This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests Mike Lockhart, CISO Eagleview, and Dustin Sachs, chief technologist at CyberRisk collaborative, and author of Behavioral Insights in Cybersecurity
Missed the live show? Check it out on YouTube
Cyber Security Headlines – Week in Review is live every Friday at 12:30pm PT/3:30pm ET. Join us each week by registering for the open discussion at CISOSeries.com
Crowdsourced ransomware campaign
Scattered Lapsus$ Hunters is letting anyone do their dirty work. The crime group has been offering $10 in Bitcoin to anyone willing to hound executives at companies it claims to have breached. The group, which recently claimed to be “retiring,” posted instructions on Telegram and a new data leak site listing 39 alleged victims, mostly linked to Salesforce integrations. Followers are urged to email executives until they pay, with higher rewards for using personal accounts or “doing an exceptionally well job.”
California law lets consumers universally opt out of data sharing
California’s governor signed a new law requiring web browsers to include an easy-to-find universal opt-out option for data sharing, letting Californians block third-party data sales with one click. The law expands on the 2018 California Consumer Privacy Act, which granted the right to send opt-out signals but didn’t require browsers to make them simple to use. Gov. Newsom also approved related bills strengthening the state’s data broker disclosure rules and requiring social media platforms to fully delete user data upon account cancellation.
Huge thanks to our sponsor, ThreatLocker
ChatGPT image and prompts used as evidence in arrest of Pacific Palisade Eaton fire suspect
U.S. prosecutors have charged Jonathan Rinderknecht with arson for allegedly starting the 2025 Palisades wildfire in California, which destroyed homes and forced mass evacuations. Investigators say digital evidence links him to the fire, including a ChatGPT-generated image of a burning city found on his phone, which they argue reflects premeditation. Additional data from his phone, online activity, and physical evidence allegedly connect him to the blaze’s origin. The defense disputes the interpretation, noting that an AI-created image is circumstantial and not proof of action. The case highlights growing challenges in using generative AI content as criminal evidence.
(BBC News)
Hundreds of millions of business PCs are still on Windows 10 as end day nears
Following up on a story we have been covering throughout this year, some interesting statistics around the expiry of support for Windows 10 which occurs next Tuesday, October 14. According to analyst Kieren Jessop of Omdia, speaking to The Register, there are 1.4 billion Windows devices running worldwide among individual consumers and businesses. 550 million of these machines are running in corporations and around half of those will not meet the end-of-life deadline to switch to Windows 11, in many cases because the devices do not meet the minimum requirements for the upgrade. On October 14, Microsoft will issue the final updates and security fixes, after which business customers will have to pay for extended security updates at $61 for the first 12 months, doubling to $122 for the second year and doubling again for year three.