Updates
- Microsoft September 2023 Patch Tuesday fixes 2 zero-days, 59 flaws
- New Windows 11 feature blocks NTLM-based attacks over SMB
- Apple fixes 0-Day Vulnerability in Older Operating Systems - SANS Internet Storm Center
- SAP Patches Critical Vulnerability Impacting NetWeaver, S/4HANA
- Adobe Says Critical PDF Reader Zero-Day Being Exploited
- Google fixes another Chrome zero-day bug exploited in attacks
- Mozilla Rushes to Patch WebP Critical Zero-Day Exploit in Firefox and Thunderbird
Threats
- Free Download Manager Site Compromised to Distribute Linux Malware to Users for 3+ Years
- Fake Cisco Webex Google Ads abuse tracking templates to push malware
- New WiKI-Eve attack can steal numerical passwords over WiFi
- Vietnamese Hackers Deploy Python-Based Stealer via Facebook Messenger
- Cybercriminals Combine Phishing and EV Certificates to Deliver Ransomware Payloads
- Iranian Nation-State Actors Employ Password Spray Attacks Targeting Multiple Sectors
- Microsoft Warns of New Phishing Campaign Targeting Corporations via Teams Messages
- BlackCat ransomware hits Azure Storage with Sphynx encryptor
- Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows
- Alert: New Kubernetes Vulnerabilities Enable Remote Attacks on Windows Endpoints
- New 'MetaStealer' malware targets Intel-based macOS systems
- Iranian hackers breach defense orgs in password spray attacks
- Phishing campaign uses Word documents to distribute three malware strains
Incidents
- Airbus data leaked via infected customer computer
- Ransomware crew hits Save The Children, steals 7TB of data
- Russian Journalist's iPhone Compromised by NSO Group's Zero-Click Spyware
- TikTok Faces Massive €345 Million Fine Over Child Data Violations in E.U.
- North Korea's Lazarus Group Suspected in $31 Million CoinEx Heist
- Microsoft Teams down: Ongoing outage behind message failures, delays
- Retool blames breach on Google Authenticator MFA cloud sync feature
- ORBCOMM ransomware attack causes trucking fleet management outage
- Google pays $93M to settle Android tracking lawsuit in California
- Iranian hackers breach US aviation org via ManageEngine, Fortinet bugs
- MGM casino's ESXi servers allegedly encrypted in ransomware attack
- Caesars Entertainment confirms ransom payment, customer data theft