🛡️ MIS CyberShield: September 2025 NewsletterYour Monthly Cybersecurity Brief from

🛡️ MIS CyberShield: September 2025 Newsletter

Your Monthly Cybersecurity Brief from Martins Information Security

🚨 Top Cyber Threats & Breaches (with deeper insight)

MGM Resorts Data Breach Fallout

MGM’s breach in September 2025 continues to send shockwaves through the hospitality industry. Systems across gaming, loyalty programs, and hotel operations were disrupted—reportedly allowing attackers to access guest PII, payment card metadata, and internal logs.

• Little-known detail: Some of the leaked data include anonymized session tokens, which, when correlated with loyalty account data, could help attackers pivot toward account takeover.

• Actionable guidance: If your business is in hospitality or handles guest/customer loyalty systems, review your token management, rotate session keys, and ensure your APIs are rate-limited and monitored for unusual access patterns.

• More on breach response: See the FTC’s Business Guidance on Data Breaches for mandatory breach notification rules and best practices → FTC: Business Advisories

Healthcare Sector Under Siege

The Rhysida ransomware group has been particularly active this month, targeting multiple U.S. health systems and publishing leaked medical records. Some facilities were forced to divert ambulances or delay treatments.

• Lesser-known insight: In several cases, attackers used shadow indicators—i.e. malware that sits idle for weeks, bypassing standard antivirus scans.

• Recommendations for healthcare orgs:

  
  

  1. Use Endpoint Detection & Response (EDR) tools that catch low-and-slow behaviors.

  2. Implement immutable backups (data snapshots that can’t be altered after creation).

  3. Conduct red-teaming drills simulating lateral movement via “sleeping” malware.

• 
  

🧠 MIS Education Corner: Deep Dive into Supply Chain Attacks

Many organizations believe their perimeter is secure — yet attackers frequently exploit vendors, contractors, or software dependencies to gain a foothold.

Attack vector example:

• A third-party plugin for a popular content management system had a zero-day SQL injection vulnerability. Attackers exploited it to pivot into client networks.

• In another case, credentials from a small accounting vendor (with weak MFA policies) were used to infiltrate a law firm’s network and then move laterally to full client data systems.

Best practices to bolster your supply chain security:

• Require cybersecurity audits for vendors handling sensitive data or system access.

• Insist on segmented access—vendors get only the minimum necessary permissions (ideally via just-in-time provisioning).

• Monitor vendor connections via network anomaly detection (e.g. unusual hours, unusual data volume).

• Include cyber insurance and breach indemnification clauses in vendor contracts.

💡 Small Business Spotlight: Don’t Underestimate Cyber Insurance

Cyber insurers are tightening terms. Many are now denying claims if the insured lacks basic safeguards such as MFA, log retention, endpoint protection, and regular vulnerability scans.

What you should verify in your policy:

• Does it require evidence of penetration testing or third-party audits?

• Are ransomware payments covered, or do they exclude certain types of ransomware?

• What forensic and legal services are included? Some policies include breach coaching and PR support.

• Do they accept logs and SIEM data as proof in case of claim disputes?

Want help assessing your readiness?

MIS offers Cyber Insurance Readiness Assessments tailored to your policy requirements. Just email us at mmartin@martinsinfosec.com or schedule a call via our site → Schedule Consultation.

📁 Featured Case Study: Legal Services Firm (Extended)

Client: A mid-sized law firm with multiple external vendor integrations

Initial Weakness:

• Vendor credential compromise led to unauthorized access

• No micro-segmentation; vendors had broad network privileges

MIS Intervention:

1. We instituted a Zero Trust network architecture (ZTNA) so that vendor access was limited in time and scope.

2. We deployed privileged access management (PAM) to control what vendors could see or do.

3. We conducted continuous vendor auditing (automated logs, alerting on unusual behavior).

Outcome (90-day snapshot):

• Vendor-related security risks dropped by 73%.

• Phishing attempts leveraging vendor trust dropped by 65%.

• The firm passed a surprise compliance audit without any major findings.

📅 Upcoming Webinar & Events

Webinar: Defending Against Supply Chain Attacks

🗓 Date: October 18, 2025

🕒 Time: 12:30 PM CST

📍 Live on Zoom

🔗 Register here → Register for MIS Webinar

Bonus: All registrants get a free Vendor Risk Checklist PDF to audit their third-party connections.

🔧 MIS Services Spotlight

Compliance Consulting & Readiness

Whether you’re dealing with HIPAA, PCI-DSS, NIST, or CMMC, MIS helps you map, plan, and implement. We convert complex frameworks into practical workflows and policies your team can follow.

📨 Reach out via mmartin@martinsinfosec.com

📱 Or call directly at (469) 768-3724

Incident Response & Forensics

Suspecting a breach? Our DFIR (Digital Forensics & Incident Response) team can help accelerate containment, preserve evidence, and support recovery.

🔗 Learn more: MIS Incident Response Services

🔐 Quick Cyber Tip of the Month

“Pre-attack your incident plan.”

Most organizations prepare for recovery after a breach—but the real differentiator is preparedness before the breach. Do tabletop exercises with leadership, test your forensic capabilities, and simulate real breach timelines so your team knows how to act under pressure.

🧭 About MIS

Martins Information Security (MIS) is your trusted cybersecurity partner. We deliver tailored solutions—penetration tests, compliance mapping, incident response, and strategic security leadership—for clients in finance, healthcare, legal, and government sectors.

🌐 Visit us: www.martinsinfosec.com

📞 Call: (469) 768-3724

✉️ Email: mmartin@martinsinfosec.com