Börzel IT
Updates
- Researchers Detail 4 SAP Bugs, Including Flaw in ABAP Kernel
- Fortinet fixes critical RCE flaw in FortiNAC zero-trust product
- Critical Security Flaw in Social Login Plugin for WordPress Exposes Users' Accounts
- Windows 10 KB5027293 update released with 3 new features, 14 changes
- Windows 11 KB5027303 preview update enables new Moment 3 features
Threats
- The Current State of Business Email Compromise Attacks
- BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising
- Trojanized Super Mario game used to install Windows malware
- Critical authentication bypass found in Arcserve backup system
- New Ongoing Campaign Targets npm Ecosystem with Unique Execution Chain
- Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts
- New Android banking Trojan targets US, UK, and Germany
- Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign
- Millions of GitHub repositories potentially vulnerable to RepoJacking
- New proxyjacking attacks monetize hacked SSH servers’ bandwidth
- China's 'Volt Typhoon' APT Now Exploits Zoho ManageEngine
- Grafana warns of critical auth bypass due to Azure AD integration
Incidents
- Cyber-Angriff auf Mail-Konten des SPD-Parteivorstands
- Outlook for the web outage impacts users across America
- Microsoft Teams outage blocks access to web and desktop clients
- TSMC denies LockBit hack as ransomware gang demands $70 million
- Siemens Energy confirms data breach after MOVEit data-theft attack
Cyber Crime
- New EarlyRAT malware linked to North Korean Andariel hacking group
- Chinese Hackers Using Never-Before-Seen Tactics for Critical Infrastructure Attacks
Malware
- Newly Uncovered ThirdEye Windows-Based Malware Steals Sensitive Data
- New Mockingjay Process Injection Technique Could Let Malware Evade Detection
- Linux version of Akira ransomware targets VMware ESXi servers
- Anatsa Android trojan now steals banking info from users in US, UK
Misc.
- Claudia Plattner neue BSI-Präsidentin
- 5 Things CISOs Need to Know About Securing OT Environments
- MITRE releases new list of top 25 most dangerous software bugs
- Free Akira ransomware decryptor helps recover your files
- Most popular generative AI projects on GitHub are the least secure
- Proton launches open-source password manager with some limitations
