SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Thursday, August 7th, 2025: Sextortion Update; Adobe and Trend Micro release emergency patches
4 snips
Aug 7, 2025 Sextortion scams are making a disturbing comeback in 2025, with some crypto addresses still receiving deposits. The Akira ransomware group is leveraging legitimate drivers for privilege escalation, raising alarms about this tactic. Emergency patches have been issued by Adobe for a critical vulnerability in Experience Manager after a proof-of-concept exploit surfaced. Similarly, Trend Micro has responded to an actively exploited vulnerability in their Apex One management console. Cybersecurity vigilance is more crucial than ever!
AI Snips
Chapters
Transcript
Episode notes
Sextortion Scams Still Effective
- Jan investigated recent sextortion scam emails to see if crypto addresses received deposits.
- Sadly, some addresses did get deposits, showing these scams still work in 2025.
Ransomware Using Legit Drivers
- Akira ransomware uses legitimate but uncommon system drivers for privilege escalation.
- Such drivers should raise flags in corporate PC environments due to their rarity and risk.
Patch Adobe Experience Manager Now
- If you use Adobe Experience Manager, apply the emergency patch immediately.
- Vulnerabilities have proof-of-concept exploits publicly available, increasing risk of targeted attacks.