www.bleepingcomputer.com/news/security/logitech-confirms-data-breach-after-clop-extortion-attack📞 Share your feedback:📧 [email protected]🌐 www.radiocsirt.org📰 radiocsirtintl.substack.com#CyberSecurity #AMD #Akira #Fortinet #Phishing #FormBook #Logitech #Clop #Ransomware #Infostealer #RadioCSIRT 🎧🔥
NOW PLAYING
RadioCSIRT – Your Cybersecurity Update for Saturday, November 15, 2025 (Ep. 19)
No transcript for this episode yet
Similar Episodes
Mar 31, 2026 ·143m
Mar 24, 2026 ·88m
Feb 27, 2025 ·73m