Skip to main content
Back to Podcasts

CloudCast Cybersecurity Headlines for January 15, 2025

Published on: January 15, 2025

From the Skyhigh Studios at Skyhigh Security, I’m Scott Schlee, it’s Wednesday, January 15, 2025, and these are your cybersecurity headlines.

Headlines this week:
  • US Treasury Department Reports A Significant Data Breach
  • China Protests US Sanctions Over Cyber Activities
  • Bayview Asset Management Agrees to a $20 Million Settlement
  • Apple Proposes a $95 Million Siri Privacy Settlement
  • Sophisticated AI-Driven Phishing Scams Are Targeting Email Users
  • Myanmar Enacts a Cybersecurity Law Enforcing Internet Censorship
  • US Cybersecurity Experts Predict Increased Post-Election Cyber Attacks
  • Former US Federal Officials Recommend Cybersecurity Policies for the Upcoming Trump Administration
  • Project 2025’s Proposed Changes and Their Potential Impact on US Election Security
  • And Concerns Over Quantum Computing’s Impact on Cybersecurity

Before diving into this week’s headlines, we want to take a moment to acknowledge the devastating wildfires currently impacting California. Our thoughts are with everyone affected, including those who have lost homes, loved ones, or are facing displacement. As always, we encourage listeners to support relief efforts if they’re able. Please visit Charity Navigator for a list of trusted organizations offering support.

Thank you again for listening to Skyhigh Cloudcast. If you’ve enjoyed this episode, be sure to subscribe on your favorite platform so you never miss an update. If you like the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit skyhighsecurity.com.

Sources:

US Treasury Department Breach: US News

China Protests US Sanctions Over Cyber Activities: US News

Bayview Asset Management’s $20 Million Settlement: WSJ

Apple’s $95 Million Siri Privacy Settlement: Vox

AI-Driven Phishing Scams Targeting Email Users: New York Post

Myanmar’s Cybersecurity Law Enforces Internet Censorship: AP News

US Cybersecurity Experts Predict Increased Cyber Attacks Post-Election: The Australian

Quantum Computing’s Impact on Cybersecurity: The Times

Former Officials Recommend Cybersecurity Policies for Next Administration: POLITICO

Project 2025’s Potential Impact on US Election Security: WIRED
———–

CloudCast is hosted by Skyhigh Security’s very own Digital Experience Manager, Scott Schlee. Scott’s engaging demeanor and wit, backed by over 20 years in digital media production and web development, has led to successful collaborations with top-tier brands. His experience includes hosting and producing a wide range of podcasts and videos. Scott has been recognized for his outstanding work, including an award-winning digital short and a Webby Awards nomination for Viral Marketing (Branded). Beyond his professional achievements, Scott’s personal journey as a decade-long pancreatic cancer survivor has led him to share his story with the U.S. Congress and other organizations as an advocate for increased cancer research funding.

From the Skyhigh Studios at Skyhigh Security, I’m Scott Schlee, and these are your cybersecurity headlines for the week of January 6th, 2025.

The U.S. Treasury Department reported a significant cyber incident attributed to Chinese state-backed hackers. Attackers remotely accessed employee workstations and unclassified documents, raising concerns about the security of federal systems. The Cybersecurity and Infrastructure Security Agency (CISA) stated there is no indication that other federal agencies were affected.

The U.S. Treasury Department imposed sanctions on Beijing-based Integrity Technology Group for its alleged involvement in hacking incidents targeting U.S. critical infrastructure. China condemned the sanctions, denying the allegations and accusing the U.S. of defamation. This development underscores escalating cyber tensions between the two nations.

Bayview Asset Management agreed to a $20 million settlement following a 2021 data breach that exposed personal information of 5.8 million customers. The firm faced criticism for inadequate cybersecurity measures and lack of cooperation with regulatory investigations. As part of the settlement, Bayview will enhance its cybersecurity protocols and undergo independent assessments.

Apple proposed a $95 million settlement in a class-action lawsuit alleging unlawful surveillance through Siri. The lawsuit followed revelations that Siri had inadvertently recorded private conversations. Affected users between 2014 and 2024 may be eligible for compensation, highlighting ongoing concerns about digital privacy and device eavesdropping.

Cybersecurity experts warned Gmail, Outlook, and Apple Mail users about sophisticated phishing scams utilizing artificial intelligence. These AI-generated emails are highly personalized, making them difficult to distinguish from legitimate correspondence. Users are advised to verify email senders, avoid clicking on suspicious links, and implement two-factor authentication to enhance security.

Myanmar’s military government enacted a new cybersecurity law extending its control over internet usage and information flow. The law targets communication methods like virtual private networks (VPNs) and imposes sanctions on digital platforms that fail to prevent the spread of “disinformation.” Non-compliance can result in fines, suspensions, and imprisonment, raising concerns about freedom of expression and digital rights.

Following Donald Trump’s presidential victory, cybersecurity experts anticipate a surge in cyber attacks from nations like China, Russia, North Korea, and Iran. The use of AI in cyber crimes is expected to escalate, making phishing emails and deepfake campaigns more convincing. Organizations are urged to adopt comprehensive cybersecurity measures to defend against these evolving threats.

A bipartisan group of former federal officials proposed around 40 recommendations for cybersecurity policies for the upcoming administration. The plan emphasizes integrating cyber regulations, addressing workforce gaps, enhancing public-private collaboration, and developing a continuity of the economy plan to prepare for major cyberattacks. The report also highlights the need to standardize cybersecurity for critical infrastructure and address outdated regulations.

Project 2025, developed by the Heritage Foundation, proposes significant reductions and changes to the Cybersecurity and Infrastructure Security Agency (CISA), a move that could jeopardize U.S. election security. The project criticizes CISA, particularly its efforts to combat misinformation, and suggests transferring some of its responsibilities to the military and intelligence community. Experts warn that the proposals could weaken CISA, undermine its critical functions, and create gaps in cybersecurity, leaving the nation vulnerable to misinformation and cyber threats.

The U.S. has initiated efforts for businesses to enhance their cybersecurity systems against potential quantum computer threats. The National Institute of Standards and Technology has approved three algorithms for post-quantum cryptography after eight years of research. Major tech firms like Google and Apple have already started incorporating the new algorithms into their products. While current quantum computers cannot break existing encryption, they might in the future, making immediate action critical.


Please Note: All transcripts are generated using speech recognition software and human transcription, and may contain errors. Please check the corresponding audio before quoting in print.

Back to Podcasts
Scott Schlee

Hosted By

Scott Schlee

Digital Experience Manager