Cyber Security News Daily Recap

Cybersecurity News | Daily Recap [13 Jun 2025]

admin
Cybersecurity News | Daily Recap [13 Jun 2025]

Recent cybersecurity updates highlight ongoing ransomware exploits such as SimpleHelp vulnerabilities exploited by DragonForce and the Fog ransomware attack linked to APT41, along with major data breaches like McLean Mortgage involving Black Basta. Privacy concerns have also intensified with Apple patching zero-click spyware vulnerabilities and the emergence of Predator spyware infrastructure in Mozambique. Hashtags: #SimpleHelp #DragonForce #FogRansomware #APT41 #McLeanMortgage #BlackBasta #GraphiteSpyware #PredatorSpyware

Ransomware & Exploits

  • SimpleHelp vulnerabilities continue to be exploited by ransomware gangs like DragonForce, targeting utility billing software users with double extortion attacks, prompting CISA warnings and urgent patching recommendations – SimpleHelp Ransomware, SimpleHelp Exploits, SimpleHelp Unpatched
  • The Fog ransomware attack on an Asian financial organization employed unusual espionage tools and persistent access tactics, linking the activity to APT groups like APT41Fog Ransomware, Fog Espionage
  • McLean Mortgage disclosed a data breach affecting over 30,000 individuals’ financial and personal information, with the Black Basta ransomware group claiming responsibility – McLean Mortgage Breach

Spyware & Surveillance

  • Apple patched a critical zero-click vulnerability exploited by Paragon’s Graphite spyware targeting journalists via iOS Messages, revealing state-sponsored surveillance operations – Apple Zero-Click Flaw, Graphite Spyware, Paragon Graphite Spyware
  • Further investigations uncovered extensive Graphite spyware targeting European journalists, with potential ties to Italian government surveillance – Paragon Spyware Escalation
  • Predator spyware infrastructure was detected for the first time in Mozambique, indicating ongoing use despite U.S. sanctions, with links to the Intellexa ConsortiumPredator Spyware Mozambique

Vulnerabilities & Patches

  • Trend Micro patched multiple critical remote code execution and authentication bypass vulnerabilities across Apex Central and Endpoint Encryption products, with no reported exploits yet – Trend Micro Patches, Trend Micro Flaws Fixed
  • Mitel issued patches for a critical remote exploit in MiCollab NuPoint Unified Messaging component affecting over 20,000 instances exposed to remote hacking risks – Mitel MiCollab Vulnerability

Cloud & Service Disruptions

  • Cloudflare and Google Cloud experienced widespread outages caused by third-party failures; Cloudflare confirmed no data loss and ongoing recovery efforts – Cloudflare & Google Outages, Cloudflare Outage Details
  • Microsoft 365 users across EMEA and Asia Pacific faced authentication issues related to recent MFA configuration changes, with ongoing investigations and fixes underway – Microsoft Auth Issues
  • Surface Hub v1 devices encountered Secure Boot errors due to Windows update KB5060533, prompting mitigations and further investigations by Microsoft – Surface Hub Update Issue

Cybersecurity Policy & Strategy

  • Industry experts debated President Trump’s revised cybersecurity executive order focusing on software security, quantum cryptography, and digital identities, with mixed views on its impact – Trump Cyber EO Reactions
  • Continuous Threat Exposure Management (CTEM) emerges as a modern alternative to traditional SOCs, promoting risk-based and proactive security approaches over alert monitoring – CTEM vs SOC
  • CISA released comprehensive guidance to protect network edge devices including firewalls, routers, and IoT systems, focusing on vulnerability mitigation and secure deployment – CISA Edge Security Guide

Cybercrime & Threat Actor Activity

  • The Belarusian hacktivist group Cyber Partisans responded defiantly to Kaspersky’s detailed report on their politically motivated cyber operations targeting Belarus and Russia – Belarusian Hackers Taunt Kaspersky
  • A global scam network operated by the VexTrio malware and associated TDS platforms exploit compromised WordPress sites and adtech networks for malware distribution and fraud – VexTrio Scam Network
  • A large-scale account takeover campaign abusing the TeamFiltration framework targets Microsoft Entra ID users using password spraying and OAuth abuse via AWS and Microsoft Teams APIs – TeamFiltration Campaign
  • Nytheon AI, an open-source uncensored large language model, is gaining popularity on hacking forums, raising security concerns around misuse and multimodal attacks – Nytheon AI Threats

Privacy & Data Protection

  • The 23andMe privacy ombudsman urged the company to obtain explicit consumer consent before selling genetic data, spotlighting privacy issues in genetic data commercialization – 23andMe Consent Advice
  • Victoria’s Secret restored critical systems after a cyberattack in May attributed to groups like Scattered Spider and DragonForce, with a limited impact expected on financial results – Victoria’s Secret Recovery

Funding & Innovation

  • Open source silicon security startup ZeroRISC secured $10 million to advance supply chain integrity and device security solutions based on the OpenTitan project – ZeroRISC Funding

AI & Deepfakes

  • AI-driven voice deepfakes are increasingly used to commit fraud in financial sectors, prompting continuous improvements in AI detection technologies to counteract them – Deepfake AI Arms Race

Cybersecurity News | Daily Recap – hendryadrian.com

SHARE THIS STORY

WhatsAppX (Twitter)TelegramBlueskyFacebookLinkedInThreadsEmailPrint