Börzel IT
Updates
- Synology_SA_22_25 | Synology Inc.
- Critical Vulnerabilities Found in Passwordstate Enterprise Password Manager | SecurityWeek.Com
- Microsoft pushes emergency fix for Windows Server Hyper-V VM issues
Incidents
- An Iranian group hacked Israeli CCTV cameras, defense was aware but didn’t block itSecurity Affairs
- Comcast Xfinity accounts hacked in widespread 2FA bypass attacks
- Massive Twitter data leak investigated by EU privacy watchdog
- Guardian newspaper hit by suspected ransomware attack
- Okta's source code stolen after GitHub repositories hacked
- German industrial giant ThyssenKrupp targeted in a new cyberattack
- Play ransomware claims attack on German hotel chain H-Hotels
- Metro AG: Neuer IT-Sicherheitsvorfall vom 20. Dezember 2022, oder altes Problem?
Threats
- Zerobot malware now shooting for Apache systems
- Expert found Backdoor credentials in ZyXEL LTE3301 M209Security Affairs
- Critical Linux Kernel flaw affects SMB servers with ksmbd enabledSecurity Affairs
- Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Govt. Officials
- Hackers exploit bug in WordPress gift card plugin with 50K installs
- Don't click too quick! FBI warns of malicious search engine ads
- CISA Warns Veeam Backup & Replication Vulnerabilities Exploited in Attacks | SecurityWeek.Com
- Critical Vulnerability in Hikvision Wireless Bridges Allows CCTV Hacking | SecurityWeek.Com
- VMware fixed critical VM Escape bug demonstrated at Geekpwn hacking contest
- Old vulnerabilities in Cisco products actively exploited in the wild
- Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware
- Ransomware gang uses new Microsoft Exchange exploit to breach servers
Cyber Crime
- Researchers Link Royal Ransomware to Conti Group | SecurityWeek.Com
- Raspberry Robin malware used against Telecom and GovernmentsSecurity Affairs
- Prodaft details FIN7 cybercrime gang exploiting software supply chains, distributing malicious USB sticks - Industrial Cyber
- Chinese state-sponsored hacker group RedDelta targeting organizations within Europe, Southeast Asia - Industrial Cyber
- FIN7 Cybercrime Syndicate Emerges as a Major Player in Ransomware Landscape
- FIN7 hackers create auto-attack platform to breach Exchange servers
- Ex-Twitter Worker Gets Prison Time in Saudi 'Spy' Case | SecurityWeek.Com
- McGraw Hill's S3 buckets exposed 100,000 students' grades
- Trojaned Windows Installer Targets Ukraine - Schneier on Security
- Russian Hackers Targeted Petroleum Refinery in NATO Country During Ukraine War
- New info-stealer malware infects software pirates via fake cracks sites
- Crooks use HTML smuggling to spread QBot malware via SVG files
Misc.
- TikTok parent company ByteDance revealed the use of TikTok data to track journalistsSecurity Affairs
- CCC | CCC erbeutet Biometrie-Datenbank des US-Militärs
- France Fines Microsoft €60 Million for Using Advertising Cookies Without User Consent
- Rise of the robot vacuum cleaners
- Buggy parental-control apps could allow device takeover
- NIST to Retire 27-Year-Old SHA-1 Cryptographic Algorithm | SecurityWeek.Com
- Google Workspace Gets Client-Side Encryption in Gmail | SecurityWeek.Com
- MSG defends using facial recognition to kick lawyer out of Rockettes show
- Mozilla to Explore Healthy Social Media Alternative | The Mozilla Blog
- Cybercrime (and Security) Predictions for 2023
- Epic Games to pay $520 million for privacy violations, dark patterns
- Microsoft will turn off Exchange Online basic auth in January
- Beyond Ransomware: Cybercrime Trends to Watch in 2023
- BSI aktualisiert Mindeststandard zur Nutzung externer Cloud-Dienste
