-
August 12th: Processors contain vulnerabilities +++ Open Cybersecurity Schema Framework +++ Vulnerabilities and updates of the week
After Spectre and Meltdown, it is now Æpicleak’s and SQUIP’s turn Processors from AMD and Intel contain vulnerabilities that attackers can use to leak data. They were found by researchers of Sapienza University of Rome, the Graz University of Technology, the CISPA Helmholtz Center for Information Security, and Amazon Web Services. The first vulnerability – […]
-
IT-Security aus erster Hand – Aus Cyberangriffen lernen
Stefan Würtemberger Stefan Würtemberger ist Vice President Information Technology bei Marabu Inks und Mitglied des CyberCompare Beirats. In seiner mehr als 20-jährigen Karriere in der IT von Industrieunternehmen und deren Absicherung hat er viele verschiedene Situationen erlebt. Er berichtet offen über die Cyber-Attacken auf Marabu und wie das Unternehmen diese bewältigen konnte. Zudem hat er […]
-
August 8th: Nozomi Networks OT/IoT Security Report +++ Data exfiltration via bookmark syncing +++ Malware campaign in GitHub repos +++ Patch priority index July 2022
Nozomi Networks OT/IoT Security Report Nozomi Networks has released their semi-annual OT/IoT Security Report, covering the threat and vulnerability landscape for the first half of 2022. In this report, they break down the threat landscape, including: A review of the current state of OT/IoT cybersecurity Trends in the threat landscape (plus timeline), and solutions for […]
-
14th April: Mirai Malware uses Spring4Shell exploits ++ Qbot is back – and hides in MSI Windows Installer packages ++ Security Outcomes Study by Cisco published – bad news for German security
Mirai Malware uses Spring4Shell exploits The critical RCE vulnerability Spring4Shell is now being exploited by a Mirai botnet variant. While emergency updates helped solve the Spring4Shell a few days after it was made public, no reports of larger incidents are known so far. Trend Micro researchers have noticed the active exploitation of Spring4Shell – a […]
-
8th April: Hydra Market shut down ++ Attack on retail chain ++ Remote access malware „Borat“
BKA and American authorities shut down illegal darknet marketplace „Hydra Market” The server infrastructure of the world’s largest and probably oldest illegal darknet marketplace „Hydra Market“ was shut down this Tuesday. A total of 543 Bitcoins with a value of around 23 million euros were seized. The German Federal Criminal Police in collaboration with US […]