This week on The Awareness Angle, security failures show how quickly everyday systems can tip from background noise into real world disruption. From ransomware knocking a major IT distributor offline, to schools closing after cyber attacks, and criminals selling voice phishing kits like a product, the theme this week is scale. Small failures, trusted platforms, and familiar channels being used to create outsized impact.
We start with Breach Watch, looking at the Ingram Micro ransomware attack and what it reveals about supply chain fragility when a single distributor goes dark. We then cover a breach at Grubhub caused by access to a third party support system, exposing customer, driver, and merchant data. We also look at the Minnesota Department of Human Services breach affecting nearly 304,000 people, and a UK secondary school forced to close after cyber disruption took critical systems offline.
In the news, Microsoft releases emergency out of band Windows updates after patching issues prevent systems from shutting down properly. We look at criminals openly selling ready made voice phishing kits, making vishing easier to run at scale, and a malicious Chrome extension that deliberately crashes browsers to push fake fixes in a new ClickFix variant. We also discuss the EU launching a new vulnerability database as an alternative to CVE, a phishing campaign targeting LastPass users with fake security alerts, the UK government consulting on banning social media for under 16s, and TikTok finalising a deal to split its US operations into a new joint venture.
In Topics, we talk about password hints that are completely useless, the ongoing debate around the phrase human risk, and the Action Fraud rebrand to Report Fraud, including why its sign in experience raises some uncomfortable trust questions. We also look at how AI generated content is flooding social platforms, and share practical ways to spot fake accounts and videos before they fool you.
If you want cyber news explained with clarity, context, and zero jargon, you are in the right place.
0:00 Introduction and Overview
1:25 Ingram Micro Ransomware Attack
5:38 Grubhub Third Party Breach
9:41 Minnesota Department of Human Services Data Breach
12:39 UK School Forced to Close After Cyber Attack
18:52 Microsoft Emergency Windows Updates
20:45 Voice Phishing Kits for Sale
25:25 Malicious Chrome Extension and ClickFix Variant
30:34 EU Vulnerability Database Alternative to CVE
34:19 LastPass Phishing Campaign
39:29 UK Consultation on Social Media Ban for Under 16s
45:10 TikTok Splits US Operations
48:30 Password Hints and Human Risk Discussion
53:19 Action Fraud Rebrand and Trust Issues
1:01:26 AI Generated Content and Spotting Fakes
More Information
https://riskycreative.com
Listen on the go
Spotify: https://open.spotify.com/show/7rwzcRsKrXbASFBfiXoCZ6
Apple Podcasts: https://podcasts.apple.com/us/podcast/the-awareness-angle-cyber-news-weekly/id1784126196
Follow us
LinkedIn: https://www.linkedin.com/newsletters/the-awareness-angle-newsletter-7274932363787132928/
TikTok: https://www.tiktok.com/@infosecant
Instagram: https://www.instagram.com/riskycreative
YouTube: https://www.youtube.com/@riskycreative
If you found this useful, hit subscribe and share it with someone who cares about cyber but does not speak cyber.
Stay aware, stay secure.
🎵 Our Intro and Outro Song (© 16 by falling forever)
https://fallingforever.bandcamp.com/track/16
