In Episode 4 of Brutally Honest Security, host Eric Taylor takes aim at one of the most revealing cyber-incidents of the year: the Information Commissioner’s Office’s £14 million penalty against Capita plc and subsidiary CPSL following a breach that exposed 6.6 million individuals and almost one terabyte of data. 
You’ll hear:
• 📉 How an infected file on a single device triggered an attacker from infiltration to lateral movement — and why a 58-hour delay in response turned a manageable intrusion into a massive data exfiltration event. 
• 🛡 The broader lesson for data processors and controllers: whether it’s pension data, staff records or client data — security posture and response speed matter.
• 🚨 Why this isn’t just a UK story: global organizations processing millions of records must heed this kind of fallout, not as a rare event — but as a warning.
No script. No limits. If it matters in cyber, it’s fair game.
Tune in every Monday to cut through the noise of the past week and walk away with the fixes and priorities that actually reduce risk.
👉 Follow Barricade Cyber Solutions:
- Connect on LinkedIn: https://linkedin.com/company/barricadecyber
- Eric's LinkedIn: https://linkedin.com/in/ransomware
- Listen to this podcast on Transistor.fm (or your favorite podcast platform): https://brutallyhonestsecurity.transistor.fm
Visit https://barricadecyber.com to learn about our mission to help businesses be safer tomorrow than they are today.
© 2025 Barricade Cyber Solutions
Eric Taylor slices through the week’s noise in Brutally Honest Security — no spin, only sharp, actionable insight.
This episode covers the crucial headlines every security pro should know:
🔧 Microsoft’s October Patch Tuesday: a record-scale release — 172 vulnerabilities patched, including multiple zero-days — and why patch prioritization matters now more than ever. https://www.crowdstrike.com/en-us/blog/patch-tuesday-analysis-october-2025
🐙 Qilin’s hybrid attack: a new play combining Linux payloads and BYOVD exploitation that raises cross-platform risk for enterprises. https://thehackernews.com/2025/10/qilin-ransomware-combines-linux-payload.html Bonus story: https://www.infosecurity-magazine.com/news/qilin-ransomware-40-cases-monthly/
🔐 F5 hack alarm: defenders warn the F5 compromise exposes broad supply-chain and infrastructure risk — and what your org should check first. https://www.reuters.com/sustainability/boards-policy-regulation/cyber-defenders-sound-alarm-f5-hack-exposes-broad-risks-2025-10-20
📱 Smishing at scale: a global smishing triad tied to ~194,000 malicious domains — why SMS remains an ideal entry vector and how to blunt it. https://thehackernews.com/2025/10/smishing-triad-linked-to-194000.html
🐛 MuddyWater & backdoors: a widespread campaign hitting MEA government entities with persistent backdoors — a reminder to watch telemetry and lateral-movement indicators. https://www.darkreading.com/cyberattacks-data-breaches/muddywater-100-gov-entites-mea-phoenix-backdoor
🧩 Plus: data leaks (Toys ’R’ Us Canada), quantum-preparedness calls for financial firms, and a new browser exploit that can plant persistent hidden commands in AI-powered browsing environments. https://www.securityweek.com/toys-r-us-canada-customer-information-leaked-online
EPSS Look Up Tool: https:epsslookuptool.com
Expect blunt breakdowns, practical remediation tips, and the decision-ready takeaways CISOs, incident responders, and security teams need to act now.
No script. No limits. If it matters in cyber, it’s fair game.
Tune in every Monday to cut through the noise of the past week and walk away with the fixes and priorities that actually reduce risk.
👉 Follow Barricade Cyber Solutions:
- Connect on LinkedIn: https://linkedin.com/company/barricadecyber
- Eric's LinkedIn: https://linkedin.com/in/ransomware
- Listen to this podcast on Transistor.fm (or your favorite podcast platform): https://brutallyhonestsecurity.transistor.fm
Visit https://barricadecyber.com to learn about our mission to help businesses be safer tomorrow than they are today.
© 2025 Barricade Cyber Solutions
In this episode of Brutally Honest Security, Eric Taylor tears into the week’s most critical and pulse-raising cybersecurity developments — no fluff, just facts and blunt insight.
Episode Headlines & Links:
👉 How the newly rebranded Department of War is replacing legacy frameworks with its Cybersecurity Risk Management Construct (CSRMC) - shifting to continuous, automated real-time defense. https://www.war.gov/News/Releases/Release/Article/4314411/department-of-war-announces-new-cybersecurity-risk-management-construct
💥 The return of LockBit 5.0, now targeting Windows, Linux, and ESXi — a cross-platform beast with heavy obfuscation and new tactics. https://www.trendmicro.com/en_us/research/25/i/lockbit-5-targets-windows-linux-esxi.html
💼 A major Jaguar Land Rover loan bailout following a cyber shutdown — what that says about risk in the private sector. https://www.bbc.com/news/articles/cgl15ykerlro
🃏 The latest Boyd Gaming Corp cybersecurity incident — lessons from how an incident unfolds in real business. https://www.board-cybersecurity.com/incidents/tracker/20250923-boyd-gaming-corp-cybersecurity-incident
🎯 Why phishing remains the leading cause of ransomware attacks in 2025 — and how that one vector keeps getting lethal. https://www.globenewswire.com/news-release/2025/09/23/3154612/0/en/Phishing-is-the-Leading-Cause-of-Ransomware-Attacks-in-2025-SpyCloud-Identity-Threat-Report-Finds.html
No script. No limits. If it matters in cyber, it’s fair game.
