- Exzec Cyber Newsletter
- Posts
- Breaches, Bears, and Fake Doctors
Breaches, Bears, and Fake Doctors
From stealthy Russian ops to AI-generated mayhem, here's your no-fluff, all-signal cyber rundown.
🧠 CyberFact of the Day:
In 2024, over 90% of cyberattacks began with a phishing email—proving that old tricks still work.
📬 This Week’s Clickables
🧨 LexisNexis Breached – Data brokers can't catch a break
🔓 Laundry Bear – Russian APT Hunting
🚨 Can’t Miss – Big breaches and zero-days you need to know
🤖 AI in Cyber – Deepfakes, phishing bots, and rogue AI agents
🛸 Strange Cyber – The fake doctor who scammed the internet
🚨 Big Stories This Week
😬 LexisNexis Data Breach Exposes 364,000 Individuals
The Intro
LexisNexis Risk Solutions disclosed a significant data breach affecting over 364,000 individuals, raising concerns about data broker security practices.
What Happened
An unauthorized party accessed sensitive personal data, including Social Security numbers and driver's license details, via LexisNexis' GitHub account.
Why It’s Important
The breach underscores the vulnerabilities inherent in data aggregation and the potential risks to individuals whose information is collected and stored by third-party brokers.
The Other Side
LexisNexis has notified law enforcement and is informing affected individuals, but the incident has reignited debates over data privacy and the need for stricter oversight of data brokers.
The Takeaway
Organizations must ensure robust security measures are in place, especially when handling vast amounts of personal data, to prevent unauthorized access and potential misuse.
TL;DR
LexisNexis suffered a breach compromising sensitive data of over 364,000 individuals; the incident highlights the need for stringent data security practices.
→ Related reading: The Verge, Security Week
🐻 New Russian APT Group Discovered: “Laundry Bear” Emerges
The Intro
A joint operation between Microsoft and the Dutch Military Intelligence and Security Service (MIVD) has uncovered a new Russian APT group named “Laundry Bear,” targeting logistics firms aiding Ukraine.
What Happened
On May 28, Microsoft and the Dutch government revealed the existence of a previously unknown threat actor—APT28-aligned “Laundry Bear”—that conducted a covert cyber-espionage campaign targeting the transportation and logistics sectors in NATO countries. Their mission? Collect intelligence on Western support for Ukraine through compromised IT networks.
Why It’s Important
This isn't just another Russian APT sighting—Laundry Bear has been quietly exploiting CVE-2023-23397, a zero-click Outlook vulnerability patched last year, to gain access to critical logistics systems. Their intrusion techniques allowed for deep lateral movement, raising concerns about future supply chain disruptions tied to geopolitical conflicts.
The Other Side
While attribution points heavily toward Russia’s GRU, Microsoft emphasized the challenges in making absolute identifications, and skeptics argue the motives may also involve economic espionage. Some experts believe the public disclosure is timed to send a deterrent signal ahead of NATO summits.
The Takeaway
APT operations are evolving to quietly infiltrate infrastructure rather than merely steal data. The quiet emergence of Laundry Bear reminds us that critical logistics and transportation networks are prime targets in modern geopolitical cyber warfare—and may already be compromised before anyone notices.
TL;DR
Microsoft and Dutch intelligence have revealed a new Russian hacking group, “Laundry Bear,” targeting NATO-aligned logistics firms through stealthy espionage tactics and zero-click vulnerabilities, showing a shift toward long-term strategic infiltration.
→ Related reading: CyberSecurity Dive, Bleeping Computer
🔥 Can’t Miss This Week
Roku Discloses Second Data Breach Affecting 576,000 Accounts:
Streaming service Roku reported a second data breach this year, compromising approximately 576,000 customer accounts, raising concerns about the company's security measures and incident response protocols.Healthcare Data Breaches Affect Over 560,000 Individuals: Four healthcare organizations reported significant data breaches compromising personal information of over half a million individuals, with ransomware groups claiming responsibility for these attacks.
Microsoft AI Security Chief Accidentally Reveals Walmart's AI Plans: During a protest at the Microsoft Build 2025 conference, Microsoft's head of AI security inadvertently disclosed confidential internal communications detailing Walmart's plans for expanding artificial intelligence implementation.
The Purge of CISA: Several senior leaders at CISA, including key figures in federal cyber defense and election security, are departing the agency amid a broader leadership reshuffle.
Hackers find Victoria’s Secret (data): Victoria’s Secret took its website offline following a suspected security incident, disrupting online sales as the company investigates the cause.
🤖 AI in Cyber
AI-Fueled Cybercrime May Outpace Traditional Defenses: Check Point warns that cybercriminals are increasingly leveraging AI, with one in 13 generative AI prompts containing potentially sensitive information, emphasizing the need for defenders to adopt AI-driven security measures.
93% of Security Leaders Anticipate Daily AI Attacks by 2025: A Netacea survey reveals that 93% of security leaders expect daily AI-driven cyberattacks by 2025, with AI-powered ransomware and phishing being primary
AI Enhances Social Engineering Attacks: Google Cloud's forecast indicates that AI is making social engineering attacks more sophisticated, enabling cybercriminals to craft highly convincing phishing and deepfake content for espionage and fraud.
AI Voice Cloning Bypasses Bank Security: AI-generated voices can now trick bank voice authentication systems, leading to unauthorized access.
AI-Powered Malware Evades Detection: Adaptive malware using AI techniques accounted for 58% of global malware incidents in 2024, posing new challenges for cybersecurity defenses.
AI Agents Pose Security Risks: A study revealed that 23% of IT professionals reported AI agents being tricked into revealing access credentials, highlighting the need for stringent oversight.
🧟♂️ Strange Cyber Story of the Week
Deepfake Scams Exploit Trusted Faces
The Intro
Scammers are leveraging deepfake technology to impersonate trusted figures, promoting fraudulent products and schemes.
What Happened
A deepfake video of Dr. Norman Swan was used to endorse untested supplements, deceiving viewers into purchasing ineffective treatments.
Why It’s Important
The misuse of deepfakes undermines public trust and poses significant risks to consumer safety and brand integrity.
The Other Side
Social media platforms and regulatory bodies are working to detect and remove deepfake content, but challenges remain due to the technology's sophistication.
The Takeaway
Consumers should remain vigilant and verify the authenticity of endorsements, especially those involving health-related products.
TL;DR
Deepfake videos are being used to impersonate trusted figures, promoting fraudulent products; consumers must exercise caution and verify endorsements.
→ Related reading: ABC AU
Thanks for reading this week’s edition. Like what you see? Forward it!
Hate everything you see or have other feedback? Reply back to this email!