- Mycomputerspot Security Newsletter
- Posts
- Wednesday War Room – 11/12/2025
Wednesday War Room – 11/12/2025
This Wednesday, the digital world proves it's just as chaotic as the real one.
J.W. Croley
November 12, 2025
In partnership with
Choose the Right AI Tools
With thousands of AI tools available, how do you know which ones are worth your money? Subscribe to Mindstream and get our expert guide comparing 40+ popular AI tools. Discover which free options rival paid versions and when upgrading is essential. Stop overspending on tools you don't need and find the perfect AI stack for your workflow.
The past three days have been a whirlwind of activity, marked by a massive data breach at an Ivy League university, a critical zero-day vulnerability in the world's most popular operating system, and a widespread phishing campaign targeting the hospitality industry. It seems the only thing spreading faster than holiday cheer is malware.
Let's dive in.
Risk Level: Critical
Business Impact: Massive reputational damage, significant legal and regulatory exposure, long-term identity theft risk for affected individuals
What You Need to Know: What You Need to Know: The University of Pennsylvania has confirmed a colossal data breach exposing the personal information of 1.2 million students, alumni, and staff. The breach, which originated from a social engineering attack on October 31, compromised systems containing decades of personally identifiable information (PII) and banking details.
Why This Matters:
This is a stark reminder that even the most prestigious institutions are not immune to basic social engineering attacks.
The sheer volume and sensitivity of the stolen data create a perfect storm for widespread fraud and identity theft.
The incident highlights the critical need for robust identity and access management (IAM) controls, especially in complex, decentralized environments like a university.
Executive Actions:
📚 Review and enhance your organization's security awareness training program, with a specific focus on social engineering and phishing attacks targeting high-value individuals.
✅ Implement and enforce multi-factor authentication (MFA) across all critical systems, without exception.
📢 Develop and test a comprehensive incident response plan that includes clear communication protocols for notifying affected individuals and regulatory bodies.
🤝 Conduct a thorough review of your third-party risk management program to ensure that all vendors with access to sensitive data have adequate security controls in place.
Risk Level: Critical
Business Impact: High risk of system compromise, potential for widespread ransomware attacks, urgent patching requirements for all Windows users
What You Need to Know: Microsoft's November Patch Tuesday release includes a fix for a critical Windows Kernel Elevation of Privilege (EoP) vulnerability (CVE-2025-62215) that is being actively exploited in the wild. The vulnerability, as detailed by Malwarebytes, allows an attacker with local access to gain full admin rights, enabling them to install malware, steal data, and cause significant damage.
Why This Matters:
This is a classic example of a "patch now or pay later" scenario. The fact that this vulnerability is being actively exploited means that attackers are already on the move.
The vulnerability's ability to grant full admin rights makes it a particularly dangerous tool in the hands of a skilled attacker.
The incident underscores the critical importance of a robust and timely patch management program.
Executive Actions:
🩹 Immediately deploy the November Patch Tuesday updates across all Windows systems in your environment.
🔍 Conduct a thorough vulnerability scan to identify any systems that may have been missed.
🛡️ Implement enhanced monitoring and security controls around your Windows environment to detect and respond to any suspicious activity.
📜 Review and update your patch management policy to ensure that critical vulnerabilities are addressed within a strict timeframe.
Risk Level: High
Business Impact: High risk of financial loss, reputational damage, and customer data compromise for hotels and other hospitality businesses
What You Need to Know: A large-scale phishing campaign is targeting the global hospitality industry, with attackers impersonating Booking.com to trick hotel managers into giving up their login credentials. The campaign, as reported by Kaseya, uses convincing spear-phishing emails and malicious websites to steal credentials and install the PureRAT ransomware.
Why This Matters:
This campaign is a powerful reminder that attackers are increasingly targeting specific industries with tailored attacks.
The use of a trusted brand like Booking.com adds a layer of legitimacy to the attacks, making them more difficult to detect.
The incident highlights the importance of a multi-layered security approach that includes technical controls, security awareness training, and a healthy dose of skepticism.
Executive Actions:
🎣 Review and enhance your organization's phishing awareness training, with a specific focus on industry-specific threats.
⚙️ Implement advanced email filtering and security controls to block malicious links and attachments.
✈️ Encourage your employees to be cautious of unsolicited requests for sensitive information, even if they appear to come from a trusted source.
🕵️ Monitor for and respond to any suspicious activity on your corporate accounts.
Leadership Insight:
This week’s headlines are a sobering reminder that we are all in the crosshairs.
The question is not if you will be attacked, but when. The good news is that we are not powerless. By focusing on the fundamentals, working together, and staying vigilant, we can make ourselves a much harder target.
