News

October 7th, 2025

❓What:

One week from today on October 14th, Microsoft will end free support for all Windows 10 editions (Home, Pro, Enterprise). This includes all security updates, bug fixes, and technical assistance. If organizations using a Windows environment fail to migrate any existing Windows 10 systems to Windows 11 (or an alternative OS), they're leaving the door open to hackers and adversaries, and make themselves increasingly susceptible to operational failures.

⚠️So What?

So what's the risk? Why would this impact my organization?

August 21st, 2025

🔍 What:

• On Friday August 15th, Human Resources giant Workday disclosed a data breach targeting their third-party Customer Relationship Management (CRM) platform.

• Attackers gained access using social engineering techniques, most prominently impersonation via. vishing and smishing. Most likely, attackers impersonated HR or IT and tricked users into linking a malicious OAuth application to their CRM instance.

• Workday is just the latest company to have their CRM platform breached in an on-going campaign targeting companies that utilize Salesforce as their CRM platform. The group behind the attack, ShinyHunters, has conducted several successful attacks targeting major companies like Adidas, Qantas, Allianz Life, and Louis Vuitton, to name a few.

July 31, 2025

❓What:

• On July 16, 2025, a threat actor used a social engineering technique to compromise a third-party, cloud-based CRM (Salesforce) platform used by Allianz Life Insurance of North America.

• The breach exposed personally identifiable information of the majority of Allianz Life’s ~1.4 million U.S. customers, as well as financial professionals and select employees.

• Allianz discovered the intrusion on July 17, responded promptly, and notified the FBI and regulators including Maine’s Attorney General.

July 25th, 2025

❓What:

• Between October 2020 and October 2023, North Korean state-sponsored actors posed as U.S. based IT workers and were able to infiltrate over 300 U.S. companies, including Fortune 500 firms, a major TV network, an aerospace manufacturer, and Nike.

• This was made possible in part by Arizona woman, Christina Marie Chapman, whose house was found to have 90 laptops that the actors were able to operate remotely from North Korea. Consequently, she was sentenced to 102 months (8½ years) in federal prison today.

• The operation generated more than $17 million in illicit revenue for the North Korean regime. Chapman earned approximately $176–177K, and was ordered to forfeit $284K and pay a $175K–$176K fine.