Major US Telecom Backbone Firm Hacked by Nation-State Actors

https://www.csoonline.com/article/4078735/un-agreement-on-cybercrime-criticized-over-risks-to-cybersecurity-researchers.html

We see this everyday at Fenix24 unfortunately > https://www.csoonline.com/article/4077484/ransomware-recovery-perils-40-of-paying-victims-still-lose-their-data.html

All. Of. This! Security is a function of the business to manage risk > CISOs must prove the business value of cyber — the right metrics can help

https://www.csoonline.com/article/4083604/why-cybersecurity-leaders-find-important-to-prove-the-business-value-of-cyber.html

In this article, note this key phrase "a BCP isn’t proven until it’s tested." Ross Young recently made a similar comment in a post and it was spot on. If you are not regular (more than annually people!) testing your BCP, you don't actually have one IMO.

https://www.securitymagazine.com/articles/101929-the-bcp-proving-ground-a-blueprint-for-a-successful-test

https://www.wired.com/story/a-new-attack-lets-hackers-steal-2-factor-authentication-codes-from-android-phones/

"At least two hacking groups are using public blockchains to conceal and control malware in ways that make their operations nearly impossible to dismantle" > https://www.bankinfosecurity.com/hackers-use-blockchain-to-hide-malware-in-plain-sight-a-29741

I, for one, welcome our future robot overlords > https://www.cio.com/article/4072396

I'm sorry but the #fcc is making a mistake here. Weakening these requirements will make the country less safe

https://www.cybersecuritydive.com/news/fcc-cybersecurity-telecommunications-carriers-brendan-carr-eliminate-rules/804259/

"On October 15, 2025, the UK Information Commissioner’s Office (“ICO”) announced a £14 million fine against Capita for failing to ensure the security of personal data relating to a significant personal data breach. The fine was split between Capita plc (£8 million) and Capita Pension Solutions Limited (£6 million) (together, “Capita”). " >https://natlawreview.com/article/uk-ico-fines-capita-ps14-million-following-data-breach

So sad. Lol.
https://www.bleepingcomputer.com/news/security/ransomware-profits-drop-as-victims-stop-paying-hackers/

Cali leading the way> "California Gov. Gavin Newsom on Wednesday signed a bill which requires web browsers to make it easier for Californians to opt-out of allowing third parties to sell their data. "https://therecord.media/california-signs-law-opt-out-browsers

There is a little of "hand wringing" in this article in my view but the larger point stands > https://www.bankinfosecurity.com/arrests-underscore-fears-teen-cyberespionage-recruitment-a-29681

My colleague Leland Smith discusses why law firms are not happy with the status of their current cyber posture > https://www.cybersecurity-insiders.com/research-finds-law-firms-feel-less-confident-about-their-cybersecurity-posture/

#SMH > https://www.dailymail.co.uk/news/article-15205213/Russians-hack-files-EIGHT-MoD-bases-dark-web.html

A great question: why would a country prolific in cybercrime be pushing a cyber treaty?
https://www.justsecurity.org/122000/russian-motivations-hanoi-convention-cybercrime/

This is my shocked face > https://www.forbes.com/sites/thomasbrewster/2025/10/02/government-shutdown-cisa-weaker-insiders-say/?ss=cybersecurity

This is both fascinating and terrifying (with links to #cybercrime for good measure) >

https://www.justsecurity.org/121652/nihilistic-violent-extremism-swatting-attacks-primer/

Hmm...

https://www.csoonline.com/article/4066662/that-ciso-job-offer-could-be-a-pig-butchering-scam.html

let's be careful out there...

https://thehackernews.com/2025/10/new-report-links-research-firms-bieta.html