November 29, 2025

RedDotSecurity.news header image, Santa hat version

Hello all,

To my United States’ audience, welcome back after a long and hopefully uneventful weekend. I pray that it was good and restful. To all of us, welcome to December. The past week seemed to be a bit quieter, thankfully. However, there was still plenty of news to report on and some major things to be aware of and take appropriate action on.

Headline NEWS:

  • ASUS warns of new critical auth bypass flaw in AiCloud routers. Nine vulnerabilities were plugged in unspecified AiCloud routers. At least one of these vulnerabilities could enable remote code execution on the router without authentication. If you use any ASUS router, you are advised by the company to update immediately to the latest version.
  • CrowdStrike fires ‘suspicious insider’ who passed information to hackers. This story is unfortunately one that is growing. Threat actors are having an increasingly difficult time breaching networks in traditional ways due to better security practices. They’ve always attempted to recruit insiders to provide passwords or install malware, and some take them up on the promise of easy money, but new trends in evil have Threat Actors reaching out and threatening insiders with all sorts of evil. Some have sent potential insiders pictures of their homes, children, and more. This is escalating in very dangerous ways.
  • Firefox patched a critical defect. Update to the latest version as soon as you’re able if you don’t have automatic updates enabled already. This defect in their WebAssembly (Wasm) engine can allow for memory corruption and subsequent arbitrary code execution.

In Ransomware, Malware, and Vulnerabilities News:

  • JPMorgan, Citi, Morgan Stanley assess fallout from SitusAMC data breach. I suspect that this is a data breach that will have wide-ranging implications for hundreds of thousands of consumers. It was first detected on November 12 and became public knowledge on November 25 when notices started arriving to lenders serviced by SitusAMC. There are a lot more than the three mentioned in the headline. The amount and type of information that is likely now in a threat actor’s hands is quite broad. As reported by CSO magazine, “The company’s role in mortgage processing involves handling extensive personal information, including Social Security numbers, financial account details, and employment records, as found on loan applications.” This is a massive treasure trove that has just been pillaged.

In Other News Events of Note and Interest:

  • The race to regulate AI has sparked a federal vs state showdown. Thankfully, Federal Law supersedes State Law. Unfortunately, in the case of AI, the Fed has been remiss in timely addressing proper governance of AI, so states have rightfully taken it upon themselves to pass a hodgepodge of laws to safeguard their citizens. Twenty-eight states already have around 100 laws that are attempting to regulate AI in areas of child safety, deepfakes, notifications, and similar. I vehemently disagree with those that say this is a state matter. You cannot operate in a global internet and somehow be expected to adhere to a patchwork quilt of laws that depend on which state your consumer is based in. The sheer amount of machination required to tool for the geopolitics and the ever-changing laws would be very innovation stifling, if not killing. A company’s most logical option would be to adopt the most restrictive policies so they don’t run afoul of the law. We need a unified national, overarching legal framework and standard for AI governance. And we need it yesterday.

Musings:

I ate, a lot, and then I needed a nap. Thankfully the world didn’t blow up while I was passed out this Thursday. Twenty-three days from Monday, if you celebrate Christmas, it is a do-over. Yum.

Visc. Jan Broucinek

Keep the shields up!

Viscount Jan Broucinek
Red Dot Security News

Headline NEWS

Ransomware, Malware, and Vulnerabilities News

Other News Events of Note and Interest

 

Tags
Share this with: