☕️ Good Morning Security Gang!
Thank you for tuning in to the final CyberHub Podcast episode of May 2025. Host James Azar delivers a jam-packed show, reflecting on a month full of cyber chaos, rising regulation, and national security implications.
With June right around the corner, today’s episode dives into ransomware disrupting retail giants, new state laws on data privacy and child protection, foreign espionage tactics, and long-overdue military adaptations to the cyber era.
CyberHub Podcast Summary – Thursday, May 29, 2025
🩱 Victoria’s Secret Hit by Major Cyberattack
Victoria’s Secret has taken its website offline following a confirmed cyberattack, marking a significant hit to U.S. retail cybersecurity. In-store operations continue, but online sales have been halted—a move rarely taken unless attackers directly target revenue-generating infrastructure. Speculation suggests the DragonForce ransomware group may be behind the attack, given its recent targeting of Dior, Harrods, and Co-op. The cost? Potentially hundreds of millions, if not more, in lost revenue and recovery.
📁 LexisNexis Discloses Christmas Day Breach
LexisNexis Risk Solutions is notifying 364,000 individuals of a breach that occurred on December 25, 2024, but wasn’t discovered until April 1, 2025. The breach stemmed from a third-party development platform and exposed names, emails, phone numbers, SSNs, and driver’s license numbers. While no financial data was compromised, the lack of detection for over three months raises alarms about third-party risk and lagging breach discovery protocols.
📡 Cellcom Restores Services After DDoS Attack
Regional telecom Cellcom has finally restored full service following a debilitating DDoS attack earlier this month. The outage, which started May 14, impacted customers in Michigan and Wisconsin. Although details remain scarce, all signs point to denial-of-service tactics overwhelming OT infrastructure. The incident highlights the fragile nature of IT-OT convergence and the need for layered defense mechanisms in utility and regional telecom networks.
🧭 Oregon and Texas Pass Stringent Child Data Laws
Oregon is now the second state, after Maryland, to ban the sale of precise geolocation data—especially for children under 16. Meanwhile, Texas passed a law requiring app store providers like Apple and Google to verify user ages, despite heavy lobbying by tech giants. These state-level actions go far beyond federal protections under COPPA, marking a turning point in how children's digital rights are safeguarded across the U.S. Industry complacency is quickly giving way to regulatory enforcement.
🐼 Chinese APT Exploits Google Calendar
APT-I (likely linked to Chinese state actors) was caught using Google Calendar to carry out command-and-control operations via encrypted calendar events. Google dismantled the malicious infrastructure but warned of increasing abuse of trusted cloud platforms for covert malware execution. This is a sophisticated twist on older tactics, similar to the Voldemort malware campaign. It emphasizes the growing threat of attackers hiding in plain sight.
☁️ OneDrive Third-Party Access Flaw Exposes All Files
Researchers at Oasis Security uncovered a serious vulnerability in OneDrive's file picker OAuth permissions, which could allow third-party apps to access a user’s entire file store, not just selected documents. This flaw creates a massive risk of data theft or ransomware via legitimate app integrations. The solution? Disable access to unvetted apps and reassess OneDrive configurations for enterprise compliance.
📡 9,000 ASUS Routers Hijacked by Nation-State Botnet
Over 9,000 ASUS routers have been compromised by a sophisticated botnet known as ISSH-Hush, which is also targeting Cisco, D-Link, and Linksys SOHO routers. The attack involves credential brute-forcing and exploitation of old vulnerabilities. While attribution remains unofficial, the complexity and scale suggest a nation-state is behind the campaign. This incident reaffirms the need for SOHO router patching and monitoring—even in residential or small office environments.
🇬🇧 UK Establishes Cyber & Electromagnetic Military Command
The UK government has announced a new military formation dedicated to cyber and electromagnetic warfare. The move is part of a broader strategic defense review and is modeled on lessons learned from Russia’s tactics in Ukraine. Defense Secretary John Healey emphasized that future conflicts will be won by forces that are “better connected, better equipped, and innovating faster than their adversaries.” A U.S. version may be on the horizon, possibly splitting NSA and Cyber Command into separate entities.
🚗 Ukrainian Teens Used Dashcams to Guide Russian Strikes
Ukraine’s security service (SBU) arrested five young individuals—ages 16 to 23—who were recruited via Telegram to film military sites using dashcams and relay footage to Russian handlers. These passive surveillance operations enabled missile targeting across Ukraine. The tactic mirrors similar espionage attempts seen in Israel and highlights how social platforms are weaponized to recruit insiders for hostile intelligence activities.
🇪🇪 Estonia Seeks Hacker for Historic Pharmacy Breach
Estonia has issued an arrest warrant for 25-year-old Adar Khalid, a Moroccan national accused of executing the country’s largest known data breach. He reportedly accessed admin credentials for Apotheca Pharmacy’s customer database and exfiltrated sensitive records. Estonia has placed Khalid on an international watch list and intends to request extradition if captured abroad.
✅ Action List for Cybersecurity Professionals
🧱 Retail Security: Review your e-commerce contingency plans. Can your platform stay up during an attack? If not, build secondary systems now.
🔁 Third-Party Risk: Audit all vendors with access to your development and customer environments. Evaluate for breach detection gaps.
📊 DDoS Defense: Implement rate-limiting, filtering, and layered defenses in IT-OT systems, especially for utilities and telecom.
🧒 Child Privacy Compliance: If your product serves users under 18, align with Oregon, Maryland, and Texas laws. Age verification is becoming mandatory.
🧠 Cloud Abuse Monitoring: Audit access to cloud collaboration tools like Calendar, OneDrive, and Google Workspace. Block excessive app permissions.
📶 Router Management: Enforce strict router policies for remote workers. Patch vulnerabilities and prevent SOHO exploitation.
⚔️ Cyberwarfare Preparation: Track developments in global cyber military strategies. Push for organizational R&D in defense capabilities.
🔍 Employee Awareness: Educate staff on espionage recruitment tactics and reinforce social engineering training.
⚖️ Legal Readiness: Prepare legal response frameworks for extradition or international cooperation scenarios if a breach crosses borders.
That's a wrap for May! Stay tuned for tomorrow’s weekly roundup and our Saturday editorial.
Until then—have a productive day, and most importantly, stay cyber safe.
✅ Story Links:
https://www.securityweek.com/victorias-secret-website-taken-offline-after-cyberattack/
https://www.securityweek.com/364000-impacted-by-data-breach-at-lexisnexis-risk-solutions/
https://therecord.media/oregon-passes-geolocation-kids-data-bill
https://www.darkreading.com/application-security/hundreds-web-apps-full-access-onedrive-files
https://therecord.media/uk-military-new-cyber-electromagnetic-command
https://therecord.media/ukraine-detains-russian-spies-using-dashcams-missile-strikes
https://therecord.media/estonia-arrest-warrant-pharmacy-data-breach
🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1
🚨 Important Links to Follow:
👉Website:
👉Listen here: https://linktr.ee/cyberhubpodcast
✅ Stay Connected With Us.
👉Facebook: https://www.facebook.com/CyberHubpodcast/
👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/
👉Twitter (X): https://twitter.com/cyberhubpodcast
👉Instagram: https://www.instagram.com/cyberhubpodcast
🤝 For Business Inquiries: info@cyberhubpodcast.com
=============================
🚀 About The CyberHub Podcast.
The Hub of the Infosec Community.
Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.
Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.
Share this post