CloudCast Cybersecurity Headlines for February 5th, 2025

From the Skyhigh Studios, I'm Scott Schlee, and these are your cybersecurity headlines for the week of Wednesday, February 5th, 2025. Headlines this week: Android Users Urged to Update Devices Due to Critical Vulnerabilities Smiths Group Suffers Global Cyberattack TalkTalk Investigates Potential Data Breach Apple Releases Critical Security Updates Law Enforcement Shuts Down Illicit Cybercrime Services Google Blocks Over 2 Million Risky Android Apps in 2024 UnitedHealth Discloses Massive Data Breach DeepSeek AI Chatbot's Data Exposure & Proposed US Government Ban Thank you again for listening to Skyhigh Cloudcast. If you've enjoyed this episode, be sure to subscribe on your favorite platform so you never miss an update. If you like the show, please leave us a review. It helps others find the podcast. For more information about Skyhigh Security or CloudCast, please visit skyhighsecurity.com. Sources: Android Users Urged to Update Devices Due to Critical Vulnerabilities: thesun.ie Smiths Group Suffers Global Cyberattack: thetimes.co.uk TalkTalk Investigates Potential Data Breach: thesun.ie Apple Releases Critical Security Updates: diesec.com Law Enforcement Shuts Down Illicit Cybercrime Services: thehackernews.com Google Blocks Over 2 Million Risky Android Apps in 2024: diesec.com United Health Discloses Massive Data Breach: diesec.com DeepSeek AI Chatbot's Data Exposure: diesec.com Lawmakers Advocate for DeepSeek Ban on Government Devices: wsj.com ----------- CloudCast is hosted by Skyhigh Security’s very own Digital Experience Manager, Scott Schlee. Scott’s engaging demeanor and wit, backed by over 20 years in digital media production and web development, has led to successful collaborations with top-tier brands. His experience includes hosting and producing a wide range of podcasts and videos. Scott has been recognized for his outstanding work, including an award-winning digital short and a Webby Awards nomination for Viral Marketing (Branded). Beyond his professional achievements, Scott’s personal journey as a decade-long pancreatic cancer survivor has led him to share his story with the U.S. Congress and other organizations as an advocate for increased cancer research funding. Transcript Google released a security update addressing nearly 50 flaws in the Android operating system, including a high-severity vulnerability that could allow attackers to install malware or steal files without user authentication. Users are strongly advised to update their devices promptly to mitigate these risks. Smiths Group, a multinational engineering firm, experienced a cyberattack leading to unauthorized access to its systems. The company isolated the affected systems and is collaborating with cybersecurity experts to assess and recover from the incident. The breach resulted in a 1.7% drop in the company's share price. Telecom company TalkTalk is investigating claims of a data breach after a hacker alleged they were selling data from nearly 19 million of the company's current and former customers. The breach reportedly involves customer names, emails, IP addresses, and phone numbers, though no financial information is believed to be at risk. Apple issued updates to address a zero-day vulnerability (CVE-2025-24085) in its Core Media component, which could allow malicious applications to escalate privileges on affected devices. Users are advised to update their iPhones, Macs, and other Apple devices to the latest software versions to protect against potential exploits. A series of law enforcement operations led to the takedown of online marketplaces such as Cracked, Nulled, Sellix, StarkRDP, and HeartSender, which were involved in selling hacking tools, illegal goods, and crimeware solutions. These actions impacted millions of users and disrupted significant illegal activities. Google reported that it blocked a record 2.