Svoboda Cybersecurity Brief December 08, 2025

Anubis RaaS Targets US Medical Sector with Encrypted Attacks

Anubis ransomware-as-a-service has attacked Mid South Pulmonary & Sleep Specialists (MSPS), encrypting systems and exfiltrating 860 GB of sensitive data, including PHI and PII. The group claims to have leaked 300 GB of the stolen data, which includes patient records and insurance details. Five other US healthcare entities were also listed on Anubis’ leak site, with little public disclosure from victims.
Source: DataBreaches.net

LockBit 5.0 Infrastructure Exposed Shortly After Relaunch

LockBit 5.0’s new infrastructure, including its domain (karma0[.]xyz) and IP (205.185.116.233), was leaked alongside vulnerabilities in its setup. The group also reposted old victim data, undermining its credibility.
Impact: Exposed infrastructure increases disruption risks for LockBit’s operations.
Mitigation: Defenders should block the IP/domain and monitor for further leaks.
Source: DataBreaches.net

Portugal Grants Legal Safe Harbor for Security Researchers

Portugal updated its cybercrime law to exempt good-faith security research if conditions like no economic gain, prompt disclosure, and minimal disruption are met. Similar to Germany’s 2024 draft law and the US DOJ’s CFAA exemption.
Source: BleepingComputer

Dutch Municipality Leaks Addresses of Asylum Center Opponents

Nuenen, Netherlands, accidentally shared 1,000 addresses of residents opposed to an asylum center, exposing indirectly identifiable data. No names were leaked, but the incident qualifies as a breach.
Source: DataBreaches.net

Delayed Breach Notifications Remain a Systemic Issue

Analysis highlights persistent delays in breach notifications, with HIPAA violations rarely penalized despite 60-day deadlines. Over 50% of medical breaches involving ransomware leaks go unreported for months, risking patient data misuse.
Source: DataBreaches.net

Share this brief: https://svo.bz/f6SK