-
6th May: Old Enemies hiding in New Places: Fileless Malware +++ Happy Patch-Day, Android!
Old Enemies hiding in New Places: Fileless Malware Attackers have found a creative new way of challenging cyber safety on a daily basis – using event logs to hide fileless malware. Kaspersky researchers published a report on the new malware campaign last Wednesday. Let’s take a closer look: The unusual thing about the campaign was […]
-
29th April: Quantum ransomware really escalates quickly +++ Emotet is not dead yet! +++ Log4J – it ain’t over yet
Quantum ransomware really escalates quickly Quantum ransomware was first discovered in August 2021 and was now thoroughly analyzed by The DFIR Report, a security analyst group. The Quantum ransomware is considered fast and aggressive, leaving little time to react. According to the analyst report, the attack takes 3 hours and 44 minutes from initial infection […]
-
22nd April: Cyren Study shows little trust in E-mail Security ++ UEFI vulnerability in Lenovo consumer laptops detected ++ Lemon Duck Botnet exploits Docker APIs for Cryptomining
Cyren Study shows little trust in E-mail Security Inbox protection provider Cyren published its 2022 Benchmarking Survey in cooperation with Ostermann Research. The study was conducted with Microsoft 365 business users. It shows that about 89% of participants suffered one or more e-mail attacks within the last 12 months. About 21.6 e-mail breaches per organization […]
-
14th April: Mirai Malware uses Spring4Shell exploits ++ Qbot is back – and hides in MSI Windows Installer packages ++ Security Outcomes Study by Cisco published – bad news for German security
Mirai Malware uses Spring4Shell exploits The critical RCE vulnerability Spring4Shell is now being exploited by a Mirai botnet variant. While emergency updates helped solve the Spring4Shell a few days after it was made public, no reports of larger incidents are known so far. Trend Micro researchers have noticed the active exploitation of Spring4Shell – a […]
-
8th April: Hydra Market shut down ++ Attack on retail chain ++ Remote access malware “Borat”
BKA and American authorities shut down illegal darknet marketplace “Hydra Market” The server infrastructure of the world’s largest and probably oldest illegal darknet marketplace “Hydra Market” was shut down this Tuesday. A total of 543 Bitcoins with a value of around 23 million euros were seized. The German Federal Criminal Police in collaboration with US […]
-
1st April: EU vulnerabilities ++ A third of UK businesses suffer attacks every week ++ Lapsus$ continues breaches
EU institutions face cybersecurity vulnerabilities On March 29, 2022, the European Court of Auditors (ECA) stated that EU institutions need more protection against cyber-attacks. Their interconnected networks put them at greater risks now than ever before, yet the systems have “not achieved a level of cyber-preparedness commensurate with the threats.” The warning by the European […]
-
25th March: Lapsus$ strikes again: Microsoft source code stolen ++ 2022 Weak Password Report ++ HP printers show vulnerability
Lapsus$ strikes again: Microsoft source code stolen – Hundreds of companies potentially affected by Okta hack The hacker group Lapsus$ has made headlines once again. After attacking the game developer Ubisoft last week, the gang has now conducted another major breach, this week facing IT giant Microsoft. Having been attacked by Lapsus$ in late January […]
-
11th March: FDA Cybersecurity alert ++ Google takes over Mandiant ++ Joint security guidance for data centre operators and users
FDA Cybersecurity alert: medical IoT devices might be compromised On March 8th, the FDA, the US Food & Drug Administration issued a cybersecurity warning: Axeda Agent and Axeda Desktop Servers show vulnerabilities affecting over 150 devices from well-known vendors. The medical device software components are used for the remote maintenance of medical IoT products such […]
-
4th March: Germany and UK raise Cyber threat level ++ 14 Toyota factories shut down ++ New US legislation forces reporting of cyberattacks and ransomware
Germany and UK raise Cyber threat level BSI, Germans Federal Office for Information Security, as well as its British counterpart, National Cyber Security Centre (NCSC) have officially raised the national cyber threat level. BSI states that there is no direct threat detected, but the situation can change quickly. It has reached out to government institutions […]
-
18th February: Data leak found by Chaos Computer Club ++ DDoS attack on Ukrainian Defense Ministry ++ Government officials in Asia targeted by OneDrive malware
Chaos Computer Clubs finds more than 50 leaks – and 6.4 million personal data records Chaos Computer Clubs finds more than 50 leaks – and 6.4 million personal data recordsOn February 14th, German based non-profit organization Chaos Computer Club (CCC), specialized on research on security and privacy aspects of technology, published the result of its […]