Börzel IT
Updates
- Patchday: Kritische System-Lücke bedroht Android 11, 12 und 13
- CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation
- Webbrowser: Google Chrome-Update dichtet Lücke mit hohem Risiko ab
- QNAP Releases Patch for 2 Critical Flaws Threatening Your NAS Devices
- Critical Flaws Discovered in Veeam ONE IT Monitoring Software – Patch Now
- Microsoft shares temp fix for broken Windows Server 2022 VMs
- Atlassian Bug Escalated to 10, All Unpatched Instances Vulnerable
Threats
- Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI
- Outlook-Datenumleitung: Bundesdatenschützer zeigt sich besorgt
- Nutzung von VPNs ist bei manchen Anbietern riskant
- New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers
- Microsoft krallt sich Zugangsdaten: Achtung vor dem neuen Outlook
- Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure
- Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams
- Google ads push malicious CPU-Z app from fake Windows news site
- Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks
- Modern Asia APT groups TTPs
- Russian hackers switch to LOTL technique to cause power outage
Incidents
- KaDeWe gehackt: Hacker greifen Berliner Luxuskaufhaus an
- Intel Sued Over 'Downfall' CPU Vulnerability
- Cloudflare website downed by DDoS attack claimed by Anonymous Sudan
- Japan Aviation Electronics says servers accessed during cyberattack
- Nach Ransomware-Angriff: Südwestfalen-IT und Kommunen lehnen Lösegeldzahlung ab
- OpenAI confirms DDoS attacks behind ongoing ChatGPT outages
Cyber Crime
- Iranian hackers launch malware attacks on Israel’s tech sector
- Iranian Hackers Launch Destructive Cyber Attacks on Israeli Tech and Education Sectors
- Russian Hackers Used OT Attack to Disrupt Power in Ukraine Amid Mass Missile Strikes
- Police takes down BulletProftLink large-scale phishing provider
- FBI: Ransomware gangs hack casinos via 3rd party gaming vendors
Malware
- New GootLoader Malware Variant Evades Detection and Spreads Rapidly
- Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation
- BlueNoroff hackers backdoor Macs with new ObjCShellz malware
Misc.
- Hunderte Experten warnen vor staatlichen Root-Zertifikaten
- Jedes neunte Ransomware-Opfer bezahlt Lösegeld
- Detecting DNS over HTTPS
- Europe prepares to break browser security with eIDAS 2.0
- Microsoft: Some Outlook.com users can't send emails with attachments
- Microsoft Authenticator now blocks suspicious MFA alerts by default
- Microsoft drops SMB1 firewall rules in new Windows 11 build
- Microsoft will roll out MFA-enforcing policies for admin portal access
- Court rules automakers can record and intercept owner text messages
