Börzel IT
Updates
- Google patches another actively exploited Chrome zero-day
- Cisco and VMware Release Security Updates to Patch Critical Flaws in their Products
- Microsoft Defender update causes Windows Hardware Stack Protection mess
Incidents
- Payments Giant NCR Hit by Ransomware
- Military helicopter crash blamed on missing software patch
- Critical infrastructure also hit by supply chain attack behind 3CX breach
Threats
- Popular Fitness Apps Leak Location Data Even When Users Set Privacy Zones
- Exploring the Growing Threat of WhatsApp Hacking
- Kubernetes RBAC abused to create persistent cluster backdoors
- Microsoft SQL servers hacked to deploy Trigona ransomware
- Lazarus hackers now push Linux malware via fake job offers
- NSO Group Used at Least 3 iOS Zero-Click Exploits in 2022: Citizen Lab
- The Attacks that can Target your Windows Active Directory
- US, UK warn of govt hackers using custom malware on Cisco routers
Cyber Crime
- Russian Man Who Laundered Money for Ryuk Ransomware Gang Sentenced
- European air traffic control confirms website 'under attack' by pro-Russia hackers
- Iranian Government-Backed Hackers Targeting U.S. Energy and Transit Systems
- Pakistani Hackers Use Linux Malware Poseidon to Target Indian Government Agencies
- APT41 Taps Google Red Teaming Tool in Targeted Info-Stealing Attacks
- Experts temporarily disrupted the RedLine Stealer operations
- FIN7 and Ex-Conti Cybercrime Gangs Join Forces in Domino Malware Attacks
Malware
- New Qbot campaign delivers malware by hijacking business emails
- New QBot email attacks use PDF and WSF combo to install malware
- Researchers Discover First Ever Major Ransomware Targeting macOS
- Goldoson Android Malware Infects Over 100 Million Google Play Store Downloads
- EvilExtractor malware activity spikes in Europe and the U.S.
- GhostToken GCP flaw let attackers backdoor Google accounts
- Google ads push BumbleBee malware used by ransomware gangs
- Ransomware gangs abuse Process Explorer driver to kill security software
- Chrome, Edge browsers targeted in Zaraza bot malware attacks
- LockBit ransomware encryptors found targeting Mac devices
- Experts warn of an emerging Python-based credential harvester named Legion
- Hard-to-detect malware loader distributed via AI-generated YouTube videos
