This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Nick Espinosa, host, The Deep Dive Radio Show. Here’s where you can find him: Daily Podcast on SoundCloud | YouTube | Forbes | Twitter/X | Facebook | BlueSky | Mastodon
Missed the live show? Check it out on YouTube
Cyber Security Headlines – Week in Review is live every Friday at 12:30pm PT/3:30pm ET. Join us each week by registering for the open discussion at CISOSeries.com
Hackers hijack Japanese financial accounts to conduct billions in trades
Japan’s Financial Services Agency (FSA) is warning of what they call a sharp increase in the number of cases of unauthorized access and unauthorized trading through online trading services in the first three months of 2025 with almost $2 billion in funds moved by hackers from 5,000 breached accounts. The FSA said, “hackers gain access to a victim’s account through stolen login information and use them to sell stocks or other securities.” As reported in The Record, “the hackers typically use the breached accounts to raise the price of smaller stocks that they themselves have purchased. Once the stock price increases, the hackers sell their stock and earn a profit from the inflated value.
Microsoft Teams will soon block screen capture during meetings
Microsoft will introduce a new “Prevent Screen Capture” feature in Teams starting July 2025, which will block users from taking screenshots of sensitive information during meetings. When a screenshot is attempted, the meeting window will turn black. Users joining from unsupported platforms will be restricted to audio-only mode to protect content. The feature will be available on Teams desktop apps (Windows and Mac) and mobile apps (iOS and Android). However, Microsoft notes that content can still be photographed externally. It remains unclear whether the feature will be enabled by default or controllable by meeting organizers or administrators.
Scientists use AI to encrypt secret messages that are invisible to cybersecurity systems
Researchers from the University of Oslo have developed EmbedderLLM, a system that hides encrypted messages in AI-generated text, making them invisible to current cybersecurity tools. The technique embeds data into natural-sounding chatbot responses and can be sent via any messaging platform. It supports both symmetric and public-key encryption and is resistant to quantum decryption.
Huge thanks to our sponsor, Vanta
But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001.
They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI.
Now that’s…a new way to GRC. Get started at Vanta.com/headlines.
New Intel CPU flaws leak sensitive data from privileged memory
According to researchers at ETH Zurich, “a new “Branch Privilege Injection” flaw in all modern Intel CPUs allows attackers to leak sensitive data from memory regions allocated to privileged software like the operating system kernel, along with critical data such as passwords, cryptographic keys, and memory of other processes. The branch privilege injection flaw which has a CVE-2024-45332 number available in the shownotes, belongs to “specialized hardware components that try to guess the outcome of a branch instruction before it’s resolved to keep the CPU pipeline full for optimal performance.” BleepingComputer writes, “the risk is low for regular users, and attacks have multiple strong prerequisites to open up realistic exploitation scenarios. That being said, applying the latest updates is recommended.”
European Vulnerability Database (EUVD) is online
The European Union Agency for Cybersecurity, ENISA, announced in June 2024 that it would start work on the database as part of the EU’s Network and Information Security 2 Directive. A closed beta for the EUVD rolled out last month. Now a full version is available online. Like the US government’s National Vulnerability Database, the EUVD will identify disclosed vulnerabilities. These vulnerabilities will carry standard CVE-assigned IDs and EUVD identifiers. It features dashboards for critical and actively exploited vulnerabilities. The EUVD claims near real-time updates, sourced from open-source databases, vendor guidelines, and national advisories.
Coinbase says hackers bribed staff to steal customer data and are demanding $20 million ransom
Coinbase says attackers bribed overseas support agents to steal sensitive customer data, including names, contact details, partial Social Security numbers, and government ID images, although no passwords, private keys, or funds. Coinbase says it refused to pay a $20M ransom, but did say the breach may cost up to $400 million to resolve internally, while it cooperates with law enforcement and enhances security measures.
(CNBC)