Cybersecurity In the News

Summary:

-In August 2025, a fintech firm, Marquis Software solutions, was hit by a ransomware attack that exploited a known vulnerability in Firewall software from The breach exposed sensitive personal data like names, addresses, Social Security numbers, dates of birth, and financial account information. Over 400,000 individuals across 74 U.S. banks and credit unions were affected. 

Who was affected: 

-The people mainly who were impacted were customers/account holders across the U.S.

How to protect this: 

-There are two main ways the organization and individuals could prevent this by: 

- Applying security patches promptly especially on firewalls and other perimeter devices, enforce strong authentication, regularly audit and harden third-party vendor security, and maintain strong logging and monitoring.
Source Evaluation: 

Who published / Where: The article was published by TechRadar 

When: December 4, 2025

Accuracy / Truthfulness: The reporting aligns with a publicly filed notification from Marquis and corroborating details from other cybersecurity-news outlets.

Presentation / Purpose: The article is written as a factual news summary. It informs readers about the breach, its scope, affected parties, and the firm’s response. It appears objective, with no sensationalism, and aims to raise awareness about supply-chain and vendor security risks.

Links / Citations: Fadilpašić, S. (2025, December 4). Over 70 US banks and credit unions affected by Marquis ransomware breach - here’s what we know. TechRadar. https://www.techradar.com/pro/security/over-70-us-banks-and-credit-unions-affected-by-marquis-ransomware-breach-heres-what-we-know?utm_source=chatgpt.com

(I asked Chat GPT to check the truthfulness of the article) 

Summary: 

-On Thanksgiving eve, a threat actor tracked as Storm-0900 launched a large-

scale phishing campaign targeting users across the U.S.

- The phishing email used fake parking ticket notifications and medical test results. This would take them to a fake landing page, and if the person follows the directions, they could be tricked into running a script that would drop the malware. 

Who was affected: 

-It was the general people in the United States receiving phishing emails. Instead of the regular data breach, the target is an individual's devices and credentials rather than a corporate server. 

How to prevent: 

-You need to always be conscious about email, especially the ones claiming to be urgent. 

-Avoid clicking links you don't know.

-Use a multifactor authentication antivirus.

Source Evaluation: 

Who published / Where: The news was published by CyberSecurityNews, a specialized outlet covering security incidents.

When: December 3, 2025

Accuracy / Truthfulness: The article references detection by Microsoft Threat Intelligence and includes technical details about the phishing infrastructure (malicious domain, CAPTCHAs, malware payload) which align with standard reporting on phishing campaigns.

Presentation / Purpose: The piece is written as an informational alert; its purpose is to raise awareness of the campaign and encourage better user defense. The tone is cautionary but factual — no sensational language.

Links / Citations: Dutta, T. S. (2025, December 3). Storm-0900 hackers leveraging parking ticket and medical test themes in massive phishing attack. Cyber Security News. https://cybersecuritynews.com/storm-0900-hackers-leveraging-parking-ticket/?utm_source=chatgpt.com

 (I used chat gpt to check the truthfulness of the article)