Börzel IT
Updates
- Cisco discloses XSS zero-day flaw in server management tool
- Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now
- VMSA-2023-0008
- Exploit released for PaperCut flaw abused to hijack servers, patch now
- APC warns of critical unauthenticated RCE flaws in UPS software
- Double zero-day in Chrome and Edge – check your versions now!
Threats
- Thousands of Apache Superset servers exposed to RCE attacks
- 5 most dangerous new attack techniques
- Android Minecraft clones with 35M downloads infect users with adware
- Hackers target vulnerable Veeam backup servers exposed online
- Hackers Exploit Outdated WordPress Plugin to Backdoor Thousands of WordPress Sites
- Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers
- Experts spotted first-ever crypto mining campaign leveraging Kubernetes RBAC
Incidents
- New Microsoft 365 outage causes Exchange Online connectivity issues
- Crooks broke into AT&T email accounts to empty their cryptocurrency wallets
- DOJ Detected SolarWinds Breach Months Before Public Disclosure
- Pro-Russia hackers attack European air traffic control website, but don't panic! Flights continue as normal
Cyber Crime
- Russian Hackers Tomiris Targeting Central Asia for Intelligence Gathering
- Iran APT using ‘BellaCiao’ malware against targets in US, Europe and Asia
- Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies
- Charming Kitten's New BellaCiao Malware Discovered in Multi-Country Attacks
- Ukrainian arrested for selling data of 300M people to Russians
- Iranian Hackers Launch Sophisticated Attacks Targeting Israel with PowerLess Backdoor
Malware
- Linux version of RTM Locker ransomware targets VMware ESXi servers
- New Atomic macOS Malware Steals Keychain Passwords and Crypto Wallets
- TP-Link Archer WiFi router flaw exploited by Mirai malware
- Ransomware Hackers Using AuKill Tool to Disable EDR Software Using BYOVD Attack
Misc.
- Microsoft probes complaints that Edge leaks URLs to Bing
- Microsoft is rewriting core Windows libraries in Rust
- Microsoft removes LSA Protection from Windows settings to fix bug
- Google Bans Thousands of Play Store Developer Accounts to Block Malware
- Google Authenticator App Gets Cloud Backup Feature for TOTP Codes
- Google transfers TOTP data unencrypted
- Google will add End-to-End encryption to Google Authenticator
- Google Cloud Introduces Security AI Workbench for Faster Threat Detection and Analysis
- VirusTotal now has an AI-powered malware analysis feature
- White hat hackers showed how to take over a European Space Agency satellite
- ChatGPT is Back in Italy After Addressing Data Privacy Concerns
- r/blueteamsec on Reddit: A collection of companies that disclose adversary TTPs after they have been breached
