Kontrovers disskutiert diese Woche die Warnung des BSI vor Kaspersky.

Vulnerabilities & Patches

• New Linux Bug in Netfilter Firewall Module Lets Attackers Gain Root Access
• 'Dirty Pipe' Linux Flaw Affects a Wide Range of QNAP NAS Devices
• Unpatched RCE Bug in dompdf Project Affects HTML to PDF Converters
• iOS und iPadOS 15.4 sowie macOS 12.3 veröffentlicht
• Kritische Schwachstellen in Veeam Backup & Replication

  Incidents

• Electron Bot: Malware im Microsoft Store infiziert über 5.000 Maschinen
• Hundreds of GoDaddy-hosted sites backdoored in a single day

  Cybercrime

• AA22-074A: Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability
• Fake antivirus updates used to deploy Cobalt Strike in Ukraine
• SATCOM Cybersecurity Alert Issued as Authorities Probe Possible Russian Attack
• Viasat, Rosneft hit by cyberattacks
• Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet
• Hackers Target German Branch of Russian Oil Giant Rosneft | SecurityWeek.Com
• Google exposes tactics of a Conti ransomware access broker
• Russia’s disinformation uses deepfake video of Zelenskyy telling people to lay down arms

  Malware

• Prophet Spider Exploits Citrix ShareFile to Deploy Webshell
• Microsoft veröffentlicht Tool für MikroTik Trickbot-Infektionen
• Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure

  Cybernews

• BSI warnt vor dem Einsatz von Kaspersky-Virenschutzprodukten
• Experte: Deutschland schlechter gegen Cyberkrieg gerüstet als Ukraine
• Russia faces IT crisis with just two months of data storage left
• Staff Think Conti Group Is a Legit Employer – Podcast

  Tipps & Links

• https://thehive-project.org/
• https://intelowlproject.github.io/
• https://www.opencti.io/en/