Hey everyone, Chris Ogles here. One of the best things about working in cybersecurity is the teamwork—it’s not just about the technology, but the people willing to step in, share what they know, and help others get across the finish line. I’ve always believed that lending a hand doesn’t slow you down; it makes the whole team stronger. The same mindset that builds good code also builds good culture—steady, dependable, and focused on progress.
Today, on Veterans Day, all of us at Pinpoint Security pause to honor those who have served. Their commitment, discipline, and courage remind us that security—whether physical or digital—depends on people who choose to protect others.
🔒 Security Tip of the Week:
When you identify and fix a recurring issue, take a few extra minutes to document why it happened and how you resolved it. Small bits of shared knowledge prevent future incidents and turn one-time fixes into lasting improvements. Think of it as a service to the next person who steps in—just like those who’ve paved the way for us.
If you need any help with your processes, scripts or anything else Security related, contact Pinpoint Security today to learn how we can help.
– Chris
📰 Weekly News Roundup:
Here are some top Cybersecurity articles from the past week:
🇨🇳 Data Leak Exposes Chinese State-Sponsored Cyber Arsenal and Global Target List
A significant data breach at Knownsec, a prominent Chinese cybersecurity firm with government ties, resulted in the theft of over 12,000 internal documents. The leak allegedly exposes sophisticated state-sponsored cyber weapons, internal hacking tools capable of compromising major operating systems, and a comprehensive list of global intelligence targets.
📱 CISA Orders Feds to Patch Samsung Zero-Day Exploited by LANDFALL Spyware
The Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-21042 to its Known Exploited Vulnerabilities (KEV) Catalog, ordering federal agencies to patch a critical zero-day flaw in Samsung Mobile Devices. The vulnerability, an out-of-bounds write in an image library, was actively exploited by the LANDFALL spyware via malicious images sent over platforms like WhatsApp.
🏦 Swiss Bank Habib Bank AG Zurich Hit by Qilin Ransomware Group, 2.5TB Stolen
The Qilin ransomware group claimed responsibility for a major attack on Swiss private bank Habib Bank AG Zurich on November 5. The group alleges they stole over 2.5 terabytes of data, including sensitive customer details, transaction records, and internal source code, marking a severe breach in the financial sector.
📦 runC Container Runtime Flaws Allow Container Escape in Docker and Kubernetes
A trio of critical vulnerabilities (CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881) was patched in the runC container runtime, which is widely used by Docker and Kubernetes. The flaws, dubbed “TARmageddon,” stem from issues in mount handling and symbolic links, potentially allowing a malicious container to escape to the host operating system with root privileges.
🇯🇵 Japanese Retailer Askul Confirms Data Leak After Ransomware Attack Claim
Japanese office and household goods retailer Askul confirmed that customer and supplier data was exposed following a ransomware attack that disrupted its e-commerce and logistics operations. The RansomHouse extortion group claimed responsibility, alleging the theft of 1.1 terabytes of data and leaking contact and inquiry information from users of Askul’s online stores.