Svoboda Cybersecurity Brief May 17, 2025
May 17, 2025bulletproof VPN - stay anonymous
Alabama Man Sentenced for SEC X Hack Impacting Bitcoin Prices
An Alabama man has been sentenced to 14 months in prison for his role in the hack of the U.S. Securities and Exchange Commission’s (SEC) X account, which was used to post false information that caused a temporary spike in Bitcoin prices. The incident highlighted the risks of social media-driven market manipulation.
Source: DataBreaches.net
US Charges 12 More Suspects in $263M Crypto Theft RICO Case
Twelve additional defendants have been charged in a RICO conspiracy involving cryptocurrency thefts exceeding $263 million, money laundering, and home break-ins. The operation targeted victims through phishing and SIM-swapping attacks.
Source: DataBreaches.net
New Intel CPU Flaws Allow Memory Leaks and Spectre v2 Attacks
Researchers have disclosed new vulnerabilities in Intel CPUs, enabling memory leaks and Spectre v2 attacks. These flaws could allow attackers to bypass existing mitigations and access sensitive data.
Impact: Potential data exfiltration and side-channel attacks.
Mitigation: Apply Intel microcode updates and disable affected CPU features where possible.
Source: The Hacker News
Fileless Remcos RAT Delivered via LNK and MSHTA Attacks
A new fileless attack vector leverages LNK files and MSHTA to deliver the Remcos RAT using PowerShell, evading traditional detection methods. The campaign targets Windows systems by exploiting legitimate Microsoft utilities.
Impact: Remote access and data theft through stealthy infection.
Mitigation: Disable unnecessary scripting engines and enforce application whitelisting.
Source: The Hacker News
BreachForums Admin Ordered to Pay $700k Healthcare Breach Fine
Pompompurin, the administrator of BreachForums, has been ordered to pay $700,000 in restitution for facilitating the illegal sale of stolen healthcare data. The ruling underscores law enforcement’s focus on dark web marketplaces.
Source: DataBreaches.net
Ransomware Gangs Adopt Skitnet for Post-Exploitation
Ransomware groups are increasingly using Skitnet, a new post-exploitation malware, to maintain persistence and evade detection. The tool enables attackers to escalate privileges and exfiltrate data before deploying ransomware.
Impact: Long-term network compromise and double extortion.
Mitigation: Monitor for unusual lateral movement and enforce strict IAM policies.
Source: BleepingComputer
Hackers Exploit VMware ESXi and SharePoint Zero-Days at Pwn2Own
Researchers at Pwn2Own Berlin 2025 demonstrated zero-day exploits targeting VMware ESXi and Microsoft SharePoint, earning $260,000 in rewards. The vulnerabilities could lead to remote code execution and hypervisor escapes.
Impact: Full system compromise in virtualized environments.
Mitigation: Apply patches immediately or limit exposure by disabling affected features.
Source: BleepingComputer
CISA Flags Patched Chrome Zero-Day as Actively Exploited
The CISA has added a recently patched Chrome vulnerability to its list of actively exploited flaws. Attackers are leveraging the bug to execute arbitrary code via malicious web content.
Impact: Browser-based remote code execution.
Mitigation: Update to Chrome v113.0.5672.93 or later.
Source: BleepingComputer
HTTPBot Botnet Launches 200+ DDoS Attacks on Gaming and Tech
A new HTTPBot botnet has conducted over 200 precision DDoS attacks against gaming and tech companies, disrupting services with multi-vector assaults. The botnet employs evasive techniques to bypass defenses.
Impact: Service outages and financial losses.
Mitigation: Deploy DDoS mitigation solutions and monitor for traffic anomalies.
Source: The Hacker News
Russian APT Exploits Mail Servers for Government Espionage
A Russian state-backed APT group is exploiting vulnerabilities in mail servers to target government and defense organizations. The attacks involve credential theft and lateral movement for intelligence gathering.
Impact: Strategic data theft and long-term espionage.
Mitigation: Patch mail server software and enable MFA.
Source: SecurityWeek
Japan Enables Offensive Cyber Operations with New Active Cyberdefense Law
Japan has enacted the Active Cyberdefense Law, permitting offensive cyber operations to counter threats. The move reflects growing geopolitical tensions in cyberspace.
Source: DataBreaches.net
FBI Warns of Deepfake Messages Impersonating Senior Officials
The FBI has issued an alert about deepfake audio messages impersonating senior executives to orchestrate financial fraud. The campaign highlights the rising sophistication of AI-driven social engineering.
Impact: Financial fraud and reputational damage.
Mitigation: Verify requests via secondary channels and train staff on deepfake threats.
Source: SecurityWeek
Printer Maker Procolored Distributed Malware-Laced Drivers
Procolored, a printer manufacturer, unknowingly distributed malware-infected drivers for months. The compromised files included backdoors and coin miners, affecting thousands of users.
Impact: Device compromise and cryptojacking.
Mitigation: Verify driver hashes and use vendor-signed updates.
Source: BleepingComputer
Google Warns UK Retailer Hackers Expanding to US Targets
Google’s Threat Intelligence team reports that attackers initially targeting UK retailers have shifted focus to US businesses, using similar phishing and credential-stuffing techniques.
Impact: Account takeovers and financial fraud.
Mitigation: Enforce MFA and monitor for credential leaks.
Source: SecurityWeek
HHS Settles HIPAA Case with MRI Provider Over Cybersecurity Failures
The HHS Office for Civil Rights has settled with Vision Upright MRI over HIPAA violations stemming from inadequate cybersecurity controls. The provider agreed to implement auditing and encryption measures.
Source: DataBreaches.net
NATO’s Locked Shields Exercise Grows to 4,000 Participants
NATO’s Locked Shields 2025 cyber defense exercise has expanded to 4,000 participants, reflecting the alliance’s emphasis on collaborative resilience against large-scale cyberattacks.
Source: SecurityWeek
Share this brief: https://svo.bz/YUOC
If you want to support us, you can donate here: Donate