The IT Privacy and Security Weekly Update for the Week Ending July 22nd., 2025 and no Trucks.

EP 252. In this week's update:
​
A single compromised password enabled ransomware actors to bankrupt a 158-year-old British logistics firm, exposing the catastrophic business risks of weak access controls.
Google launches its most aggressive legal action yet to dismantle a massive botnet infecting over 10 million devices, signaling a strategic shift toward litigation-led cyber defense.
Security researchers have identified a new malware technique leveraging overlooked DNS traffic to bypass traditional defenses—highlighting a critical blind spot in enterprise monitoring.
Chinese authorities are deploying powerful forensic malware to extract encrypted data from seized mobile devices, raising red flags (literally) for travelers and privacy advocates alike.
China’s outsourcing of cyberattacks to private firms marks a new era of state-sponsored hacking thoroughly blurring the lines between national strategy and commercial enterprise.
Microsoft is removing China-based engineers from U.S. military cloud projects following national security concerns—prompting a major policy shift in federal tech partnerships.
Microsoft has attributed a wave of advanced SharePoint breaches to Chinese threat actors, urging critical infrastructure operators to reevaluate patching protocols and on-premise defenses.
Ukrainian cyber operatives claim to have obliterated a major Russian drone producer’s entire digital infrastructure... potentially stalling military production and reshaping electronic warfare dynamics.
Let's put the pedal to the metal.

Find the complete transcript to this week's podcast here.