Blog post featured image

Security Update KW04-22

Auch diese Woche habe ich wieder die wichtigsten Neuigkeiten gesammelt.
Ein mehere Jahre alter Bug in polkit's pkexec erlaubt es sehr leicht Root Rechte zu erlangen.
Chinesische APT hat es auf Deutsche Industrieunternehmen abgesehen.
Apple schließt ZeroDay Lücken in iOS und MacOS.
Zudem gibt es ein kleines OSINT Schmankerl zum Verfassungsschutz von Lilith Wittmann, sehr lesenswert!

Vulnerabilities & Patches

Windows vulnerability with new public exploits lets you become admin
Microsoft Restricts Excel 4.0 Macros by Default
Hackers Exploited MSHTML Flaw to Spy on Government and Defense Targets
Update now! Apple pushes out security patches for iPhone and Mac zero-day vulnerabilities
Bug Alert: Local privilege escalation in pkexec, a core Linux system component
Linux kernel bug can let hackers escape Kubernetes containers
A flaw in Rust Programming language could allow to delete files and directories
Vulnerabilities in Control Web Panel potentially expose Linux Servers to hack

Cybercrime

Russian Authorities Arrest Head of International Cybercrime Group | SecurityWeek.Com
REvil Ransomware Operations Apparently Unaffected by Recent Arrests
High anxiety spreads among Russian criminal groups in wake of REvil raid
Hackers say they encrypted Belarusian Railway servers in protest
North Korean Hackers Using Windows Update Service to Infect PCs with Malware
MoleRats APT Launches Spy Campaign on Bankers, Politicians, Journalists | IT Security News
Alleged carder gang mastermind and three acolytes under arrest in Russia

Malware

Emotet-Botnet verstärkt Aktivitäten
Emotet spam uses unconventional IP address formats to evade detection
A new highly evasive technique used to deliver the AsyncRAT Malware
North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks
Lockbit ransomware gang claims to have hacked Ministry of Justice of France
TrickBot now crashes researchers' browsers to block malware analysis
TrickBot Malware Using New Techniques to Evade Web Injection Attacks
French Ministry of Justice Targeted in Ransomware Attack | SecurityWeek.Com
New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key
New MacOS Malware ‘DazzleSpy’ Used in Watering-Hole Attacks
Malicious PowerPoint files used to push remote access trojans

Incidents

Verfassungsschutz: "Hyperbro"-Angriffskampagne auf deutsche Unternehmen
Sicherheit: Erfolgreicher Angriff auf Nutzerkonten bei Thalia
NCSC alerts UK orgs to brace for destructive Russian cyberattacks
Microsoft mitigated a record 3.47 Tbps DDoS attack on Azure users
Segway e-store compromised in a Magecart attack to steal credit cards
33.000 hochsensible Mails aus dem Ausländeramt Lübeck bei eBay verkauft.
Dark Souls 3 Servers Shut Down Due to Critical RCE Bug
North Korea Hackers Gain $400 Million in Cryptocurrency Scams - MSSP Alert
Puerto Rico was hit by a major cyberattack

Cybernews

EU to create pan-European cyber incident coordination framework
EU to fund bug bounty programs for LibreOffice, Mastodon, three others
Bayern und Sachsen-Anhalt entscheiden sich gegen die Luca-App
Google sued in US over 'deceptive' location tracking
UK govt releasing Nmap scripts to find unpatched vulnerabilities
FBI warns of malicious QR codes used to steal your money
Staff negligence is now a major reason for insider security incidents
Impulse für die sichere Digitalisierung Deutschlands: BSI richtet 18. Deutschen IT-Sicherheitskongress aus

Tipps & Links

Bundesservice Telekommunikation — enttarnt: Dieser Geheimdienst steckt dahinter
Windows Server 2022 absichern (Hardening)

Back to top