Microsoft Changes, CISA Alerts, Major Breaches, and Nation-State Attack

In this episode, Edd Hall discusses the latest developments in cybersecurity, including Microsoft's decision to remove the Edge browser's password manager in favor of the Microsoft Authenticator app. He examines new findings that show phishing training may have only short-term effectiveness, and highlights CISA's addition of two critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Edd also covers U.S. sanctions against Aezagroup for supporting cybercriminal operations, major data breaches impacting Esse Health and Kelly Benefits, the ICC’s confirmation of a 2023 nation-state cyberattack, and new industrial control system vulnerabilities disclosed by CISA. Stay tuned for insights, expert commentary, and what these stories mean for your cybersecurity posture.