Checklist 443: Why Anti-Phishing Training Isn’t Working

October 3, 2025 • 4 min read

Ransomware Fallout: From Taxpayer Burdens to Global Supply Chains

The human toll of ransomware remains steep, with IT professionals at breached organizations reporting stress, guilt, and overwhelming workloads. But beyond personal costs, governments and taxpayers are increasingly footing the bill for recovery.

In Nevada and St. Paul, taxpayer resources continue to be funneled into ongoing cyberattack recoveries, even as agency websites come back online.

Meanwhile in the U.K., the government has stepped in with a massive bailout for Jaguar Land Rover (JLR). According to TechCrunch, London will guarantee a £1.5 billion ($2 billion) commercial loan to stabilize the automaker after a hack shut down production lines and jeopardized 250,000 jobs across its supply chain. This despite JLR posting £2.5 billion (~$3.4 billion) in pre-tax profit in 2024. Experts warn the move risks sending the wrong message: that the government will rescue companies who underinvest in cybersecurity, potentially emboldening threat actors.

In Japan, The Register reports that beer giant Asahi has shuttered its distribution and call center systems following a cyberattack. While the company has not confirmed whether ransomware is to blame, it acknowledged a “system failure caused by a cyberattack” with no clear recovery timeline. Officials said no customer or commercial data had been stolen, though experts caution it may be too early to rule out data exfiltration. Asahi’s name has not appeared on ransomware dark web leak sites, though negotiations may still be underway.

Study Finds Phishing Training Fails to Protect Employees

A new study from UC San Diego has cast doubt on the effectiveness of corporate phishing awareness programs, finding little to no improvement in employee resistance to scam emails.

According to ZDNet, researchers analyzed results from 10 simulated phishing campaigns sent to over 19,500 employees at UC San Diego Health across eight months. The findings showed no significant difference between those who had recently completed required training and those who had not. Employees who underwent phishing training were only 2% less likely to click on a malicious link.

The implications are serious. Phishing was the leading cause of ransomware in 2025, fueled by info-stealing malware and AI-driven attack tools. Reported phishing incidents rose sharply, cited by 35% of affected organizations — up from 25% in 2024.

Researchers attribute the failure not to employees, but to uninspiring, low-engagement training methods. Many corporate sessions are brief, passive, and poorly interactive. “When there is no engagement with learning materials, it’s unsurprising that there is no impact,” the study noted.

The researchers suggest strengthening defenses through mandatory multi-factor authentication (MFA) and stricter controls against credential sharing. For training to work, companies should rethink their approach — adopting more interactive, engaging formats such as tabletop exercises, in-person seminars, or gamified learning.

Apple ships a flurry of “.0.1/.0.2” updates — one bug fix, one CVE, lots of cleanup

Apple kicked off the week with small but widespread OS updates across iPhone, iPad, Mac, Apple Watch, Apple TV, and Vision Pro. On iPhone, iOS 26.0.1 tackles early pain points on new models, including Wi-Fi/Bluetooth drop-offs, a rare cellular outage after upgrading to iOS 26, camera artifacts under certain lighting, blank app icons with custom tints, and a VoiceOver issue.

On the Mac, macOS Tahoe 26.0.1 fixes a specific blocker that kept some Mac Studio (M3 Ultra) owners from installing Tahoe, clearing a failed hardware check that aborted upgrades.

For older iPhones and iPads that haven’t moved to iOS/iPadOS 26, Apple also pushed iOS/iPadOS 18.7.1 to deliver the same security remediation.

Security-wise, Apple’s notes emphasize “bug fixes and important security updates,” but the marquee issue this round is a FontParser vulnerability (CVE-2025-43400): “processing a maliciously crafted font may lead to unexpected app termination or corrupt process memory.” Apple addressed this across iOS/iPadOS 26.0.1, macOS 26.0.1, and visionOS 26.0.1; watchOS 26.0.2 and tvOS 26.0.1 received bug fixes (with tvOS also correcting an A/V sync issue).

What to do now: If you’re on 26, install 26.0.1/26.0.2 on all devices; if you’re staying on the 18/15/14 tracks, grab 18.7.1 / 15.7.1 / 14.8.1 to pick up the FontParser fix.