Börzel IT
Updates
- Atlassian warns of critical Jira Service Management auth flaw
- Cisco fixes bug allowing backdoor persistence between reboots
- Microsoft Defender can now isolate compromised Linux endpoints
- Exploit released for critical VMware vRealize RCE vulnerability
- Microsoft releases emergency updates to fix XPS display issues
- Over 29,000 QNAP devices unpatched against new critical flaw
- Git Users Urged to Update Software to Prevent Remote Code Execution Attacks
- Exploit released for critical ManageEngine RCE bug, patch now
- Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability
- Microsoft shares workaround for unresponsive Windows Start Menu
Incidents
- GoAnywhere MFT zero-day vulnerability lets hackers breach servers
- Former Ubiquiti dev pleads guilty to trying to extort his employer
- U.S. No Fly list shared on a hacking forum, government investigating
- GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom
- Massive Microsoft 365 outage caused by WAN router IP change
- CISA: Federal agencies hacked using legitimate remote desktop tools
- Cyber-Angriff: IT der TU Freiberg weitreichend lahmgelegt
- MailChimp discloses new breach after employees got hacked
- Ransomware gang steals data from KFC, Taco Bell, and Pizza Hut brand owner
- T-Mobile hacked to steal data of 37 million accounts in API data breach
- Riot Games receives ransom demand from hackers, refuses to pay
- WhatsApp fined €5.5 million by Irish DPC for GDPR violation
Threats
- New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers
- Google ads push ‘virtualized’ malware made for antivirus evasion
- CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack
- Hackers use new IceBreaker malware to breach gaming companies
- Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility
- Google Fi data breach let hackers carry out SIM swap attacks
- New HeadCrab malware infects 1,200 Redis servers to mine Monero
- Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Hack Corporate Email Accounts
- Lexmark warns of RCE bug affecting 100 printer models, PoC released
- Bitwarden password vaults targeted in Google ads phishing attack
- Malware exploited critical Realtek SDK bug in millions of attacks
- Exploit released for critical Windows CryptoAPI spoofing bug
- Too many default 'admin1234' passwords increase risk for industrial systems, research finds
- Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner
- Roaming Mantis’ Android malware adds DNS changer to hack WiFi routers
- New Boldmove Linux malware used to backdoor Fortinet devices
- Emotet Malware Makes a Comeback with New Evasion Techniques
- Microsoft 365 to block downloaded Excel XLL add-ins to boost security
- Hackers now use Microsoft OneNote attachments to spread malware
Cyber Crime
- LockBit ransomware goes 'Green,' uses new Conti-based encryptor
- Researchers Uncover Connection b/w Moses Staff and Emerging Abraham's Ax Hacktivists Group
- Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort
- Google nukes 50,000 accounts pushing Chinese disinformation
- FBI takes down Hive ransomware group
- Ransomware Revenue Down As More Victims Refuse to Pay - Chainalysis
- Illegal Solaris darknet market hijacked by competitor Kraken
Malware
- Linux version of Royal Ransomware targets VMware ESXi servers
- Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards
- PlugX malware hides on USB devices to infect new Windows hosts
Misc.
- DualSense-Controller der PS5 belauscht das eigene Wohnzimmer
- OpenAI releases tool to detect AI-written text
- Google Pushes Privacy to the Limit in Updated Terms of Service
- Microsoft Azure-Based Kerberos Attacks Crack Open Cloud Accounts
- Lessons Learned from the Windows Remote Desktop Honeypot Report
- KnowBe4 to Offer $10,000 Women in Cybersecurity Scholarship and (ISC) 2 Certification Education Package
- Facebook Introduces New Features for End-to-End Encrypted Messenger App
