Friday Wrap Up: 15 Aug 2025
🚨 Friday Wrap Up highlights this week
From cars remotely unlocked to state-backed hacks — attackers didn’t take a summer break.
🚗 Car dealership portal flaw let anyone unlock vehicles remotely.
🏛 Russian hackers breached U.S. federal court filing system.
🛠 Microsoft patched Kerberos zero-day; Cisco fixed CVSS 10 flaw.
🕵️ Crypto24 ransomware using custom EDR evasion tools.
📻 TETRA radio encryption flaws exposed law enforcement comms.
💾 Hackers leaked 9GB from alleged North Korean hacker’s PC.
🧑💻 Teen hackers reframed as untapped cyber talent.
📌 Full breakdown & sources in this week's Friday Wrap Up — because in cyber, “TL;DR” can turn into “Too Late, Data’s Released.”
🚨 Major Cyberattacks & Incidents
This week brought high-profile breaches, ransomware attacks, and large-scale data leaks that highlight just how quickly criminal groups adapt — and how costly lapses in security can be.
🚗 Dealership portal flaw exposed car and personal data, even allowing remote unlocking of vehicles (Published on 8/11/2025, Malwarebytes). Read More
🏦 Hackers leak Allianz Life data from Salesforce breach, exposing 2.8M sensitive records (Published on 8/12/2025, BleepingComputer). Read More
🏛️ Russian state hackers linked to U.S. federal court filing system breach (Published on 8/12/2025, TechCrunch). Read More
📡 Colt Telecom outage claimed by WarLock ransomware, data offered for sale (Published on 8/15/2025, BleepingComputer). Read More
🛡️ Malware & Vulnerabilities
From patched zero-days to brute-force campaigns, this week’s vulnerabilities show how attackers blend technical precision with opportunistic timing.
🔐 Microsoft fixes Kerberos zero-day among 111 vulnerabilities in August Patch Tuesday (Published on 8/13/2025, The Hacker News). Read More
🔄 New brute-force campaign targets Fortinet SSL VPNs in coordinated attack (Published on 8/13/2025, Hackread). Read More
🛠️ Cisco patches CVSS 10.0 flaw in FMC RADIUS allowing remote code execution (Published on 8/15/2025, The Hacker News). Read More
🎞️ Plex urges users to patch immediately after new vulnerability disclosure (Published on 8/15/2025, BleepingComputer). Read More
💻 Ransomware & Data Recovery
Ransomware groups continue to evolve, but defensive breakthroughs prove that criminals aren’t untouchable.
🔓 Researchers crack DarkBit ransomware, enabling free victim data recovery (Published on 8/11/2025, BleepingComputer). Read More
🕵️ Crypto24 ransomware hits large organizations using custom EDR evasion tools (Published on 8/14/2025, BleepingComputer). Read More
📜 LockBit 4.0 leak reveals risks and inner workings of RaaS operations (Published on 8/13/2025, Dark Reading). Read More
🔍 Espionage & Data Extraction
Cyber-espionage this week crossed borders and industries, proving that data theft isn’t always about money — sometimes it’s about intelligence.
💾 Hackers leak 9GB of data stolen from alleged North Korean hacker’s computer (Published on 8/11/2025, Hackread). Read More
🖥️ CrossC2 extends Cobalt Strike beacons to Linux and macOS for wider reach (Published on 8/14/2025, The Hacker News). Read More
📡 Vulnerability Research & Industry Analysis
Researchers continued to uncover protocol flaws and push for better cyber readiness across industries.
📻 TETRA encryption flaws expose law enforcement communications to interception (Published on 8/11/2025, The Hacker News). Read More
🪤 Downgrade attack lets phishing kits bypass FIDO authentication protections (Published on 8/14/2025, Dark Reading). Read More
🔧 Widespread exploitation of Erlang/OTP vulnerability targets OT networks (Published on 8/12/2025, SecurityWeek). Read More
👥 AI, Policy & Cyber Workforce
This week’s insights urge the security community to rethink its approach to talent — especially among unconventional entrants.
🧑💻 Teen hackers seen as a wake-up call, not just a problem (Published on 8/15/2025, ComputerWeekly.com). Read More
Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!