Börzel IT
Updates
- Apple Releases Updates to Address Zero-Day Flaws in iOS, iPadOS, macOS, and Safari
- Smart Garage Company Fixes Vulnerability by Breaking Customers' Devices
- Sophos patches three issues in the Sophos Web Security appliance, one of them rated as critical
- Cisco Patches Code and Command Execution Vulnerabilities in Several Products
- HP to patch critical bug in LaserJet printers within 90 days
- Android's April 2023 Updates Patch Critical Remote Code Execution Vulnerabilities
- Chrome 112 Patches 16 Security Flaws
- QNAP Zero-Days Leave 80K Devices Vulnerable to Cyberattack
Incidents
- Law Firm for Uber Loses Drivers' Data to Hackers in Yet Another Breach
- Royal Dutch Football Association says hackers stole employee data
- DoJ Recovers $112M in Crypto Stolen With Romance Scams
- Western Digital discloses network breach, My Cloud service down
Threats
- Hackers exploit WordPress plugin flaw that gives full control of millions of sites
- Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign
- Researchers Discover Critical Remote Code Execution Flaw in vm2 Sandbox Library
- Printers Pose Persistent Yet Overlooked Threat
- Hackers steal crypto assets by defeating 2FA with rogue browser extension
- ALPHV ransomware exploits Veritas Backup Exec bugs for initial access
- Google TAG Warns of North Korean-linked ARCHIPELAGO Cyberattacks
- Hackers can open Nexx garage doors remotely, and there's no fix
- WinRAR SFX archives can run PowerShell without being detected
- CISA warns of Zimbra bug exploited in attacks against NATO countries
- ‘Tactical Octopus’ hackers using tax-related phishing scams to spread malware
- 'I've never seen anything like this:' One of China's most popular apps has the ability to spy on its users, say experts | CNN Business
Cyber Crime
- Researchers Uncover Thriving Phishing Kit Market on Telegram Channels
- Microsoft Takes Legal Action to Disrupt Cybercriminals' Illegal Use of Cobalt Strike Tool
- FBI seizes stolen credentials market Genesis in Operation Cookie Monster
- STYX Marketplace emerged in Dark Web focused on Financial Fraud
- Genesis Market: Popular cybercrime website shut down by police
Malware
- New Rorschach ransomware hits with unique features and very fast encryption
- Researcher Tricks ChatGPT Into Building Undetectable Steganography Malware
- Hackers Using Self-Extracting Archives Exploit for Stealthy Backdoor Attacks
Misc.
- All Dutch govt networks to use RPKI to prevent BGP hijacking
- OSINT Tools and Techniques for Unmasking Dark Web Operations | SANS Institute
- OpenAI to Offer Remedies to Resolve Italy's ChatGPT Ban
- Twitter 'Shadow Ban' Bug Gets Official CVE
- 2023 Password Cracking: How Fast Can AI Crack Passwords?
- How to Check if Your Data Was Sold on the Genesis Market
- UK fines TikTok $15.8 million for GDPR violation of children's privacy
- Microsoft Tightens OneNote Security by Auto-Blocking 120 Risky File Extensions
