Börzel IT
Updates
- Rapid7 found a bypass for the recently patched actively exploited Ivanti EPMM bug
- Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks
- Researchers Uncover New High-Severity Vulnerability in PaperCut Software
- Firefox 116 Patches High-Severity Vulnerabilities
- Videokonferenz: BSI findet kritische Security-Schwachstellen bei BigBlueButton
- Multiple Flaws Found in Ninja Forms Plugin Leave 800,000 Sites Vulnerable
- Angriffe auf Remote Function Calls gefährden SAP-Systeme
- SpecterOps Updates BloodHound Active Directory Mapping Tool
Threats
- Major Cybersecurity Agencies Collaborate to Unveil 2022's Most Exploited Vulnerabilities
- 2022 Top Routinely Exploited Vulnerabilities | CISA
- Malicious Apps Use Sneaky Versioning Technique to Bypass Google Play Store Scanners
- Pokémon Sleep: Ein umstrittenes Spiel belauscht Kinder im Schlaf
- Top Industries Significantly Impacted by Illicit Telegram Networks
- SpyNote Android Malware Infections Are Spiking in Europe
- Attackers use dynamic code loading to bypass Google Play store’s malware detections
- Hackers exploited Salesforce zero-day in Facebook phishing attack
- Chrome malware Rilide targets enterprise users via PowerPoint guides
- Cross-Tenant-Synchronisation (CTS): Forscher warnen vor laxen Azure AD-Richtlinien
- Bug in Minecraft mods allows hackers to exploit players' devices
- Fake VMware vConnector package on PyPI targets IT pros
- Threat actors abuse Google AMP for evasive phishing attacks
- P2PInfect server botnet spreads using Redis replication feature
- Hackers can abuse Microsoft Office executables to download malware
- Lawsuit: ByteDance’s CapCut app secretly reaps massive amounts of user data
- New Microsoft Azure AD CTS feature can be abused for lateral movement
- Canon warns of Wi-Fi security risks when discarding inkjet printers
- New Collide+Power side-channel attack impacts almost all CPUs
- New acoustic attack steals data from keystrokes with 95% accuracy
Incidents
- Microsoft Addresses Critical Power Platform Flaw After Delays and Criticism
- Microsoft fixes flaw after being called irresponsible by Tenable CEO
- Patreon confirms outages affecting creator payouts
- Hawai'i's Gemini North observatory suspends operations following cyberattack
- CapCut Video App Faces Lawsuit for Illegal Data Collection
- Senegal shuts off mobile internet after arrest of opposition leader
- Cyberangriff auf HHU: Hacker greifen auf E-Mail-Konten der Uni Düsseldorf zu
- Burger King forgets to put a password on their systems, again
Cyber Crime
- The Week in Ransomware - August 4th 2023 - Targeting VMware ESXi
- Russian hackers target govt orgs in Microsoft Teams phishing attacks
- Russischer Hacker infiziert sich durch eigenen Infostealer und geht Sicherheitsfirma ins Netz
Malware
- From small LNK to large malicious BAT file with zero VT score - SANS Internet Storm Center
- Fruity Trojan Uses Deceptive Software Installers to Spread Remcos RAT
- Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems
- Hackers use new malware to breach air-gapped devices in Eastern Europe
- Clop ransomware now uses torrents to leak data and evade takedowns
- Apple Users Open to Remote Control via Tricky macOS Malware
- Now Abyss Locker also targets VMware ESXi servers
Misc.
- Zero-Day-Lücke ignoriert: Digitalministerium verpennt Ivanti-Patch
- 10 Tipps zur Verschlüsselung von Daten mit der PowerShell
- Why Huntress Trusts Microsoft Defender Antivirus (And You Should Too)
- Google warns again it will start deleting inactive accounts in December
- Tesla Jailbreak Unlocks Theft of In-Car Paid Features
- Google makes it easier to remove your info, explicit images from search
