๐ Digital Forensics & Incident Response Insights
- BadCam: weaponizing Linux webcams via BadUSB for persistence: Eclypsium researchers show how firmware on common Lenovo-branded webcams can be reflashed to survive reboots and OS reinstallsโraising DFIR stakes around peripheral imaging and chain-of-custody.
No additional DFIR tool/advisory items from credible sources published in the last 48 hours.
โ ๏ธ Exploits & Threat Intelligence
- Google Calendar invite quirk let researchers hijack Gemini agents: Crafted Calendar invites could steer agent workflows and leak data; Google says the issue is fixedโgood reminder to review agent integrations and third-party triggers.
No additional new CVE/advisory releases in the last 48 hours.
๐ Major Cyber Incidents
- Marks & Spencer restores click-and-collect 15 weeks after hack: UK retailer says services are back online; investigation continues following spring ransomware that also drew police arrests in July.
No other major confirmed breaches with fresh public details in the last 48 hours.
๐ฎโโ๏ธ Law Enforcement Updates
No new global takedowns, arrests, or charges published by reputable agencies/outlets in the last 48 hours.
๐๏ธ Policy Updates
No new policy/regulatory moves meeting your criteria in the last 48 hours.
๐ Standards & Compliance
No new standards/framework releases or urgent compliance advisories in the last 48 hours.
๐ Snapshot Summary
| Section | Highlight | Why it matters |
|---|---|---|
| DFIR & IR | Peripheral firmware persistence via BadCam | Expand evidence collection to USB peripherals; consider firmware imaging. |
| Threat Intel | Agentic workflows steered via Calendar invites | Review automations; restrict third-party triggers and data scopes. |
| Major Incidents | M&S restores services after prolonged outage | Retail ops recovery timelines and comms are still under the microscope. |
๐ Editorial Perspective
- DFIR scope keeps widening: peripherals and firmware need playbook coverage, not just endpoints and servers.
- Agent/security-assistant features introduce new supply-chain-like trust edgesโgovern triggers and data paths.
- Incident recovery transparency (like M&S) is becoming part of brand resilience; track milestones as well as root cause.
๐ Reference Reading
๐ท๏ธ Tags:
DFIR, Cybersecurity News, Threat Intelligence, Ransomware, Law Enforcement, Cyber Policy, Compliance, EU CRA
Share on X
Share on LinkedIn
