Cybersecurity Today Massive Data Exposures, Insider Threats, and State-Sponsored Cyber Attacks
5 snips
Oct 31, 2025 A massive data exposure by Ernst & Young leaves a 4TB database unprotected online, risking sensitive information. Insider threats emerge as a former L3 Harris executive admits to selling zero-day exploits to a Russian broker. A sophisticated zero-day spyware campaign targets Chrome, highlighting the urgency of updated security. Additionally, nation-state hackers breach a US telecom provider, raising alarms about the vulnerabilities in critical infrastructure. Tune in for insights on these alarming cybersecurity incidents and lessons learned.
AI Snips
Chapters
Transcript
Episode notes
Big Firm, Tiny Mistake
- Dutch researchers found EY left a 4TB SQL Server backup unprotected on the open Internet, exposing API keys and credentials.
- Automated bots stole the data within minutes after the cloud bucket was left public for under five minutes.
Never Leave Data Unencrypted Online
- Do not leave unencrypted data exposed on the Internet even briefly; attackers and bots will find it fast.
- Ensure cloud buckets and backups are encrypted and access-controlled before uploading.
Insider Sold Zero-Day Arsenal
- Peter Williams, ex-head of L3Harris' Trenchant unit, pleaded guilty to stealing and selling at least eight zero-day exploits to a Russian broker.
- He sold the tools for millions in cryptocurrency and even contracted to provide ongoing support.