Börzel IT
Updates
- Critical Siemens RTU Vulnerability Could Allow Hackers to Destabilize Power Grid
- Fortinet fixed two severe issues in FortiADC and FortiOS
- Apple Patches Bluetooth Flaw in AirPods, Beats
- New Android updates fix kernel bug exploited in spyware attacks
- New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks
- Cisco Warns of Vulnerability in Popular Phone Adapter, Urges Migration to Newer Model
Threats
- Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit DrIBAN
- Hackers use fake ‘Windows Update’ guides to target Ukrainian govt
- Hackers Exploiting 5-year-old Unpatched Vulnerability in TBK DVR Devices
- Russian hackers use WinRAR to wipe Ukraine state agency’s data
- Kimsuky hackers use new recon tool to find security gaps
- Hackers start using double DLL sideloading to evade detection
- Meta Takes Down Malware Campaign That Used ChatGPT as a Lure to Steal Accounts
- Researchers Uncover New Exploit for PaperCut Vulnerability That Can Bypass Detection
Incidents
- Twitter admits to ‘security incident’ involving Circles tweets
- Western Digital says hackers stole customer data in March cyberattack
- Former Uber CSO Joe Sullivan Avoids Prison Time Over Data Breach Cover-Up
- T-Mobile discloses second data breach since the start of 2023
- Ransomware gang hijacks university alert system to issue threats
- Drone goggles maker claims firmware sabotaged to ‘brick’ devices
Cyber Crime
- FBI seized other domains used by the shadow eBook library Z-Library
- Police operation 'SpecTor' arrests 288 dark web drug vendors and buyers
- FBI seizes 9 crypto exchanges used to launder ransomware payments
Malware
- New Cactus ransomware encrypts itself to evade antivirus
- Meet Akira — A new ransomware operation targeting the enterprise
- New Decoy Dog Malware Toolkit Uncovered: Targeting Enterprise Networks
- North Korea's ScarCruft Deploys RokRAT Malware via LNK File Infection Chains
- Infostealer Embedded in a Word Document
- New Fleckpe Android malware installed 600K times on Google Play
Misc.
- Google launches entry-level cybersecurity certificate to teach threat detection skills
- Quickly Finding Encoded Payloads in Office Documents - SANS Internet Storm Center
- How to Spot a ChatGPT Phishing Website
- Identifying Compromised Data Can Be a Logistical Nightmare
- 1Password explains scary Secret Key and password change alerts
- Google adds passkeys support for passwordless sign-in on all accounts
- Windows admins can now sign up for ‘known issue’ email alerts
- Everything You Need to Know About Password Best Practices for Your Organization | SANS Institute
- Vulnerability Management Maturity Model – Self-Assessment Tool (VMMM-SAT) | Jonathan Risto | SANS Institute
