This week’s Department of Know is hosted by Rich Stroffolino with guests Davi Ottenheimer, vp, digital trust and ethics, Inrupt, and Rob Teel, Field CTO, GigaOm
Missed the live show? Check it out on YouTube
CISO Series The Department of Know is live every Monday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com
Microsoft security change for Azure VMs creates pitfalls
Microsoft postponed a planned Azure network security change to March 2026 after feedback from customers concerned it could disrupt apps dependent on public internet access. The update will make private subnets the default for new virtual networks, blocking automatic outbound connections to the internet to align with zero-trust principles. Existing networks won’t be affected, but experts warn firms to prepare now or risk broken workloads once the change takes effect. (Dark Reading)
Business rival credits cyberattack on M&S for boosting profits
British clothing retailer Next reported that it was “continuing to see sales overperform in the wake of a cyberattack on its rival Marks & Spencer.” It credits “favourable weather conditions and competitor disruption” for a 7.6% surge in sales in the first half of this year. According to reports from analytics company Kantar, Marks & Spencer rivals that had an online presence, such as including Zara, H&M and Sainsbury’s “all experienced a sales uplift, while clothing retailers without a significant online presence, such as Primark, did not.” (The Record)
OpenAI’s Aardvark GPT-5 agent finds and fixes code flaws automatically
This autonomous agent, currently available in private beta, works by “embedding itself into the software development pipeline, monitoring commits and changes to codebases, detecting security issues and how they might be exploited, and proposing fixes to address them using LLM-based reasoning and tool-use.” OpenAI added, Aardvark “analyses a project’s codebase to produce a threat model that it thinks best represents its security objectives and design. With this contextual foundation, the agent then scans its history to identify existing issues, as well as detect new ones by scrutinizing incoming changes to the repository.” (The Hacker News)
Huge thanks to our sponsor, ThreatLocker
OpenAI Atlas browser hijacked
Researchers have discovered a new attack vector for OpenAI’s Atlas web browser, where its omnibox can be tricked into executing malicious prompts disguised as seemingly harmless URLs. If a user pastes one of these crafted URLs into the omnibox, Atlas interprets the input as trusted user intent, allowing attackers to redirect users, steal credentials, or even delete files from connected apps. The flaw stems from Atlas failing to strictly separate trusted user input from untrusted content, a common weakness in these kinds of browsers. (The Register), (The Hacker News)
BSOD fix?
Microsoft may have a solution to the impending doom that is the Blue Screen of Death (BSOD). Microsoft is testing a new Windows 11 feature that prompts users to run a memory scan after a blue screen of death (BSOD) to catch potential memory issues before they cause more crashes. The proactive memory diagnostics run during the next reboot and notify users if issues are found and mitigated, though it’s not yet available on ARM64 devices or systems with certain security protections. The feature is rolling out to Windows Insiders in the Dev and Beta channels as part of builds 26220.6982 and 26120.6982. (Bleeping Computer)
F5 claims limited impact from attack
Multicloud security and application delivery company F5 says a recent nation-state breach had limited customer impact. Attackers accessed source code, configuration data, and 44 undisclosed vulnerabilities, but most affected customers report the stolen data isn’t sensitive. F5 says it’s continuing code scans with third-party experts, expanding its bug-bounty program, and adding endpoint detection via CrowdStrike. The company does say it expects short-term revenue disruption in the first half of fiscal 2026. (CyberScoop)
LinkedIn users have until Monday to opt out of its AI training program
As reported by Graham Cluley, the Microsoft-owned company professional networking site has “quietly announced” that as of this upcoming Monday November 3, it will start using “profile details, public posts, feed activity data, and more from users in the UK, EU, Switzerland, Canada, and Hong Kong to train its artificial intelligence models – as well as to support personalised ads across the broader family of Microsoft companies.” The countries had been excluded from its AI training models to this point. Private messages will not be used, LinkedIn says. “Additional data from LinkedIn will also be shared with other Microsoft-related business entities, for the purposes of serving up more personalised and relevant ads,” Cluley says. (BitDefender)
FCC plans vote to remove cyber regulations installed after theft of presidential info from telecoms
This past week, the Federal Communications Commission announced plans to remove some cybersecurity regulations that had been put in place after Chinese hackers breached at least nine telecommunications giants to steal the correspondence of the President and Vice President last year. Chairman Brendan Carr released a statement that said, “the agency would reverse a declaratory ruling published in January which would have mandated telecoms to better secure their networks and submit annual certifications attesting to the creation of a cybersecurity risk management plan.” On Thursday, FCC Secretary Marlene Dortch added more context, saying that “telecoms have already taken voluntary steps to secure their networks and that the ruling was legally erroneous.”(The Record)