Börzel IT
Updates
- Apple Rushes to Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones
- Notepad++ 8.5.7 released with fixes for four security vulnerabilities
- Cisco warnt vor teils kritischen Lücken und liefert Updates für mehrere Produkte
- September Android updates fix zero-day exploited in attacks
- ASUS routers are affected by 3 critical remote code execution flaws
- 9 Vulnerabilities Patched in SEL Power System Management Products
Threats
- CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities
- CISA warns of critical Apache RocketMQ bug exploited in attacks
- Alert: Apache Superset Vulnerabilities Expose Servers to Remote Code Execution Attacks
- Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks
- Cisco warns of VPN zero-day exploited by ransomware gangs
- Hackers exploit MinIO storage system to breach corporate networks
- North Korean Hackers Exploit Zero-Day Bug to Target Cybersecurity Researchers
- "Apple-Fans nerven": Flipper Zero produziert Phantom-Geräte über Bluetooth LE
- Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play
- GPU-thirsty hackers target architects, designers with cryptomining malware
- Chaes malware now uses Google Chrome DevTools Protocol to steal data
- BLASTPASS: NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild - The Citizen Lab
- Google: State hackers attack security researchers with new zero-day
- Chinese-Speaking Cybercriminals Launch Large-Scale iMessage Smishing Campaign in U.S.
- Microsoft Teams phishing attack pushes DarkGate malware
- Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising
- DuckTail - Bedrohungsakteure aus Vietnam nehmen LinkedIn-Nutzer ins Visier
Incidents
- Toyota says filled disk storage halted Japan-based factories
- Multiple nation-state hackers infiltrate single aviation organization
- Iranian hackers breach US aviation org via Zoho, Fortinet bugs
- Atlas VPN zero-day vulnerability leaks users' real IP address
- Johnson & Johnson discloses IBM data breach impacting patients
- Ukraine's CERT discloses cyberattack on critical energy infrastructure by APT28 hacker group - Industrial Cyber
- Hackers stole Microsoft signing key from Windows crash dump
- Children's snack recalled after its website caught serving porn
- German financial agency site disrupted by DDoS attack since Friday
- Nach Hackerangriff: Deutsche Leasing stellt Datendiebstahl fest
Cyber Crime
- W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts
- US and UK sanction 11 TrickBot and Conti cybercrime gang members
- Wealthy Russian With Kremlin Ties Gets 9 Years in Prison for Hacking and Insider Trading Scheme
- The Initial Access Broker Economy: A Deep Dive into Dark Web Hacking Forums
- Meta Takes Down Thousands of Accounts Involved in Disinformation Ops from China and Russia
Malware
- Mac Users Beware: Malvertising Campaign Spreads Atomic Stealer macOS Malware
- New Python Variant of Chaes Malware Targets Banking and Logistics Industries
- New BLISTER Malware Update Fuelling Stealthy Network Infiltration
- Evolution of USB-Borne Malware, Raspberry Robin
Misc.
- MITRE and CISA Release Open Source Tool for OT Attack Emulation
- Enkeltrick: Bundesnetzagentur schaltet tausende Rufnummern ab
- Microsoft warns users old TLS in Windows to be disabled
- How China gets free intel on tech companies’ vulnerabilities
- Ask the Mac Guy: Best Practices for Securing Macs
- FBI’s Qakbot operation opens door for more botnet takedowns
- X (Twitter) to Collect Biometric Data from Premium Users to Combat Impersonation
- GhostSec Leaks Source Code of Alleged Iranian Surveillance Tool
- 206 Milliarden Euro Schaden pro Jahr für die deutsche Wirtschaft
