Börzel IT
Updates
- Microsoft releases Windows security updates for Intel CPU flaws
- Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack
- Aruba Networks fixes six critical vulnerabilities in ArubaOS
- CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability
- Critical flaws in WordPress Houzez theme exploited to hijack websites
- Fortinet Releases Security Updates for Multiple Products | CISA
- Cisco Releases Security Advisories for Multiple Products | CISA
Incidents
- Microsoft Exchange Online outage blocks access to mailboxes worldwide
- LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults
- Hacker leaks alleged Activision employee data on cybercrime forum
- Fruit giant Dole suffers ransomware attack impacting operations
- Stanford University discloses data breach affecting PhD applicants
- News Corp says state hackers were on its network for two years
- Dish Network goes offline after likely cyberattack, employees cut off
Threats
- Chinese Hackers Targeting European Entities with New MQsTTang Backdoor
- New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices
- RIG Exploit Kit still infects enterprise users via Internet Explorer
- Fortinet FortiNAC CVE-2022-39952 flaw exploited in the wild hours after the release of PoC exploit
- European Commission bans TikTok on employee devices
- Experts Sound Alarm Over Growing Attacks Exploiting Zoho ManageEngine Products
- Hackers Using Trojanized macOS Apps to Deploy Evasive Cryptocurrency Mining Malware
- Microsoft urges Exchange admins to remove some antivirus exclusions
Malware
- Bumblebee DocuSign Campaign - 0xToxin Labs
- SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics
- BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11
- New EX-22 Tool Empowers Hackers with Stealthy Ransomware Attacks on Enterprises
- New MortalKombat ransomware decryptor recovers your files for free
- PlugX Trojan disguised as a legitimate Windows open-source tool in recent attacks
- InfoSec Handlers Diary Blog - SANS Internet Storm Center
