svoboda.center Logo svoboda.center

Svoboda Cybersecurity Brief June 15, 2025

Jun 15, 2025

bulletproof VPN - stay anonymous

WestJet Investigating Cyberattack Disrupting Internal Systems

WestJet, Canada’s second-largest airline, is investigating a cyberattack that disrupted access to internal systems and its mobile app. The company has activated specialized teams and is working with law enforcement to mitigate impacts, though operational safety remains intact. The attack’s nature (ransomware or preventive shutdown) is unconfirmed.
Source: BleepingComputer

Anubis Ransomware Now Includes File-Wiping Feature

The Anubis ransomware-as-a-service (RaaS) has added a wiper module that irreversibly destroys files (reducing size to 0 KB) using the /WIPEMODE command. The ransomware uses ECIES encryption, terminates interfering processes, and excludes critical system directories to maintain system usability. Impact: Data recovery impossible even if ransom is paid. Mitigation: Regular backups, endpoint detection, and phishing awareness.
Source: BleepingComputer

Discord Invite Hijacking Delivers AsyncRAT and Skuld Stealer

Attackers exploit Discord’s vanity invite system to hijack expired/deleted links, redirecting users to malicious servers. Victims are tricked into executing PowerShell commands that deploy AsyncRAT (for remote access) and Skuld Stealer (targeting crypto wallets via wallet injection). Impact: Theft of sensitive data, including crypto credentials. Mitigation: Verify invite links, avoid pasting suspicious commands, and monitor wallet integrity.
Source: The Hacker News

Two Indian Hospitals Hacked, Patient Data Compromised

Servers at Sant Parmanand Hospital and NKS Super Speciality Hospital in Delhi were breached, disrupting operations and exposing patient/financial records. Police filed an FIR under India’s IT Act, though attackers remain unidentified. No ransom demands or leak site postings have been confirmed.
Source: DataBreaches.net

Plastic Surgeons’ Negligence in Securing Patient Nude Photos Questioned

Plastic surgery clinics storing nude patient photos with identity data in plaintext face scrutiny amid rising cyberattacks. A lawsuit against Hankins & Sohn Plastic Surgery alleges negligence after a 2023 phishing attack led to leaked patient data. Threat actors plan to publish 10,000+ patient records.
Source: DataBreaches.net

Share this brief: https://svo.bz/Jvhd

If you want to support us, you can donate here: Donate