Börzel IT
Updates
- Microsoft enhances Windows 11 Phishing Protection with new features
- Over 15K Citrix servers vulnerable to CVE-2023-3519 RCE attacks
- Netscaler ADC bug exploited to breach US critical infrastructure org
Threats
- Hackers exploiting critical WordPress WooCommerce Payments bug
- Microsoft: Hackers turn Exchange servers into malware control centers
- Mallox Ransomware Exploits Weak MS-SQL Servers to Breach Networks
- Malicious USB Drives Targetinging Global Targets with SOGU and SNOWYDRIVE Malware
- Cybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot Malware
- DDoS Botnets Hijacking Zyxel Devices to Launch Devastating Attacks
- Cybersecurity firm Sophos impersonated by new SophosEncrypt ransomware
- GitHub warns of Lazarus hackers targeting devs with malicious projects
- Google Cloud Build bug lets hackers launch supply chain attacks
Incidents
- Microsoft Exchange Online hit by new outage blocking emails
- Microsoft 365 Breach Risk Widens to Millions of Azure AD Apps
- Stolen Microsoft key offered widespread access to Microsoft cloud services
- Azure AD Token Forging Technique in Microsoft Attack Extends Beyond Outlook, Wiz Reports
- VirusTotal Data Leak Exposes Some Registered Customers' Details
- VirusTotal apologizes for data leak affecting 5,600 customers
- Estée Lauder beauty giant breached by two ransomware gangs
- JumpCloud discloses breach by state-backed APT hacking group
Cyber Crime
- Owner of BreachForums Pleads Guilty to Cybercrime and Child Pornography Charges
- Police arrests Ukrainian scareware developer after 10-year hunt
- Clop gang to earn over $75 million from MOVEit extortion attacks
- IT worker jailed for impersonating ransomware gang to extort employer
Malware
- HotRat: New Variant of AsyncRAT Malware Spreading Through Pirated Software
- Sophisticated BundleBot Malware Disguised as Google AI Chatbot and Utilities
- New P2PInfect worm malware targets Linux and Windows Redis servers
- FIN8 deploys ALPHV ransomware using Sardonic malware variant
Misc.
- Hacker-Turned-Security-Researcher Kevin Mitnick Dies Aged 59
- Die Bonify-App der Schufa: Ein Datenschutz-Albtraum wird wahr
- IT-Sicherheit: BSI soll CEOs entmachten dürfen
- Google greift das offene Internet an und Entwickler laufen Sturm
- IT-Sicherheit: Google klemmt Arbeitsplätze vom Internet ab
- NIS-2-Richtlinie: BSI soll mehr Durchgriffsmöglichkeiten erhalten
- Referentenentwurf des BMI: NIS-2-Umsetzungs- und Cybersicherheitsstärkungsgesetz – NIS2UmsuCG - AG KRITIS
- CVSS 4.0 Is Here, but Prioritizing Patches Still a Hard Problem
