Tageszusammenfassung - 30.09.2024

End-of-Day report

Timeframe: Freitag 27-09-2024 18:00 - Montag 30-09-2024 18:00 Handler: Alexander Riepl Co-Handler: n/a

News

US-Wahlkampf: Anklage wegen des Hacks der Trump-Kampagne erhoben

Drei Männer müssen sich vor Gericht wegen des Cyberangriffs auf das Wahlkampfteam von Donald Trump verantworten.

https://www.golem.de/news/us-wahlkampf-anklage-wegen-des-hacks-der-trump-kampagne-erhoben-2409-189365.html

How to Know if Your Website Is Hacked

Whether you manage a gaming blog, an e-commerce platform, or an enterprise-level website you probably want to be able to detect infections when they occur. A hacked website can lead to financial loss, disruption of business operations, and the exposure of confidential information. The key is acting fast once you discover possible ..

https://blog.sucuri.net/2024/09/how-do-website-owners-know-that-their-website-is-hacked.html

If youre holding important data, Iran is probably trying spearphish it

Its election year for more than 50 countries and the Islamic Republic threatens a bunch of them US and UK national security agencies are jointly warning about Iranian spearphishing campaigns, which remain an ongoing threat to various industries and governments.

https://www.theregister.com/2024/09/30/iran_spearphishing/

The Pig Butchering Invasion Has Begun

Scamming operations that once originated in Southeast Asia are now proliferating around the world, likely raking in billions of dollars in the process.

https://www.wired.com/story/pig-butchering-scam-invasion/

Eliminating Memory Safety Vulnerabilities at the Source

Memory safety vulnerabilities remain a pervasive threat to software security. At Google, we believe the path to eliminating this class of vulnerabilities at scale and building high-assurance software lies in Safe Coding, a secure-by-design approach that prioritizes transitioning ..

http://security.googleblog.com/2024/09/eliminating-memory-safety-vulnerabilities-Android.html

The Data Breach Disclosure Conundrum

The conundrum I refer to in the title of this post is the one faced by a breached organisation: disclose or suppress? And let me be even more specific: should they disclose to impacted individuals, or simply never let them know?

https://www.troyhunt.com/the-data-breach-disclosure-conundrum/

How can you protect your data, privacy, and finances if your phone gets lost or stolen?

Steps to take when your device is lost or stolen TL;DR This is a guide to help prepare for a situation where your mobile device is lost or stolen, including ..

https://www.pentestpartners.com/security-blog/how-can-you-protect-your-data-privacy-and-finances-if-your-phone-gets-lost-or-stolen/

Cyber Security Month: Stärken Sie Ihr Wissen

Im Oktober dreht sich alles um das Thema Cybersicherheit. Nutzen Sie die Gelegenheit, um Ihr Wissen über Phishing, Schadsoftware und andere Cyberbedrohungen aufzufrischen.

https://www.watchlist-internet.at/news/cyber-security-month-2024/

Nitrogen Campaign Drops Sliver and Ends With BlackCat Ransomware

In November 2023, we identified a BlackCat ransomware intrusion started by Nitrogen malware hosted on a website impersonating Advanced IP ..

https://thedfirreport.com/2024/09/30/nitrogen-campaign-drops-sliver-and-ends-with-blackcat-ransomware/

Datenschutzvorfall bei GlobalSign (Sept. 2024)

Der Anbieter GlobalSign musste gegenüber einigen Kunden einen Datenschutzvorfall eingestehen. Bei deren Customer Relationship Management Platform (CRM) kam es zu einer Fehlkonfigurierung, so dass ein ..

https://www.borncity.com/blog/2024/09/30/datenschutzvorfall-bei-globalsign-sept-2024/

Facial DNA provider leaks biometric data via WordPress folder

ChiceDNA exposed 8,000 sensitive records, including biometric images, personal details, and facial DNA data in an unsecured WordPress-

https://hackread.com/facial-dna-provider-leak-biometric-data-wordpress-folder/

Vulnerabilities

Local Privilege Escalation mittels MSI Installer in Nitro PDF Pro

https://sec-consult.com/de/vulnerability-lab/advisory/local-privilege-escalation-mittels-msi-installer-in-nitro-pdf-pro/