Daily Briefing for 03.25.25

Dateline

Why SOCs rely on OSCAR: A proven investigative framework. (N2K Networks) This is a sponsored story produced in collaboration with Dropzone AI. The OSCAR methodology—Obtain, Strategize, Collect, Analyze, Report—offers SOCs a structured and efficient approach to security investigations.

How MTTC enhances SOC efficiency and alert triage performance. (N2K Networks) This is a sponsored story produced in collaboration with Dropzone AI. Traditional SOC metrics like MTTD and MTTR focus on specific phases of alert handling, leaving gaps in efficiency evaluation. Mean Time to Conclusion (MTTC) bridges these gaps, offering a comprehensive metric that tracks the entire alert triage process—from detection to resolution.

Attacks, Threats, and Vulnerabilities

A Sneaky Phish Just Grabbed my Mailchimp Mailing List (Troy Hunt) You know when you're really jet lagged and really tired and the cogs in your head are just moving that little bit too slow? That's me right now, and the penny has just dropped that a Mailchimp phish has grabbed my credentials, logged into my account and exported the mailing

Remote Code Execution Vulnerabilities in Ingress NGINX (Wiz Blog) Wiz Research uncovered RCE vulnerabilities (CVE-2025-1097, 1098, 24514, 1974) in Ingress NGINX for Kubernetes allowing cluster-wide secret access.

Ingress-nginx CVE-2025-1974: What You Need to Know (Kubernetes) Today, the ingress-nginx maintainers have released patches for a batch of critical vulnerabilities that could make it easy for attackers to take over your Kubernetes cluster. If you are among the over 40% of Kubernetes administrators using ingress-nginx, you should take action immediately to protect your users and data. Background Ingress is the traditional Kubernetes feature for exposing your workload Pods to the world so that they can be useful. In an implementation-agnostic way, Kubernetes users can define how their applications should be made available on the network.

Litigation, Investigation, and Law Enforcement

More than 300 arrests as African countries clamp down on cyber threats (Interpol) The INTERPOL-led operation targeted banking, investment and messaging app scams

For a complete running list of events, please visit the Event Tracker.

Events

WICYS 2025 (Dallas and Virtual, Texas, USA, Apr 2 - 5, 2025) WiCyS 2025 is the go-to event for cybersecurity professionals, students, and organizations. The conference is the flagship event to recruit, retain and advance women in cybersecurity.

40th Space Symposium (Denver and Virtual, Colorado, USA, Apr 7 - 10, 2025) Bringing together leaders from commercial, government and military space from around the world, the Space Symposium provides a forum to discuss, address and plan for future achievements in space. The Space Symposium program delivers exclusive networking and engagement opportunities with influential participants in one convenient and extraordinary venue. Space Symposium luncheons and dinners provide additional contact with influential participants.

Community Event with The Cyber Guild - Book Club (Reston, Virginia, USA, Apr 17, 2025) Join the growing Cyber Guild Community - "where everyone wants to know your name " The Cyber Guild community is a growing network of cyber enthusiasts who are invested in building a sustainable cyber ecosystem.

RSA Innovation Sandbox 2025 (San Francisco, California, USA, Apr 28, 2025) RSA Conference 2025 marks 20 years for cybersecurity’s top innovation startup competition: RSAC Innovation Sandbox contest. The contest puts the spotlight on cybersecurity’s boldest new innovators while highlighting their potentially game-changing ideas. Hundreds of submissions are reviewed and narrowed down to only 10 finalists. The Top 10 Finalists will take the stage during RSA Conference 2025 and will have three minutes to make their award-winning pitch to a panel of leading industry experts. Since the start of the contest, the Top 10 Finalists have collectively seen over 90 acquisitions and over $16.4 billion in investments.*

RSA Conference 2025 (San Francisco, California, USA, Apr 28 - May 1, 2025) At RSAC 2025, you're not just attending a conference—you're stepping into a vibrant, thriving community of thinkers, innovators, and achievers. Though we come from different corners of the cybersecurity world, we are united by a common mission: to foresee risks, counter threats, and embrace the challenges ahead. Together, we shape the future of security. Together, we shine as one.