Svoboda Cybersecurity Brief July 01, 2025

Jul 01, 2025

National Healthcare Fraud Takedown Results in 324 Defendants Charged

The Justice Department announced charges against 324 defendants, including 96 medical professionals, for alleged participation in healthcare fraud schemes involving over $14.6 billion in intended loss. The operation, led by the Health Care Fraud Unit, involved transnational criminal organizations exploiting Medicare and Medicaid through identity theft,虚假 claims, and money laundering.
Source: DataBreaches

Swiss Health Foundation Radix Hit by Ransomware Attack

A ransomware attack on Swiss health foundation Radix compromised 1.3 TB of data, including federal administration records. The Sarcoma Group claimed responsibility, leaking data on the dark web, though slow download speeds hindered access.
Source: DataBreaches

Russian Hackers Sentenced for Crylock Ransomware Attacks

Two Russian hackers were sentenced to 7 and 5 years for deploying Crylock ransomware, earning €60 million in Bitcoin. The group used the malware to encrypt files and demand ransom, with over 60 million euros seized.
Source: DataBreaches

Bolton Walk-In Clinic Patient Data Leak Finally Secured

A backup with 54,000 image files and 877,000 PDFs of patient records from Bolton Walk-In Clinic was exposed online for 10 months. Despite repeated notifications, the clinic failed to act until law enforcement intervened.
Source: DataBreaches

SIM Swap Scam at French Bank Nets €1 Million

A Société Générale intern provided insider info to SIM swappers, who stole €1 million from 50 bank customers. The attackers impersonated victims to intercept OTPs and drain accounts.
Source: DataBreaches

Iranian Cyber Threats Target US Critical Infrastructure

CISA, FBI, and NSA warned of Iranian state-sponsored hackers targeting US defense and critical infrastructure, exploiting unpatched vulnerabilities and default passwords. Attacks include DDoS, ransomware, and data wipers.
Impact: Compromise of OT/ICS systems, espionage, and operational disruption.
Mitigation: Isolate OT systems, enforce MFA, patch vulnerabilities, and monitor for anomalies.
Source: BleepingComputer

Germany’s data protection commissioner requested Google and Apple remove DeepSeek AI for unlawfully transferring user data to China without GDPR safeguards. The app had 50 million downloads.
Source: BleepingComputer

Microsoft Defender Now Blocks Email Bombing Attacks

Microsoft Defender for Office 365 now automatically detects and blocks email bombing attacks, where threat actors flood inboxes to obscure critical messages or overwhelm systems.
Source: BleepingComputer

Over 1,200 Citrix Servers Unpatched Against Critical Auth Bypass

CVE-2025-5777 (Citrix Bleed 2) allows attackers to bypass authentication and hijack sessions. Over 1,200 Citrix NetScaler systems remain unpatched, with ReliaQuest confirming active exploitation.
Impact: Session hijacking, MFA bypass, and lateral movement.
Mitigation: Apply Citrix patches immediately and monitor for suspicious sessions.
Source: BleepingComputer

Hikvision Canada Ordered to Cease Operations Over Security Risks

Canada banned Hikvision’s operations, citing national security risks due to ties to the Chinese government. The company denied allegations, calling the decision politically motivated.
Source: BleepingComputer

Europol Dismantles €460M Crypto Fraud Ring

Spanish police arrested five individuals linked to a €460 million ($540 million) crypto investment scam targeting 5,000 victims. The ring used AI-generated deepfakes and laundered funds through Hong Kong.
Source: BleepingComputer

NASA Lacks Agency-Wide Cybersecurity Risk Assessment

GAO found NASA failed to perform an organization-wide cybersecurity risk assessment, leaving space systems vulnerable to data breaches and operational disruptions.
Source: SecurityWeek

Airoha Chip Vulnerabilities Expose Headphones to Takeover

Flaws in Airoha Bluetooth chips (CVE-2025-20700-20702) allow attackers to hijack headphones, eavesdrop, and extract call logs without pairing. Vendors have yet to patch affected devices.
Impact: Unauthorized access, data theft, and firmware manipulation.
Mitigation: Disable Bluetooth when not in use and await vendor updates.
Source: SecurityWeek

Scattered Spider Targets Aviation Sector

The FBI warned of Scattered Spider targeting airlines via social engineering, coinciding with breaches at Hawaiian Airlines and WestJet. The group leverages vendor compromises and MFA bypass techniques.
Source: SecurityWeek

Ahold Delhaize Data Breach Impacts 2.2 Million

A ransomware attack on Ahold Delhaize exposed 2.2 million records, including SSNs, health data, and employment details. The Inc Ransom group leaked 800 GB of data after the company refused to pay.
Source: SecurityWeek

Share this brief: https://svo.bz/V79e

If you want to support us, you can donate here: Donate