Tune in every Monday to cut through the noise of the past week, see how these cyber threats and incidents interlock, and walk away with decision-ready takeaways for your own security posture.
👉 Follow Barricade Cyber Solutions:
- Connect on LinkedIn: https://linkedin.com/company/barricadecyber
- Eric's LinkedIn: https://linkedin.com/in/ransomware
- Listen to this podcast on Transistor.fm (or your favorite podcast platform): https://brutallyhonestsecurity.transistor.fm
Visit https://barricadecyber.com to learn about our mission to help businesses be safer tomorrow than they are today.
© 2025 Barricade Cyber Solutions
When it comes to cybersecurity, sugarcoating is not an option. Brutally Honest Security cuts through the noise with raw, unfiltered insights from Eric Taylor — a seasoned digital forensics and incident response (DFIR) expert known for his “no-holds-barred” style.
Each episode dives straight into the heart of information security:
🔥 Ransomware updates & evolving trends
📧 Business Email Compromise (BEC) and phishing
🛠 Digital Forensics & Incident Response (DFIR)
🌑 Threat actor activity across the dark web
📢 Breaking cybersecurity headlines & data breaches
🛡 Latest CVEs, exploits, and real-world vulnerabilities
🎙 No script. No limits. If it matters in cyber, it’s fair game.
Whether you’re a security professional, IT leader, breach counsel, or just someone trying to make sense of the headlines, Eric’s blunt breakdowns make complex cyber topics accessible and actionable. Expect frank discussions, real stories from the trenches, and zero fluff.
If you’re tired of jargon and want the truth about today’s cyber threats, tune in to Brutally Honest Security. Its cybersecurity explained the way it should be direct, honest, and impossible to ignore.
👉 Subscribe now on YouTube, Spotify, Apple Podcasts, or wherever you get your podcasts.
=============================
In this debut episode of Brutally Honest Security, Eric Taylor wastes no time cutting through the cyber noise of the week with his signature blunt insights.
This week’s breakdown includes:
✈️ European airports hit by a cyberattack — grounding flights and snarling travel across the region.
☁️ Microsoft Azure Entra elevation of privilege vulnerability — why it matters and who’s at risk.
🔒 MySonicWall cloud backup incident — what was exposed and lessons for MSPs.
🐀 Tracking AsyncRAT through Trojanized ScreenConnect campaigns — a stealthy RAT abusing open directories.
🧙 GOLD SALEM’s Warlock ransomware operation — the latest player in an already crowded landscape.
📂 FileFix malware spotted in the wild — moving beyond proof-of-concept with steganography tricks.
👮 Teen hacker jailhouse confessions — insight into the mindset of young cybercriminals.
🚈 JFK’s AirTrain half-off promo — and why even everyday infrastructure intersects with cyber resilience.
Episode Links:
- European airports snarled by cyberattack - https://www.reuters.com/en/cyberattack-causes-flight-delays-cancellations-brussels-airport-2025-09-20
- JFK's AirTran Half Off for the summer - https://www.frommers.com/tips/car-bus-rail/jfk-airtrain-half-off-in-nyc-summer-2025
- Microsoft Azure Entra Elevation of Privilege Vulnerability - https://thehackernews.com/2025/09/microsoft-patches-critical-entra-id.html https://thehackernews.com/2025/09/microsoft-patches-critical-entra-id.html
- MySonicWall Cloud Backup File Incident - https://www.sonicwall.com/support/knowledge-base/mysonicwall-cloud-backup-file-incident/250915160910330
- Tracking AsyncRAT via Trojanized ScreenConnect - https://hunt.io/blog/asyncrat-screenconnect-open-directory-campaigns
- GOLD SALEM’s Warlock operation - https://news.sophos.com/en-us/2025/09/17/gold-salems-warlock-operation-joins-busy-ransomware-landscape
- ‘I Was a Weird Kid’: Jailhouse Confessions of a Teen Hacker
https://news.bloomberglaw.com/privacy-and-data-security/i-was-a-weird-kid-jailhouse-confessions-of-a-teen-hacker
- FileFix in the wild! New FileFix campaign goes beyond POC -
https://www.acronis.com/en/tru/posts/filefix-in-the-wild-new-filefix-campaign-goes-beyond-poc-and-leverages-steganography
👉 Follow Barricade Cyber Solutions:
- Connect on LinkedIn: https://linkedin.com/company/barricadecyber
- Eric's LinkedIn: https://linkedin.com/in/ransomware
- Listen to this podcast on Transistor.fm (or your favorite podcast platform): https://brutallyhonestsecurity.transistor.fm
Visit https://barricadecyber.com to learn how we help businesses be safer tomorrow than they are today.
© 2025 Barricade Cyber Solutions