Cyber Security Headlines Sotheby's suffers cyberattack, Cisco "Zero Disco' attacks, Microsoft revokes ransomware certificates
16 snips
Oct 17, 2025 Sotheby’s has fallen victim to a cyberattack, with hackers stealing sensitive financial data. Meanwhile, hackers are exploiting a flaw in Cisco's SNMP for a campaign known as Operation Zero Disco, deploying Linux rootkits. Microsoft has taken significant action by revoking over 200 malware signing certificates to counter ransomware threats. In other news, a phishing scam is targeting LastPass users, impersonating the service with fake updates, while credential-based identity attacks have surged by 32% due to stolen passwords.
AI Snips
Chapters
Transcript
Episode notes
High-Profile Breach Despite Strong Defenses
- Sotheby's reported a breach on July 24 that exposed SSNs and financial account information.
- The company said the attackers penetrated despite layered defenses and security-trained staff.
Old Devices Are Primary Risk Vector
- Operation Zero Disco exploited a Cisco iOS/iOS XE SNMP stack overflow patched last month.
- Attackers deployed Linux rootkits on older, unpatched devices showing patch lag risk.
Cert Revocation Disrupts Ransomware Chain
- Microsoft revoked 200+ certificates used to sign ransomware to disrupt the campaign.
- The action targeted Vanilla Tempest (Vice Spider/Vice Society) pushing RySida via SEO-poisoned installers.