Cyber Security Headlines Week in Review: Qilin adds lawyers, Iranian spearphishing campaign, Microsoft Direct Send hack
6 snips
Jun 27, 2025 
In this discussion, Bil Harmer, Operating Partner and CISO at Craft Ventures, dives into the rapidly evolving landscape of cybersecurity. He highlights alarming new tactics used by ransomware groups, including involving legal counsel in ransom negotiations. The conversation also sheds light on the targeted Iranian spear phishing campaigns and their implications for healthcare data security. Additionally, they discuss vulnerabilities in Microsoft 365 and password security challenges, emphasizing the importance of robust cybersecurity practices and policies to combat these threats.
AI Snips
Chapters
Transcript
Episode notes
Ransomware Lawyers Increase Pressure
- The Quillen ransomware group now offers legal counsel for affiliates to pressure victims into paying.
- Involving lawyers exploits victims' desire to avoid legal proceedings and increases ransom likelihood.
Use Policy as a Spear Phishing Shield
- Policy and procedure are critical to resist spear phishing during crises.
- Build top-down buy-in so employees take time for critical thinking before clicking.
Ransomware Death Highlights Healthcare Risk
- A patient's death linked to an NHS ransomware attack highlights impact but also organizational resilience.
- Multiple contributing factors exist; policy and backups mitigate wider harm.