Welcome to my weekly cybersecurity roundup! Here, I share updates on the projects I’m currently working on, along with the most insightful cybersecurity videos I watched, articles I found valuable, and podcasts I tuned into this week.
Featured Analysis
Featured article analysis: Former Disney employee who hacked Disney World restaurant menus in revenge sentenced to 3 years in federal prison
This case highlights a serious insider threat incident with significant potential consequences. Michael Scheuer, a former Disney World employee, conducted a series of cyberattacks against his former employer, demonstrating a disturbing level of knowledge about the company’s systems. His actions went beyond mere vandalism, as he manipulated allergen information on restaurant menus, creating a dangerous situation that could have resulted in severe harm or even death for customers with allergies. This element of the attack underscores the malicious intent and the potential for real-world harm that can arise from disgruntled employees with system access.
The incident also reveals the complexity and scope of modern cyberattacks. Scheuer’s actions included manipulating menu information, altering wine region details to reference mass shooting locations, and launching denial-of-service attacks. This multi-faceted approach demonstrates the potential for a single individual to disrupt operations, spread misinformation, and target individuals within an organization. The FBI’s involvement and the subsequent prosecution emphasize the severity of these crimes and the importance of robust cybersecurity measures to protect against both external and internal threats.
Ultimately, this case serves as a stark reminder of the importance of robust cybersecurity practices, including access control, monitoring, and incident response. The fact that Scheuer had the knowledge and access to carry out these attacks highlights the need for organizations to carefully manage employee access to sensitive systems, especially during and after termination. The potential for significant financial damage (as indicated by the restitution order) and the severe criminal penalties underscore the legal and financial ramifications of such cybercrimes.
Projects
Whitepapers
- 2025 Verizon DBIR – Read my breakdown here.
- The Sophos Annual Threat Report: Cybercrime on Main Street 2025
Videos
Articles
- China Names and Shames US Hackers, Calls Out 3 Alleged NSA Agents – Police in the Chinese city of Harbin say three NSA operatives disrupted the 2025 Asian Winter Games and hacked Huawei.
- Crosswalks hacked to play fake audio of Musk, Zuck, and Jeff Bezos – “Stop, look, and listen” is the standard advice we should allow follow when crossing the road – but pedestrians in some parts are finding that they cannot believe their ears – after a hacker compromised crosswalks to play deepfake audio mocking tech bosses Elon Musk, Mark Zuckerberg, and Jeff Bezos.
- DeepSeek Breach Opens Floodgates to Dark Web – The incident should serve as a critical wake-up call. The stakes are simply too high to treat AI security as an afterthought — especially when the Dark Web stands ready to capitalize on every vulnerability.
- Blue Shield of California leaked health data of 4.7 million members to Google – Blue Shield of California disclosed it suffered a data breach after exposing protected health information of 4.7 million members to Google’s analytics and advertisement platforms.
- FBI: US lost record $16.6 billion to cybercrime in 2024 – The FBI says cybercriminals have stolen a record $16,6 billion in 2024, marking an increase in losses of over 33% compared to the previous year.
- Cyberattack Knocks Texas City’s Systems Offline – The city of Abilene, Texas, is scrambling to restore systems that have been taken offline in response to a cyberattack.
- SK Telecom reveals cyberattack, customer USIM data stolen could be used in attacks – Scope and scale of SK Telecom attack still being investigated
- Verizon discovers spike in ransomware and exploited vulnerabilities – Verizon’s 2025 Data Breach Investigations Report noted a 37% increase in ransomware attacks and a 34% increase in exploited vulnerabilities.
- Former Disney employee who hacked Disney World restaurant menus in revenge sentenced to 3 years in federal prison – When a former Disney World employee was accused of changing the menus at Disney World restaurants, it made headlines. And in January, when he admitted to changing the menus — including information about allergy information that could have created serious health risks for diners — that also made headlines. Now Michael Scheuer, who faced 10 years in prison for fraud and an additional subsequent two years in prison for aggravated identity theft, has been sentenced.