🛡️ CyberPulse Daily #1

Sunday, June 15, 2025

Author

Anthony Curcio-Petraccoro
June 15, 2025

CyberPulse Daily – Sunday, June 15, 2025

Your in-depth cybersecurity briefing.

TL;DR – June 15, 2025

  • UK banks face nonstop, sophisticated cyberattacks and are ramping up red‑team defenses.

  • 86M AT&T records, including SSNs, reappeared online—possibly from prior leaks but re-packaged.

  • TxDOT breach exposed crash data for ~423K individuals after account compromise.

  • Microsoft Patch Tuesday: 66 flaws fixed—WebDAV zero-day and SMBv3 exploits are priorities.

  • Retail wave: Cartier, North Face, Victoria’s Secret hit by varied cyber threats.

  • GenAI attacks: Phishing/malware look increasingly human-smart.

  • Tool of the Day: Wazuh servers recently targeted—audit configs and lock down services.

🚨 UK Banks Under Relentless Cyber Assault

British banks are enduring constant and increasingly sophisticated cyberattacks, many of them backed by hostile nation-states. Regulators like the Bank of England and the National Cyber Security Centre are pushing CBEST red-team exercises and investing heavily in resilience testing.

“A cyberattack is more likely than a bank run.” — UK Cyber Regulator

Takeaway: If you're in the financial space, simulate attacks yearly. Include both technical and executive stakeholders in tabletop drills.

🔓 86 Million AT&T Records Leaked on Dark Web

A massive trove of 86 million AT&T customer records, including Social Security numbers and contact details, appeared online last week. While AT&T claims the data was previously leaked in 2024, security experts warn that the repackaging and fresh distribution increase its weaponization potential.

What to Do:

  • Encourage users to freeze their credit and use identity monitoring

  • Enforce stronger authentication measures across customer accounts

🧱 TxDOT Breach: 423,000 Crash Reports Exposed

The Texas Department of Transportation suffered a breach affecting nearly 300,000 crashes and 423,000 individuals. The compromise involved a crash report system. Texas’ $135.5M Cyber Command has launched incident response measures.

Action: If you run public sector systems, especially legacy platforms, prioritize segmented architecture and backup verification.

🛠️ Microsoft Patch Tuesday (June 2025): What to Fix Now

This month’s Patch Tuesday addressed 66 vulnerabilities, including:

  • CVE‑2025‑33053 (WebDAV zero-day actively exploited by Stealth Falcon APT)

  • CVE‑2025‑33073 (SMBv3 elevation of privilege, public exploit available)

Patch priority:

  1. WebDAV

  2. SMBv3

  3. Office & Exchange RCEs

Details from Microsoft:
đź”— Microsoft June 2025 Security Update Guide

🛍️ Retail Breach Wave: Cartier, North Face, Victoria's Secret

Retail giants, including Cartier, The North Face, and Victoria’s Secret, were all hit with recent cyberattacks:

  • Cartier: Customer email and contact info exposed

  • North Face: Credential stuffing at scale

  • Victoria’s Secret: DDoS + operational disruption

Tips:

  • Audit third-party access

  • Require MFA and rate-limit login attempts

  • Educate customers on password reuse risks

⚙️ GenAI Tools Now Used in Phishing, Malware Creation

Threat actors are now openly using generative AI to craft spear phishing, clone malware UIs, and automate social engineering. These attacks appear highly personalized and harder to detect using conventional filters.

Response Tips:

  • Deploy behavioral anomaly detection

  • Train employees on recognizing “overly polished” social lures

  • Segment internal systems to prevent lateral movement

🧪 Tool of the Day: Wazuh Audit After Mirai Attacks

Some open-source Wazuh monitoring servers were recently targeted using Mirai-family malware variants. If you use Wazuh, check for unpatched ports and unused services.

Action:

  • Audit Wazuh installation configs

  • Apply all upstream patches

  • Disable remote management ports where unused

📬 Found this useful? Forward it to your team or subscribe to CyberPulse Daily.