In this week's Security Sprint, Dave and Andy are joined by Alec Davison and they covered the following topics:

Warm Open:

• Crypto ISAC

• Odin.fun Exploited for $7 Million as 58.2 BTC Stolen in Security Breach

• BtcTurk under attack again: withdrawals suspended after alleged $50 million hack & Major Turkish Crypto Exchange BtcTurk Allegedly Hacked for Nearly $50 Million

• Treasury Sanctions Cryptocurrency Exchange and Network Enabling Sanctions Evasion and Cyber Criminals

• More everyday in the SUN. Join the GRIP! Get the SUN!

Main Topics:

EPA, WaterISAC caution utilities on drone threats and cyber risks in evolving security landscape. The U.S. Environmental Protection Agency (EPA) and WaterISAC recognized that UASs (unmanned aerial systems), or drones, can pose significant threats to critical infrastructure, due to their accessibility, versatility, and potential for misuse. These threats can range from unauthorized surveillance, physical attacks, and even cyber attacks. Drones have revolutionized the critical infrastructure sector by enabling efficient and cost-effective inspections, reducing the need for manual labor and minimizing safety risks associated with hazardous environments, while providing real-time data and high-resolution imagery, allowing for more accurate monitoring and maintenance of infrastructure assets, leading to improved operational efficiency and reduced downtime.

UK NPSA: Security Fences and Gates. Fences, along with integrated gates, play a key role in delivering security solutions both for perimeters and protecting important assets. This guidance is intended to aid those responsible for delivering security solutions including fences and gates to identify the factors that need to be considered. NPSA wish to advise that fences and gates are no longer tested to the Manual Forced Entry Standard (MFES). As a result, all fences and gates which were previously given an MFES rating have been removed from the Catalogue of Security Equipment. This document provides advice on the requirements for security fences and gates and signpost alternative security standards that should be considered. Please use the NPSA Forced Entry Standards Guidance1 to assist you. NPSA Forced Entry Standard 2024

Hurricane Erin:

• NHC issuing advisories for the Atlantic on Hurricane Erin

• Key messages regarding Hurricane Erin

• Hurricane Erin to grow, will next threaten US coast with dangerous conditions

Quick Hits:

• NOAA - July 2025 was planet's 3rd warmest on record

• Dragos Industrial Ransomware Analysis: Q2 2025

• CISA: Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators

• Canada’s Guide on Biometric Management Is a Useful Resource for All Corporate Security Directors

• Canadian Centre for Cyber Security

o Steps to address data spillage in the cloud (ITSAP.50.112)

o Introduction to cloud computing (ITSAP.50.110)

o Models of cloud computing (ITSAP.50.111)

• Norway spy chief blames Russian hackers for hijacking dam

• Colt Telecom attack claimed by WarLock ransomware, data up for sale

• SNI5GECT: Sniffing and Injecting 5G Traffic Without Rogue Base Stations & Risky Bulletin: Academics pull off novel 5G attack

• Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities

• ReliaQuest Uncovers New Critical Vulnerability in SAP NetWeaver

• Plex warns users to patch security vulnerability immediately

• ClickFix phishing links increased nearly 400% in 12 months, report says