Sign in Subscribe

Daily Security Digest – 2025-11-21

Daily Security Digest – 2025-11-21
Photo by FlyD / Unsplash

🛡️ Security Feed Digest – 2025-11-21

Total Articles: 17    SMB Tagged: 17

Key Takeaways

* **High-Risk Malware Threats**: New Android malware can steal debit card data and PINs, allowing thieves to enable ATM withdrawals [High-Risk]. Small to medium-sized businesses with employees using Android devices for mobile banking should ensure robust security measures are in place.

* **Quantum Computing Risk**: Quantum computing advancements pose a growing risk to sensitive business data as error correction techniques become more practical. SMBs and MSPs should consider implementing quantum-resistant cryptography solutions to protect against potential threats.

* **Sophisticated Phishing Attacks**: ClickFix is a sophisticated social engineering technique that can bypass endpoint protections and affect multiple operating systems, potentially allowing hackers to execute malicious code. Additional unconventional methods such as CSS stuffing hosted on cloud storage services like Google Firebase pose a significant threat to small and medium-sized businesses. SMBs and MSPs should be aware of these tactics and educate employees on the dangers of phishing, in addition to implementing robust security measures.

* **Emerging AI-Driven Threats**: A highly sophisticated cyberattack campaign using AI to execute espionage attacks has been detected, posing a significant risk to global targets including major tech, financial, and government organizations. Small to medium-sized businesses should be aware of the growing threat landscape and consider implementing AI-powered security solutions to detect and respond to emerging threats.

High-Risk

  • [SMB] New Android Malware Steals Debit Card Data And PINs To Enable ATM Withdrawals
    https://cysecurity.news/2025/11/new-android-malware-steals-debit-card.html
    2025-11-21T10:52:00.000-05:00
    Security researchers have identified an Android malware operation that can collect debit card details and PINs directly from a victim’s mobile device and use that information to withdraw cash from an ATM. What makes this attack particularly dangerous is that criminals never need to handle th...

  • [SMB] ClickFix: The Silent Cyber Threat Tricking Families Worldwide
    https://cysecurity.news/2025/11/clickfix-silent-cyber-threat-tricking.html
    2025-11-21T08:14:00.000-05:00
    ClickFix has emerged as one of the most pervasive and dangerous cybersecurity threats in 2025, yet remains largely unknown to the average user and even many IT professionals. This social engineering technique manipulates users into executing malicious scripts—often just a single line of code—by tric...

  • [SMB] Hyundai Faces Security Incident With Potential Data Exposure
    https://cysecurity.news/2025/11/hyundai-faces-security-incident-with.html
    2025-11-21T08:13:00.002-05:00
    In the past few months, Hyundai AutoEver America, a division of Hyundai Motor Group, has confirmed a recent data breach that exposed sensitive personal information after hackers infiltrated its internal IT environment earlier this year, revealing a recent data breach. A company spokesperson tol...

  • [SMB] When Weak Passwords Open The Door: Major Breaches That Began With Simple Logins
    https://cysecurity.news/2025/11/when-weak-passwords-open-door-major.html
    2025-11-20T21:53:00.001-05:00
    Cybersecurity incidents are often associated with sophisticated exploits, but many of the most damaging breaches across public institutions, private companies and individual accounts have originated from something far more basic: predictable passwords and neglected account controls. A review of ...

  • [SMB] Google Issues New Security Alert: Six Emerging Scams Targeting Gmail, Google Messages & Play Users
    https://cysecurity.news/2025/11/google-issues-new-security-alert-six.html
    2025-11-20T10:23:00.009-05:00
    Google’s Threat Intelligence Group (GTIG) has also issued its own findings in the new GTIG AI Threat Tracker report. Google continues to be a major magnet for cybercriminal activity. Recent incidents—ranging from increased attacks on Google Calendar users to a Chrome browser–freezing exploit and ne...

Awareness

  • [SMB] Use of CSS stuffing as an obfuscation technique?, (Fri, Nov 21st)
    https://isc.sans.edu/diary/rss/32510
    Fri, 21 Nov 2025 09:48:20 GMT
    From time to time, it can be instructive to look at generic phishing messages that are delivered to one’s inbox or that are caught by basic spam filters. Although one usually doesn’t find much of interest, sometimes these little excursions into what should be a run-of-the-mill collection of basic, c...

  • [SMB] Quantum Error Correction Moves From Theory to Practical Breakthroughs
    https://cysecurity.news/2025/11/quantum-error-correction-moves-from.html
    2025-11-21T10:51:00.000-05:00
    Quantum computing’s biggest roadblock has always been fragility: qubits lose information at the slightest disturbance, and protecting them requires linking many unstable physical qubits into a single logical qubit that can detect and repair errors. That redundancy works in principle, but the repeate...

