Börzel IT
Updates
- Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks
- High-Severity Vulnerabilities Patched in Splunk Enterprise
- Jetpack WordPress Plug-in API Bug Triggers Mass Updates
- Researchers warn of hackers widely exploiting bug in Zyxel hardware
- Kali Linux 2023.2 released with 13 new tools, pre-built HyperV image
- MOVEit Transfer software zero-day actively exploited in the wild
Threats
- Bedrohungsstufe 4: BSI-Warnung vor ausgenutzter MOVEit-Schwachstelle
- New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force
- Don't Click That ZIP File! Phishers Weaponizing .ZIP Domains to Trick Victims
- Beware of Ghost Sites: Silent Threat Lurking in Your Salesforce Communities
- Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices
- MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploited
- WordPress plugin ‘Gravity Forms’ vulnerable to PHP object injection
- Microsoft Details Critical Apple macOS Vulnerability Allowing SIP Protection Bypass
- Dark Pink APT Group Leverages TelePowerBot and KamiKakaBot in Sophisticated Attacks
- Zyxel shares tips on protecting firewalls from ongoing attacks
- RomCom RAT Using Deceptive Web of Rogue Software Sites for Covert Attacks
- Stealthy SeroXen RAT malware increasingly used to target gamers
- Online sellers targeted by new information-stealing malware campaign
- Google Drive Deficiency Allows Attackers to Exfiltrate Workspace Data Without a Trace
- Terminator antivirus killer is a vulnerable Windows driver in disguise
- Lazarus hackers target Windows IIS web servers for initial access
- Exploit released for RCE flaw in popular ReportLab PDF library
- New Horabot campaign takes over victim's Gmail, Outlook accounts
- Clever ‘File Archiver In The Browser’ phishing trick uses ZIP domains
- Russia says US hacked thousands of iPhones in iOS zero-click attacks
- Microsoft finds macOS bug that lets hackers bypass SIP root restrictions
- Attackers use Python compiled bytecode to evade detection
Incidents
- MCNA gehackt: Neun Millionen US-Patientendaten im Darknet
- Amazon to pay $30.8M for Alexa and Ring privacy violations
- Burton Snowboards discloses data breach after February attack
- Toyota’s cloud security assessment finds additional vehicle data exposed
- Hacker group Anonymous Sudan demands $3 million from Scandinavian Airlines
Cyber Crime
- Unmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin
- Venezuela pays people to tweet state propaganda and deepfake videos
- ‘Dark Pink’ APT attacks governments, militaries, more in Thailand, Brunei, Belgium, Vietnam and Indonesia
Malware
- “Clickless” iOS exploits infect Kaspersky iPhones with never-before-seen malware
- Improved BlackCat Ransomware Strikes with Lightning Speed and Stealthy Tactics
- New ‘Bandit Stealer’ malware siphons data from browsers, crypto wallets
- New GobRAT Remote Access Trojan Targeting Linux Routers in Japan
- Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering
- N. Korean ScarCruft Hackers Exploit LNK Files to Spread RokRAT
- triangle_check utility: So testet man, ob ein iOS-Gerät infiziert ist
- Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian Android Users
- Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks
- RomCom malware spread via Google Ads for ChatGPT, GIMP, more
Misc.
- Sicherheitsrisiken in Ladegeräten für Elektrofahrzeuge
- Webbrowser: Firefox beendet Support für altes Windows und macOS
- OT-Sicherheitslösungen: Was Unternehmen erwarten
- Moonlighter space-hacking satellite readies for launch
- PyPI Implements Mandatory Two-Factor Authentication for Project Owners
- Hackers Win $105,000 for Reporting Critical Security Flaws in Sonos One Speakers
- Google triples rewards for Chrome sandbox escape chain exploits
- Windows 11 to require SMB signing to prevent NTLM relay attacks