So, let’s get to work.
Small Budget, Big Impact: Outsmart Your Larger Competitors
Being outspent doesn't mean being outmarketed. Our latest resource showcases 15 small businesses that leveraged creativity instead of cash to achieve remarkable marketing wins against much larger competitors.
Proven techniques for standing out in crowded markets without massive budgets
Tactical approaches that turn resource constraints into competitive advantages
Real-world examples of small teams creating outsized market impact
Ready to level the playing field? Download now to discover the exact frameworks these brands used to compete and win.
Risk Level: High
Business Impact: Significant data breach affecting over 10,000 employees, potential for intellectual property theft, and reputational damage
What You Need to Know: The ongoing exploitation of vulnerabilities in Oracle's E-Business Suite has claimed another victim: GlobalLogic, a major technology services company. The attack, as reported by SC World, has resulted in a significant data breach affecting over 10,000 employees.
Why This Matters:
This incident is a stark reminder that even the most widely used enterprise software can have critical vulnerabilities.
The ongoing nature of this campaign suggests that many organizations are still struggling to patch and secure their Oracle EBS environments.
The breach highlights the importance of a comprehensive security program that includes not only preventative controls but also detective and responsive capabilities.
Executive Actions:
🔧 Immediately patch all Oracle E-Business Suite systems in your environment.
🔍 Conduct a thorough vulnerability scan to identify any other systems that may be at risk.
🛡️ Implement enhanced monitoring and security controls around your Oracle EBS environment to detect and respond to any suspicious activity.
📜 Review and update your third-party risk management program to ensure that all vendors with access to sensitive data have adequate security controls in place.
Risk Level: Medium-High
Business Impact: Increased risk of financial loss and data compromise for employees and customers, reputational damage
What You Need to Know: Google's Trust & Safety team has issued a stark warning about the prevalence of online scams, revealing that 57% of adults have encountered a scam in the past year. The report highlights six major scam trends, including online job scams, AI product impersonation, and malicious VPN apps, and notes that scammers are increasingly using AI to scale and enhance their operations.
Why This Matters:
This report is a powerful reminder that the threat of scams is not just a consumer issue; it's a major business risk.
The increasing sophistication of scams, driven by AI and other technologies, makes them more difficult to detect and defend against.
The report underscores the importance of a holistic security approach that includes not only technical controls but also user education and awareness.
Executive Actions:
📚 Review and enhance your organization's security awareness training program to include information on the latest scam trends.
✅ Encourage your employees to be cautious of unsolicited offers and to verify the legitimacy of any requests for sensitive information.
📢 Develop a clear and consistent process for reporting and responding to suspected scams.
🤝 Partner with your marketing and communications teams to educate your customers about the threat of scams and how to protect themselves.
Risk Level: Medium-High
Business Impact: Increased legal and regulatory risk for organizations that fail to report and respond to ransomware attacks, potential for increased international cooperation in combating cybercrime
What You Need to Know: A Russian hacker accused of helping the Yanluowang ransomware gang infect U.S. businesses has agreed to plead guilty, according to recently filed court documents. The case is a significant development in the ongoing effort to bring international cybercriminals to justice.
Why This Matters:
This case is a powerful reminder that the long arm of the law is getting longer, even in the world of cybercrime.
The guilty plea could lead to increased cooperation between law enforcement agencies in different countries, making it more difficult for cybercriminals to operate with impunity.
The case underscores the importance of reporting ransomware attacks to law enforcement, as this information can be critical in building cases against the perpetrators.
Executive Actions:
📜 Review and update your organization's incident response plan to include clear guidelines for reporting ransomware attacks to law enforcement.
🤝 Engage with your legal and compliance teams to ensure that you are in compliance with all applicable breach notification laws.
📢 Develop a clear and consistent process for communicating with law enforcement during and after a ransomware attack.
🌍 Support international efforts to combat cybercrime by sharing information and best practices with other organizations in your industry.
🔄 Review and enhance your security awareness training program to include information on the latest social engineering and phishing tactics.
📦 Ensure that all critical systems are patched and up-to-date, especially those running Windows and Oracle E-Business Suite.
🧠 Review and enhance your third-party risk management program to ensure that all vendors with access to sensitive data have adequate security controls in place.
📜 Review and update your incident response plan to include clear guidelines for reporting ransomware attacks to law enforcement.
💡 Stay vigilant, patch promptly, and remember that in cybersecurity, paranoia isn't a disorder – it's a job requirement. 💡
J.W.
(P.S. Check out our partners! It goes a long way to support this newsletter!)
Free email without sacrificing your privacy
Gmail tracks you. Proton doesn’t. Get private email that puts your data — and your privacy — first.