Cybersecurity Headlines US taps private firms in cyber offensive, Microsoft updates cause queuing failures, phishing campaign delivers Phantom Stealer
8 snips
Dec 16, 2025 The U.S. is now partnering with private firms for offensive cyber operations, signaling a shift in strategy. Recent Microsoft updates have caused enterprise queuing failures, complicating workflows. A new phishing campaign is using ISO attachments to deploy Phantom Stealer, targeting sensitive credentials. Additionally, Jaguar Land Rover has reported a data breach involving payroll information. Meanwhile, CISA has added critical flaws to its exploited catalog, emphasizing the need for ongoing vigilance in cybersecurity.
AI Snips
Chapters
Transcript
Episode notes
Private Firms In Offensive Cyberplans
- The U.S. plans to recruit private firms to expand offensive cyber capabilities against criminals and state-backed actors.
- This raises legal and security risks because firms lack clear authority and could become targets themselves.
Handle MSMQ Breakage Carefully
- Admins must consider rolling back recent Patch Tuesday updates if MSMQ-dependent apps fail or mitigate by restoring proper NTFS permissions on MSMQ folders.
- Evaluate risks carefully because rolling back leaves systems exposed to known vulnerabilities.
ISO Files Used To Evade Email Defenses
- Russian-linked Operation Money Mount ISO uses ISO attachments to bypass email security and mount disguised executables in-memory.
- Phantom Stealer then harvests credentials, keystrokes, and tokens and exfiltrates via Telegram, Discord, and FTP.