Inzwischen haben es Angreifer vermehrt auf Industrielle Steuerungssysteme und Kritische Infrastrukturen abgesehen. Wie auch der Hack auf die Windkraftbetreiber Nordex und Windkraft AG zeigt!
Vulnerabilities & Patches
- Microsoft April 2022 Patch Tuesday - SANS Internet Storm Center
- SAP Releases Patches for Spring4Shell Vulnerability | SecurityWeek.Com
- VMware Releases Patches for Critical Vulnerabilities Affecting Multiple Products
- Critical Auth Bypass Bug Reported in Cisco Wireless LAN Controller Software
- Critical bug allows medical robot to be remotely controlled
Incidents
- Cyberangriffe auf Nordex und die Windkraft AG
- GitHub: Attacker breached dozens of orgs using stolen OAuth tokens
Cybercrime
- RaidForums hacking forum seized by police, owner arrested
- Senior EU Officials Were Targeted With Israeli Spyware
- U.S. Warns New Sophisticated Malware Can Target ICS/SCADA Devices | SecurityWeek.Com
- Feds Uncover a 'Swiss Army Knife' for Hacking Industrial Systems
- Conti Ransomware Gang claims responsibility for the Nordex hack
- Karakurt data thieves linked to larger Conti hacking group
- Russian Hackers Tried Attacking Ukraine's Power Grid with Industroyer2 Malware
Malware
Cybernews
- Cisco's Webex phoned home audio telemetry even when muted
- Microsoft’s Autopatch feature improves the patch management process
- OpenSSH goes Post-Quantum, switches to qubit-busting crypto by default