Sep 25, 2025

I just heard about a major cybersecurity incident involving the dismantling of a SIM farm in the New York tri-state area by the US Secret Service. This farm had the capability to spam almost all US phone numbers and disrupt communications during emergencies, posing a significant threat. The proximity of the farm to the UN headquarters raised concerns about potential risks to UN officials. There are hints of a nation-state’s involvement in setting up or using the SIM farm for covert communications, necessitating further investigation for national security reasons.

European airports faced disruptions due to a ransomware attack on Collins Aerospace’s self-check-in kiosks, impacting weekend flights. Additionally, a French museum’s gold was stolen after a cyberattack disabled alarms and cameras, while Jaguar Land Rover experienced a ransomware attack leading to production halts and financial losses. These incidents underscore the vulnerabilities in critical infrastructure and the urgent need for robust cybersecurity measures to prevent further disruptions and financial losses.

Reports of data breaches at companies like Stellantis, DCS, and MTA, as well as cyberattacks on South Korean asset management firms, Circle K convenience stores in Hong Kong, and Seedify cryptocurrency platform, highlight the pervasive nature of cyber threats. The evolving tactics of advanced persistent threats like Naikon targeting sectors in Central and South Asia, and Kimsuky distributing malware through deceptive means, demonstrate the need for enhanced cybersecurity measures. Collaboration and information sharing among cybersecurity professionals are crucial to combatting the increasing frequency and sophistication of cyberattacks and safeguarding critical systems and data from malicious actors.

The news also includes concerning developments such as the arrest of an individual linked to a ransomware attack on Collins Aerospace and the breach of a US federal agency due to an unpatched vulnerability. The disclosure of a cyberattack on Boyd Gaming Corporation, the claim by ransomware gang Inc of a data breach at the Pennsylvania Attorney General’s office, and the record-breaking DDoS attack mitigated by Cloudflare further emphasize the pressing need for organizations to address cybersecurity issues promptly and effectively. Enhancing incident response capabilities, implementing robust security measures, and prioritizing cybersecurity awareness and training are crucial steps to mitigate cyber risks and protect digital assets and networks from cyber threats.

Stay Well!