Cybersecurity Today Cybersecurity Today: Oracle Breach, CrowdStrike Report, and New iPhone Scam
Nov 14, 2025
A significant security breach has exposed data for nearly 10,000 users due to vulnerabilities in Oracle E-Business Suite. CrowdStrike's Global Threat Report reveals a troubling rise in malware-free attacks, alongside the alarming trend of AI-enabled phishing. Meanwhile, a new scam targeting iPhone users cleverly mimics Apple's recovery alerts to harvest Apple IDs. Listener concerns regarding security flaws in SonicWall management systems add to the discourse, highlighting the ever-evolving landscape of cybersecurity threats.
AI Snips
Chapters
Transcript
Episode notes
Oracle Breach Impact On The Washington Post
- The Washington Post confirmed attackers accessed its Oracle E-Business Suite between July 10 and August 22 and later notified nearly 10,000 affected people.
- The breach exposed names, bank details, social security and tax IDs, and identity protection was offered to those impacted.
Adversaries Acting Like Businesses
- CrowdStrike finds attackers behave like efficient businesses, scaling operations and innovating rapidly as 'enterprising adversaries.'
- Malware-free intrusions now dominate detections, using credentials, social engineering, and cloud misconfigurations to bypass antivirus.
Speed And AI Fueling Faster Attacks
- Breakout times are shrinking, averaging 48 minutes and sometimes as fast as 51 seconds, increasing the need for rapid detection.
- Generative AI amplifies social engineering effectiveness, producing phishing that gets far higher click rates than human-written messages.