Börzel IT
Updates
Microsoft May 2023 Patch Tuesday fixes 3 zero-days, 38 flaws
Microsoft May 2023 Patch Tuesday - SANS Internet Storm Center
Windows 10 KB5026361 and KB5026362 updates released
Windows 11 KB5026372 cumulative update released with 20 changes
Microsoft issues optional fix for Secure Boot zero-day used by malware
Microsoft's May Patch Tuesday Fixes 38 Flaws, Including Active Zero-Day Bug
New Linux kernel NetFilter flaw gives attackers root privileges
Synology VPN Plus Server aufgrund von Schwachstelle angreifbar
Chipmaker Patch Tuesday: Intel, AMD Address Over 100 Vulnerabilities
SAP Patches Critical Vulnerabilities With May 2023 Security Updates
Threats
Projekt Echo: Regierungen nutzen unsere Werbedaten für Überwachung
Babuk code used by 9 ransomware gangs to encrypt VMWare ESXi servers
Cisco warns of new ‘Greatness’ phishing-as-a-service tool seen in the wild
Details Disclosed for Exploit Chain That Allows Hacking of Netgear Routers
Millions of mobile phones come pre-infected with malware, say researchers
Andoryu Botnet Exploits Critical Ruckus Wireless Flaw for Widespread Attack
Microsoft Warns of State-Sponsored Attacks Exploiting Critical PaperCut Vulnerability
Researchers Uncover SideWinder's Latest Server-Based Polymorphism Technique
Fake in-browser Windows updates push Aurora info-stealer malware
North Korean APT Uses Malicious Microsoft OneDrive Links to Spread New Malware
Angreifer setzen zunehmend auf Web3-IPFS-Technologie
Incidents
Executive Fired From TikTok’s Chinese Owner Says Beijing Had Access to App Data in Termination Suit
Discord discloses data breach after support agent got hacked
Toyota: Car location data of 2 million customers exposed for ten years
Billy Corgan Paid Off Hacker Who Threatened to Leak New Smashing Pumpkins Songs
Brightly warns of SchoolDude data breach exposing credentials
Multinational tech firm ABB hit by Black Basta ransomware attack
Sysco Data Breach Exposes Customer, Employee Data
Cybersecurity firm Dragos discloses cybersecurity incident, extortion attempt
1M NextGen Patient Records Compromised in Data Breach
Intel investigating leak of Intel Boot Guard private keys after MSI breach
T-Mobile suffers second data theft in less than six months
Cyber Crime
Spain Arrests Hackers in Crackdown on Major Criminal Organization
'Top three Balkans drug kingpins' arrested after cops crack their Sky ECC chats
Briton Pleads Guilty In US To 2020 Twitter Hack
New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe
Former Ubiquiti dev who extorted the firm gets six years in prison
Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested
Spanish police dismantle phishing operation linked to crime ring
Hacker ‘PlugwalkJoe’ pleads guilty to 2020 Twitter breach
Malware
Atomic malware steals Mac passwords, crypto wallets, and more
Russia-affiliated CheckMate ransomware quietly targets popular file-sharing protocol
FBI nukes Russian Snake data theft malware with self-destruct command
CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine
Misc.
Art of the Hunt: Building a Threat Hunting Hypothesis List
Honeypot Moments: Accidentally Getting a VPN Providers IP.
What the Email Security Landscape Looks Like in 2023
XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks
New Stealthy Variant of Linux Backdoor BPFDoor Emerges from the Shadows
New ransomware decryptor recovers data from partially encrypted files
Google brings dark web monitoring to all U.S. Gmail users
GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets
Twitter Finally Rolling Out Encrypted Direct Messages — Starting with Verified Users
Modern Auth comes to on-prem Exchange Server gear
Microsoft enforces number matching to fight MFA fatigue attacks
Total Identity Compromise: DART lessons on securing Active Directory
Bild von storyset auf Freepik
