Börzel IT
Updates
Schwachstellen und Bedrohungen
- Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)
- Intel Confirms Alder Lake BIOS Source Code Leak, New Details Emerge
- FYI: Microsoft Office 365 Message Encryption relies on insecure block cipher
- Palo Alto Networks fixed a high-severity auth bypass flaw in PAN-OS
- CVE-2022-40684 flaw in Fortinet products is being exploited in the wild
- Concerns Over Fortinet Flaw Mount; PoC Released, Exploit Activity Grows
- New PHP Version of Ducktail Malware Hijacking Facebook Business Accounts
- Critical Bug in Siemens SIMATIC PLCs Could Let Attackers Steal Cryptographic Keys
- Researchers extract master encryption key from Siemens PLCs
- Critical VM2 flaw lets attackers run code outside the sandbox
- Microsoft Exchange servers hacked to deploy LockBit ransomware
Vorfälle
- Notausgabe geplant: Cyberattacke auf "Heilbronner Stimme"
- Wilken Software Group: Hackerangriff auf Ulmer ERP-Anbieter
- Wi-Fi spy drones used to snoop on financial firm
- Store credit card numbers in a debug log, lose millions of accounts. Cost? $1.9m
- Protests in Iran: State-run live TV hacked by protesters - BBC News
- Toyota discloses data leak after access key exposed on GitHub
Cyber Crime
- INTERPOL-led Operation Takes Down 'Black Axe' Cyber Crime Organization
- Police tricks DeadBolt ransomware out of 155 decryption keys
- The Fresh Phish Market: Behind the Scenes of the Caffeine Phishing-as-a-Service Platform | Mandiant
- Evolution of BazarCall Social Engineering Tactics
- Researchers Warn of New Phishing-as-a-Service Being Used by Cyber Criminals
- Pro-Russia group KillNet targets US airports
Malware
- Modified WhatsApp App Caught Infecting Android Devices with Malware
- Magniber ransomware now infects Windows users via JavaScript files
- Alchimist: A new attack framework in Chinese for Mac, Linux and Windows
Sonstiges
- SoSafe-Analyse: Digital Natives sind anfälliger für Phishing
- Gesundheitsnetz: CCC-Hacker entschlüsseln TI-Konnektor von CompuGroup Medical
- Sebastian Kurz und Ex-Pegasus-Chef gründen Cybersicherheits-Start-Up
- Bundesinnenministerin will BSI-Chef Schönbohm abberufen
- Google search crashes when you ask "How many emojis on Apple"
- AI and Residual Finger Heat Could Be a Password Cracker's Latest Tools
