Börzel IT
Updates
- Microsoft’s December 2022 Patch Tuesday Addresses 48 CVEs (CVE-2022-44698)
- CVE-2022-27518: Unauthenticated RCE in Citrix ADC and Gateway
- Update now your devices now! Apple patches actively exploited vulnerability for iPhones
- Patchday SAP: 14 neue Sicherheitsmeldungen im Dezember
- VMware fixes critical ESXi and vRealize security flaws
- Mozilla Releases Security Updates for Thunderbird and Firefox | CISA
- Samba Releases Security Updates | CISA
- Adobe Patches 38 Flaws in Enterprise Software Products | SecurityWeek.Com
- InfoSec Handlers Diary Blog - SANS Internet Storm Center
Incidents
- Data breach at Social Blade confirmed. Hacker offers to sell database on underground website
- Play ransomware attacks city of Antwerp
Threats
- NSA warns of Chinese hacker group APT5 targeting Citrix ADC vulnerabilities - Industrial Cyber
- MCCrash: Cross-platform DDoS botnet targets private Minecraft servers - Microsoft Security Blog
- New GoTrim botnet brute forces WordPress site admin accounts
- HTML smugglers turn to SVG images
Cyber Crime
- Ex-Twitter employee Gets 3.5 Years Jail for Spying on Behalf of Saudi Arabia
- Woman gets 66 months in prison for role in $3.3 million ID fraud op
- T-Mobile hacker gets 10 years for $25 million phone unlock scheme
Malware
- New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure
- Microsoft-signed malicious Windows drivers used in ransomware attacks
Misc.
- GitHub to require all users to enable 2FA by the end of 2023
- GitHub Announces Free Secret Scanning for All Public Repositories
- Microsoft: Edge update will disable Internet Explorer in February
- Google introduces end-to-end encryption for Gmail on the web
- Google Launches OSV-Scanner Tool to Identify Open Source Vulnerabilities
