NEWS ROUNDUP – 21st August 2025 – Digital Forensics Magazine

Monday, September 22 2025

DFM News Roundup

🔍 Digital Forensics & Incident Response

Citizen Lab reveals widespread VPN app security flaws: Nearly two dozen Android VPN apps contain shared code and weak encryption—risks extend beyond traditional endpoints. (SecurityWeek)
FreeVPN.One Chrome extension caught screenshotting user activity: Over 100K installs; captures and exfiltrates full-page screenshots without consent. (TechRadar)

🕵️ Cyber Investigations

Australia’s TPG confirms iiNet breach, 280k users affected: Attack exposed emails, addresses, and some passwords—customers still being notified. (Reuters)

🌐 Major Cyber Incidents

TPG/iiNet breach significant in telecom sector: Repeat of coverage due to global impact—flagged again for broader operational insights. (Reuters)

⚠️ Exploits & Threat Intelligence

Public exploit chains SAP NetWeaver critical flaws (CVE‑2025‑31324 & 42999): Allows remote code execution; previously patched but now weaponized in the wild. (SecurityWeek)
Confirmed exploit for chained SAP vulnerabilities: VX Underground published the working exploit—urgent patches are vital. (HelpNetSecurity)

🏛️ Policy Updates

UK updates cyber financial sanctions list: Organizations must ensure they are not facilitating transactions linked to cybercriminal groups. (UK Government)
UK sees 1,400% surge in VPN usage amid age‑verification rollout: VPNs pose challenges for online safety mandates; regulation in flux. (TechRadar)

📜 Standards & Compliance

EU Cyber Resilience Act enters enforcement phase: Requires connected products to meet security-by-design standards under penalty. (Wikipedia)

📊 Snapshot Summary

Section	Highlight	Why It Matters
DFIR & IR	VPN app privacy flaws	Broaden scope to mobile and browser environments.
Investigations	TPG/iiNet data breach	Telecom sector data still highly targeted; IR must be robust.
Threat Intel	SAP NetWeaver exploit chain released	Enterprise platforms at significant risk; patching urgency is elevated.
Policy	UK cyber sanction update; VPN surge concerns	Regulatory monitoring and policy gaps must be addressed.
Standards	EU Cyber Resilience enforcement	Product security now enforceable—compliance is non-negotiable.

📝 Editorial Perspective

Even “privacy” tools can betray users. VPN-related compromises highlight the need for scrutiny in trusted utilities.
Platform vulnerabilities remain easy entry points. Exploits like SAP chaining show attackers weaponize disclosed flaws rapidly.
Regulatory oversight increases fast in response to breaches. Sanctions and design mandates are forcing proactive compliance.

📚 Reference Reading

🔍 SecurityWeek — VPN app flaw report
📡 TechRadar — FreeVPN.One spying expose
⚠️ Reuters — iiNet breach report
💻 SecurityWeek — SAP exploit chain
📰 HelpNetSecurity — SAP exploit published
🏛️ UK OFSI — Cyber sanctions update
🇪🇺 Wikipedia — Cyber Resilience Act

🏷 Tags:

DFIR, Cybersecurity News, Threat Intelligence, Ransomware, Law Enforcement, Cyber Policy, Compliance, EU CRA

🔗 Share This Post:

Share on LinkedIn