  • [SMB] Spam and phishing
    https://securelist.com/category/spam-and-phishing

    Kaspersky experts analyze the ToddyCat APT attacks targeting corporate email. We examine the new version of TomBerBil, the TCSectorCopy and XstReader tools, and methods for stealing access tokens from Outlook....

Emerging

  • [SMB] More on Rewiring Democracy
    https://schneier.com/blog/archives/2025/11/71226.html
    2025-11-21T19:07:34Z
    More on Rewiring Democracy It’s been a month since Rewiring Democracy: How AI Will Transform Our Politics, Government, and Citizenship was published. From what we know, sales are good. Some of the book’s forty-three chapters are available online: chapters 2, 12, 28, 34, 38, and 41. We need more r...

  • [SMB] AI as Cyberattacker
    https://schneier.com/blog/archives/2025/11/ai-as-cyberattacker.html
    2025-11-21T12:01:36Z
    From Anthropic: In mid-September 2025, we detected suspicious activity that later investigation determined to be a highly sophisticated espionage campaign. The attackers used AI’s “agentic” capabilities to an unprecedented degree­—using AI not just as an advisor, but to execute the cyberattacks the...

Other

  • [SMB] Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation
    https://thehackernews.com/2025/11/grafana-patches-cvss-100-scim-flaw.html
    Fri, 21 Nov 2025 21:10:00 +0530
    Grafana has released security updates to address a maximum severity security flaw that could allow privilege escalation or user impersonation under certain configurations. The vulnerability, tracked as CVE-2025-41115, carries a CVSS score of 10.0. It resides in the System for Cross-domain Identity ...

  • [SMB] Why IT Admins Choose Samsung for Mobile Security
    https://thehackernews.com/2025/11/why-it-admins-choose-samsung-for-mobile.html
    Fri, 21 Nov 2025 16:30:00 +0530
    Ever wonder how some IT teams keep corporate data safe without slowing down employees? Of course you have. Mobile devices are essential for modern work—but with mobility comes risk. IT admins, like you, juggle protecting sensitive data while keeping teams productive. That's why more enterprises are...

  • [SMB] Microsoft: Out-of-band update fixes Windows 11 hotpatch install loop
    https://bleepingcomputer.com/news/microsoft/microsoft-out-of-band-update-fixes-windows-11-hotpatch-install-loop
    Fri, 21 Nov 2025 13:02:05 -0500
    Microsoft has released the KB5072753 out-of-band cumulative update to fix a known issue causing the November 2025 KB5068966 hotpatch update to reinstall on Windows 11 systems repeatedly. As the company explained in an update to the KB5068966 advisory, the Windows 11 25H2 hotpatch was being reoffere...

  • [SMB] FCC rolls back cybersecurity rules for telcos, despite state-hacking risks
    https://bleepingcomputer.com/news/security/fcc-rolls-back-cybersecurity-rules-for-telcos-despite-state-hacking-risks
    Fri, 21 Nov 2025 11:01:41 -0500
    The Federal Communications Commission (FCC) has rolled back a previous ruling that required U.S. telecom carriers to implement stricter cybersecurity measures following the massive hack from the Chinese threat group known as Salt Typhoon. The ruling came in January 2025 and took effect immediately ...

  • [SMB] Friday Squid Blogging: New “Squid” Sneaker
    https://schneier.com/blog/archives/2025/11/friday-squid-blogging-new-squid-sneaker.html
    2025-11-21T22:08:09Z
    About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998. I'm a fellow and lecturer at Harvard's Kennedy School, a board member of...

  • [SMB] The OSINT playbook: Find your weak spots before attackers do
    https://welivesecurity.com/en/privacy/osint-playbook-find-weak-spots-attackers-do
    Thu, 20 Nov 2025 10:00:00 +0000
    Here’s how open-source intelligence helps trace your digital footprint and uncover your weak points, plus a few essential tools to connect the dots Whatever the reason, we spend vast amounts of time online, tapping into the untold expanse of information, communication and resources. Sometimes, the ...

  • [SMB] Sam Altman’s Iris-Scanning Startup Reaches Only 2% of Its Goal
    https://cysecurity.news/2025/11/sam-altmans-iris-scanning-startup.html
    2025-11-21T10:52:00.001-05:00
    Although privacy concerns have followed the project since its launch, a few experts have been surprisingly positive about its security model. Sam Altman’s ambitious—and often criticized—vision to scan humanity’s eyeballs for a profit is falling far behind its own expectations. The startup, now know...