Trust: People, Organizations, and Systems
10–13–2025 (Monday)
Hello, and welcome to The Intentional Brief - your weekly video update on the one big thing in cybersecurity for middle market companies, their investors, and executive teams.
I’m your host, Shay Colson, Managing Partner at Intentional Cybersecurity, and you can find us online at intentionalcyber.com.
Today is Monday, October 13, 2025, and it’s Thanksgiving Day in Canada, Columbus Day here in the US, and in many place, including Washington State, Indigenous People’s Day. For me? It’s another Monday.
Trust: People, Organizations, and Systems
There has been a string of interesting events over the past week that have caused me a bit of pause when it comes to how, and how much, we give trust to others - be they organizations, partners, or employees. I thought I’d work through a few of those events with you today in the hopes that it might help us both dole out this precious resource a bit more thoughtfully.
First, let’s talk about trusting organizations - in this case, US tech giant (and new TikTok US owner) Oracle. If you haven’t seen it, they suffered a second zero-day in their E-Business Suite being actively exploited by the ransomware gang Cl0p. That part’s not particularly unusual, as regular viewers of the show will no doubt be aware.
What is a bit unusual is that Oracle claimed to have patched this flaw in a July update, only acknowledging that it was still under active exploitation last week after collaborating with Mandiant and Google’s Threat Intelligence Group. Not exactly a trust-inspiring approach.
Meanwhile, those pesky threat actors carried out an active email extortion campaign in late September to leaders of companies whose data had been stolen. The emails, in part, read
“We have recently breached your Oracle E-Business Suite application and copied a lot of documents. All the private files and other information are now held on our systems.
But, don’t worry. You can always save your data for payment. We do not seek political power or care about any business.
We always fulfil [sic] all promises and obligations.”
Essentially, asking you to trust them!
Meanwhile, the supposedly retired group of threat actors known as Scattered Lapsus$ Hunters is offering a “crowdsourced extortion scheme” to put pressure on their victims - offering $10 in Bitcoin to anyone willing to harass senior executives of victim companies into paying their ransom.
Being run via their Telegram channel, this campaign notes:
“You have permission to endlessly harass these executives till they comply with us. When we tell you stop emailing a company or number of executives emails, you are to stop emailing them. This will be centralized and well operated.”
Again, asking both executives of victim companies and this band of mercenary harassers to place a great deal of trust in a group that has already gone back on their word at least once by un-retiring.
These are not the only trust channels being exploited this week, either. We saw new details in an FBI Affidavit of a retired Army Lt. Col. who gave secrets about US operations in Ukraine to a Russian asset on an online dating platform. The transcripts are, as the kids say, pretty cringe. He will spend the next 6 years in jail.
Finally, we also learned how attackers got ahold of 70,000 government issued IDs, and data on 5.5 million more customers: bribing a third-party customer service representative.
According to reports, the threat actors simply emailed the outsourced employees, located in SE Asia, offers of $500 for one-time proof that they had access, then a several thousand dollar lump sum payment in exchange for giving them access. This amount was noted as “astronomical” in that part of the world, allowing the person to “live comfortably for several years” in their country.
Hackers don’t break in, they log in - even if the creds cost them a few grand.
So, when we talk about the ideas of least privilege, of zero trust, these are the reasons we’re working so hard to operationalize them. Like everything in security, however, it’s a balance - and we don’t want to create a culture of fear or distrust. Rather, we need to create both a defense in depth and diversity of defense approach that allows us to manage these risks in such a way as to limit the impact if our trust is broken. Clearly trusting blindly isn’t the right plan. The right amount of trust is something that each of us need to figure out for ourselves, even if that’s through a bit of trial and error.
Fundraising
From a fundraising perspective, suddenly looking at a bang-up Q4, with this week alone putting up more than $52B in newly committed capital, including:
Bain Capital raised $14b for its 14th flagship PE fund;
Brookfield raised $20b for its second global energy transition fund;
Ares Management raised $5.3b for its third infrastructure secondaries fund; and more.
What this means for the macro market is anyone’s guess, as Fortune reports that US GDP growth in H1 2025 was almost entirely driven by AI - without which it would’ve been up just 0.1%. These companies account for 4% of the GDP but 92% of GDP growth.
Bubble? Some people are saying.
A reminder that you can find links to all the articles we covered below, find back issues of these videos and the written transcripts at intentionalcyber.com, and now sign up for our monthly newsletter, the Intentional Dispatch.
We’ll see you next week for another edition of the Intentional Brief.
Links
https://www.theregister.com/2025/10/06/clop_oracle_ebs_zeroday/
https://cyberscoop.com/extortion-email-clop-oracle-customers/
https://www.theregister.com/2025/10/06/scattered_lapsus_bitcoin_reward/
https://www.theregister.com/2025/10/03/scattered_lapsus_hunters_latest_leak/
https://abcnews.go.com/US/wireStory/retired-us-army-officer-sentenced-6-years-sharing-126406944
https://www.justice.gov/archives/opa/media/1340961/dl?inline