EPISODE · Nov 2, 2025 · 9 MIN
RadioCSIRT — Your Daily Cybersecurity News for Sunday, November 2, 2025 (Ep.5)
from RadioCSIRT - English Edition · host Marc Frédéric GOMEZ
🎧🛡️Welcome to your daily cybersecurity update 🕵️♂️🔥🎓 University of Pennsylvania — Investigation into a massive fraudulent emailAn offensive email threatening a data leak was sent to thousands of students and alumni using an address spoofed from the Graduate School of Education. The university confirmed it was a fake. The incident response team is actively handling the case.🕸️ Vampire Wi-Fi — Trapped on public networksFraudulent hotspots are impersonating legitimate access points in airports, hotels, and cafés. These “Evil Twin Networks” intercept traffic using packet-sniffing tools. McAfee researchers warn that such attacks mainly target travelers and remote workers.🐉 China — Global exploitation of Cisco ASA firewallsThe group Storm-1849, attributed to China, is targeting Cisco ASA appliances used by governments and financial institutions worldwide. Vulnerabilities CVE-2025-30333 and CVE-2025-20362 are being exploited to maintain persistent access despite deployed patches.🧠 BadCandy — Active infections on Cisco IOS XE routersThe Australian Signals Directorate reports ongoing BadCandy infections exploiting CVE-2023-20198.This Lua-based webshell allows full administrative control over unpatched devices. Over 400 compromised systems have been identified in Australia.🛰️ Proton — Launch of the Data Breach ObservatorySwiss company Proton introduces a new platform that tracks and exposes undisclosed data breaches detected on the dark web.The observatory has already identified 300 million compromised records across 794 unique attacks since early 2025.🧩 Russia — Arrest of Meduza malware developersRussia’s Ministry of Internal Affairs announced the arrest of three suspects accused of developing and distributing the Meduza Infostealer.The malware collected credentials, cookies, crypto wallets, and system data across more than 100 browsers and applications.🌐 Google Chrome — 20 vulnerabilities patched in the latest updateGoogle released an update to Chrome 142.0.7444.59/.60, fixing 20 vulnerabilities, including CVE-2025-12428 and CVE-2025-12036 in the V8 engine.These flaws could allow remote code execution through malicious JavaScript pages.⚡️ Don’t think — patch! 🚀📚 Sources:https://therecord.media/upenn-hacker-email-affirmative https://www.mcafee.com/blogs/internet-security/vampire-wifi-how-public-wi-fi-traps-travelers-in-cyber-attacks-2/ https://therecord.media/chinese-hackers-scan-exploit-firewalls-government https://securityaffairs.com/184095/hacking/badcandy-webshell-threatens-unpatched-cisco-ios-xe-devices-warns-australian-government.html https://www.theregister.com/2025/10/30/proton_data_breach_observatory/ https://www.theregister.com/2025/10/31/russia_arrests_three_meduza_cyber_suspects/ https://www.malwarebytes.com/blog/news/2025/10/update-chrome-now-20-security-fixes-just-landed📞 Share your feedback:📧 [email protected]🌐 www.radiocsirt.com📰 radiocsirtintl.substack.com#CyberSecurity #Chrome #Cisco #Proton #McAfee #Meduza #BadCandy #APT #Storm1849 #UniversityOfPennsylvania #DarkWeb #DataBreach #Infosec #CERT #SOC #CTI #RadioCSIRT 🎧🔥
NOW PLAYING
RadioCSIRT — Your Daily Cybersecurity News for Sunday, November 2, 2025 (Ep.5)
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.