Svoboda Cybersecurity Brief August 14, 2025
Aug 14, 2025bulletproof VPN - stay anonymous
National Public Data leak resurfaces with sensitive personal data
A previously infamous data leak site, National Public Data, has reappeared with detailed personal information including Social Security numbers and phone numbers. The site, linked to a massive breach exposing 272 million SSNs in 2024, now offers opt-out functionality but poses ongoing privacy risks.
Source: DataBreaches
Russia suspected in federal court filing system breach
Investigators found evidence linking Russia to a years-long breach of the U.S. federal court document system (CM/ECF), potentially exposing sensitive national security case information. The attack targeted cases involving individuals with Russian/Eastern European surnames, highlighting systemic security gaps in decentralized court systems.
Source: DataBreaches
FortiSIEM critical RCE vulnerability actively exploited
Fortinet warns of CVE-2025-25256, a critical (CVSS 9.8) pre-auth RCE flaw in FortiSIEM versions 5.4 through 7.3.1, with exploit code circulating in the wild. The vulnerability allows unauthenticated command execution via crafted CLI requests on port 7900 (phMonitor).
Impact: Full system compromise for government and enterprise security monitoring systems.
Mitigation: Immediate upgrade to patched versions (7.3.2, 7.2.6, etc.) or restrict access to port 7900.
Source: BleepingComputer
Dutch medical lab pays millions in ransomware attack
Clinical Diagnostics laboratory in the Netherlands paid a multi-million euro ransom to Nova ransomware group after stolen patient data was threatened with public release. The attack disrupted operations and exposed sensitive medical records, showcasing ransomware’s impact on healthcare.
Source: DataBreaches
FIDO authentication bypass in Microsoft Entra ID
Researchers demonstrated a downgrade attack spoofing unsupported browsers (e.g., Safari on Windows) to bypass FIDO authentication in Microsoft Entra ID, forcing fallback to weaker methods like SMS or Authenticator app. The attack enables phishing and session hijacking despite FIDO’s phishing-resistant design.
Impact: Compromise of supposedly secure accounts protected by passkeys.
Mitigation: Disable fallback authentication methods or implement additional verification steps.
Source: BleepingComputer
Charon ransomware targets Middle East with APT tactics
A new ransomware family “Charon” attacked Middle Eastern aviation and public sectors using DLL sideloading and EDR evasion tactics resembling Chinese APT groups. The malware terminates security services, deletes backups, and includes an unfinished BYOVD driver for EDR disabling.
Source: TheHackerNews
Pennsylvania AG systems down after cyberattack
The Pennsylvania Attorney General’s office suffered a cyberattack disrupting email, phones, and website access since August 12. The incident shows signs of a ransomware attack, with two vulnerable Citrix NetScaler devices (CVE-2025-5777) taken offline in July-August.
Source: BleepingComputer
PS1Bot malware campaign uses malvertising
A new campaign delivers PS1Bot malware via malvertising, featuring in-memory execution of PowerShell/C# modules for info-stealing, keylogging, and persistence. The framework shares technical overlaps with AHK Bot malware used by APT groups.
Source: TheHackerNews
Microsoft fixes Kerberos zero-day (CVE-2025-53779)
August Patch Tuesday addressed 111 flaws including publicly known Kerberos privilege escalation (CVE-2025-53779) that enables domain admin escalation via dMSA object abuse. Originally disclosed as “BadSuccessor” in May 2025.
Impact: Active Directory domain compromise via delegation abuse.
Mitigation: Apply Windows updates and audit dMSA configurations.
Source: TheHackerNews
Critical flaws in Zoom and Xerox products
Zoom patched CVE-2025-49457 (CVSS 9.6), a Windows client privilege escalation via untrusted search path. Xerox fixed FreeFlow Core vulnerabilities including CVE-2025-8356 (CVSS 9.8), a path traversal allowing RCE in version 8.0.4.
Source: TheHackerNews
Share this brief: https://svo.bz/RHsv
If you want to support us, you can donate here: Donate