Risky Bulletin Risky Bulletin: CISA tells federal agencies to mitigate on-prem-to-cloud Exchange attack
Aug 8, 2025
Federal agencies must act swiftly to patch a critical flaw in Microsoft Exchange servers. The podcast delves into recent high-profile breaches affecting major companies like Air France and KLM. It highlights the serious risks of data theft and application vulnerabilities. Additionally, it covers the FBI's actions against Tornado Cash and harmful Firefox extensions targeting crypto wallets. Ransomware threats from North Korea are also examined, revealing an ever-evolving cybersecurity landscape that organizations cannot ignore.
AI Snips
Chapters
Transcript
Episode notes
Patch Exchange Hybrid Vulnerability
- US federal agencies must patch the new Microsoft Exchange vulnerability by Monday as mandated by CISA.
- The vulnerability allows attackers to move from on-premise Exchange to the cloud exploiting shared authentication.
State-Sponsored Breaches Escalate
- State-sponsored groups are increasingly breaching US justice systems and major tech companies' Salesforce accounts.
- Such breaches expose sensitive ongoing investigation details and publicly available business data.
Salesforce Data Extortion Revealed
- Extortion groups use stolen Salesforce data to demand Bitcoin ransom within 72 hours via email and phone.
- The group named Shiny Hunters might be a new iteration of previously known hacking collectives.