Börzel IT
Updates
- Zoho urges admins to patch severe ManageEngine bug immediately
- Update VPN Plus Server now! Synology patches vulnerability with a CVSS of 10
- Fortinet fixed multiple command injection bugs in FortiADC and FortiTester
- Qualcomm Chipsets and Lenovo BIOS Get Security Updates to Fix Multiple Flaws
Incidents
- Air France and KLM notify customers of account hacks
- Burger Chain Five Guys Discloses Data Breach Impacting Job Applicants | SecurityWeek.Com
- Threat actors stole Slack private source code repositories
- CircleCI: Rotate Stored Secrets ASAP
- Slack's private GitHub code repositories stolen over holidays
- Rail giant Wabtec discloses data breach after Lockbit ransomware attack
- Hochschule für Angewandte Wissenschaften Hamburg hart von Cyberattacke getroffen
Threats
- Malicious PyPi packages create CloudFlare Tunnels to bypass firewalls
- Hackers push fake Pokemon NFT game to take over Windows devices
- Fake Flipper Zero websites look to cause a big splash
- Critical flaws found in Ferrari, Mercedes, BMW, Porsche, and other carmakers
- New SHC-compiled Linux malware installs cryptominers, DDoS bots
- WordPress Security Alert: New Linux Malware Exploiting Over Two Dozen CMS Flaws
- PyTorch Machine Learning Framework Compromised with Malicious Dependency
- RedZei Chinese Scammers Targeting Chinese Students in the U.K.
Cyber Crime
- Russian Turla Hackers Hijack Decade-Old Malware Infrastructure to Deploy New Backdoors
- Bitdefender released a free decryptor for the MegaCortex ransomware
Misc.
- WhatsApp adds proxy support to help bypass Internet blocks
- France fines Apple for targeted App Store ads without consent
- Amazon S3 will now encrypt all new data with AES-256 by default
- 14 Cybersecurity Best Practices to Instill In Your End-Users
- Microsoft ends Windows 7 extended security updates on Tuesday
- Microsoft: Windows Server 2012 reaches end of support in October
