svoboda.center Logo svoboda.center

Svoboda Cybersecurity Brief April 28, 2025

Apr 28, 2025

bulletproof VPN - stay anonymous

Russian-Linked Hackers Attack Western New Mexico University

A Russian-speaking ransomware group Qilin has targeted Western New Mexico University, compromising employee payroll data, Social Security numbers, and driver’s licenses. The attackers threatened to leak the data unless a ransom is paid, though the breach is not yet listed on Qilin’s leak site.
Source: DataBreaches.net

SK Telecom Suffers Massive USIM Data Leak

South Korea’s SK Telecom reported a cyberattack leading to potential leaks of 23 million users’ USIM data, prompting free replacements. The company assured customers it would take full responsibility for damages, but no ransomware group has claimed responsibility.
Source: DataBreaches.net

Storm-1977 Deploys Crypto Miners via AzureChecker in Education Sector

Microsoft identified Storm-1977 using AzureChecker.exe for password-spraying attacks against education-sector cloud tenants, deploying 200+ crypto-mining containers. The tool retrieves target lists from an external server and leverages compromised credentials for unauthorized access.
Impact: Unauthorized resource consumption, financial loss, and potential data exposure.
Mitigation: Secure containers, monitor API requests, restrict untrusted registries, and patch vulnerabilities.
Source: The Hacker News

Coinbase Fixes Misleading 2FA Log Bug

Coinbase resolved an issue where failed password attempts were incorrectly labeled as 2FA failures, causing unnecessary user panic. The bug could have been exploited for social engineering attacks, but the update now shows accurate “Password attempt failed” logs.
Impact: User confusion and potential credential phishing risks.
Mitigation: Users should remain vigilant against unsolicited security alerts.
Source: BleepingComputer

Brave introduced Cookiecrumbler, an open-source tool leveraging LLMs and community review to block non-essential cookie notices without breaking site functionality. The backend tool crawls sites regionally but avoids user data exposure.
Source: BleepingComputer

Share this brief: https://svo.bz/rVA4

If you want to support us, you can donate here: Donate