Cyber Security News Daily Recap

Cybersecurity News | Daily Recap [08 Aug 2025]

admin
Cybersecurity News | Daily Recap [08 Aug 2025]

Recent cybersecurity incidents highlight significant data breaches, with Optus, Columbia University, and Bouygues Telecom exposed to public scrutiny and legal penalties. Efforts to disrupt ransomware gangs like BlackSuit/Chaos and the threat of malware such as SocGholish and GreedyBear demonstrate ongoing threats and evolving attack techniques. #BlackSuit #SocGholish

Daily Cybersecurity Recap

Data Breaches & Disclosures

  • Australia’s regulator is pursuing civil penalties against Optus over the 2022 breach that exposed millions of customers’ personal data, highlighting legal fallout from poor data security – Optus Penalty
  • A major incident at Columbia University exposed sensitive records for roughly 860k–870k individuals, prompting credit monitoring offers and investigations into a politically-motivated actor – Columbia Breach, Columbia Breach, Columbia Breach
  • French telco Bouygues Telecom confirmed a breach affecting about 6.4M customers’ contact and contract details while authorities investigate the scope – Bouygues Breach, Bouygues Breach
  • Air France and KLM disclosed customer data exposure after a third-party platform hack linked to ShinyHunters, underscoring third-party supply-chain risk – Air France/KLM
  • Roundup: assorted incidents including an Amazon ECS privilege escalation, the Alera Group breach, and urgent Exchange responses illustrate continuing enterprise exposure – In Other News

Ransomware & Law Enforcement

  • U.S. and international ops disrupted the gangs behind BlackSuit/Royal (rebranded as Chaos), which hit 450+ organizations and extorted over $370M, demonstrating major takedown progress – BlackSuit Takedown, BlackSuit Takedown
  • A new EDR-killer from RansomHub is being used by at least eight ransomware groups to disable endpoint protections using obfuscated drivers and stolen certificates, raising detection concerns – EDR Killer
  • North Korea-linked group ScarCruft added the VCD ransomware to its toolkit, signaling an increased blend of espionage and financially-motivated disruption – ScarCruft Ransom

Malware & Supply-Chain Attacks

  • Ad networks and Traffic Distribution Systems are being abused to push SocGholish and loaders that chain into LockBit, Evil Corp and other payloads, amplifying drive-by compromise risk – SocGholish Spread
  • Malicious developer packages on RubyGems, PyPI and NPM have been found stealing credentials, hijacking crypto staking and even embedding destructive data‑wiping logic, forcing registry security changes – Malicious Packages, Malicious Packages
  • The GreedyBear campaign infiltrated Mozilla’s add‑ons with 150+ fake wallet extensions that drained crypto (using techniques like Extension Hollowing) and deployed AI-generated scams across platforms – GreedyBear, GreedyBear

Vulnerabilities & Patching

  • CISA ordered federal agencies to urgently patch CVE-2025-53786 in Microsoft Exchange to prevent potential domain compromises and limited-logging stealth attacks – Exchange Patch
  • Microsoft will block insecure FPRPC file-access in Microsoft 365 apps for Windows by default starting late August 2025, with admin controls for re-enablement to reduce legacy-protocol risk – FPRPC Block
  • SonicWall says recent SSLVPN attacks exploited a known flaw CVE-2024-40766 (not a zero‑day), stressing patching and correct password handling after Akira ransomware activity reports – SonicWall Flaw, SonicWall Flaw

Threat Actors & Account Risks

  • Decentralized actor Scattered Spider continues to exploit social engineering, insider help‑desk abuse and account takeovers, underlining the need for robust human‑centric defenses – Scattered Spider
  • Leaked credentials are up 160%, increasingly driving breaches and highlighting the importance of credential monitoring, MFA and rapid incident response – Credential Spike

Legal, Policy & Judiciary

  • U.S. federal courts are tightening digital security after PACER exposures to better protect sensitive case documents amid an escalation in targeted attacks – Judiciary Security
  • Germany’s top court limited law enforcement spyware use to investigations of serious crimes, reinforcing privacy and fundamental-rights protections against broad device surveillance – Spyware Ruling

Space & Infrastructure Risk

  • Researchers warn insecure open‑source satellite management software can be hacked to manipulate or disable satellites, raising fresh national‑security and supply‑chain concerns for space operators – Satellite Hacks

Events & Vendor Changes

  • Black Hat USA 2025 vendor announcements highlighted AI-driven detection, risk management and resilience tools, showing continued vendor investment in advanced security tech – Black Hat
  • Microsoft will retire the Lens PDF scanner app on iOS/Android by December 2025 and encourage migration to Microsoft 365 Copilot, affecting mobile scanning workflows – Lens Retirement

Cybersecurity News | Daily Recap – hendryadrian.com

SHARE THIS STORY

WhatsAppX (Twitter)TelegramBlueskyFacebookLinkedInThreadsEmailPrint