End-of-Day report
Timeframe: Dienstag 16-07-2024 18:00 - Mittwoch 17-07-2024 18:00
Handler: Alexander Riepl
Co-Handler: n/a
News
Scattered Spider Adopts RansomHub and Qilin Ransomware for Cyber Attacks
The infamous cybercrime group known as Scattered Spider has incorporated ransomware strains such as RansomHub and Qilin into its arsenal, Microsoft has revealed. Scattered Spider is the designation given to a threat actor that's known for its ..
https://thehackernews.com/2024/07/scattered-spider-adopts-ransomhub-and.html
Ransomware continues to pile on costs for critical infrastructure victims
Millions more spent without any improvement in recovery times Costs associated with ransomware attacks on critical national infrastructure (CNI) organizations skyrocketed in the past year.
https://www.theregister.com/2024/07/17/ransomware_continues_to_pile_on/
Anlagebetrug: Vorsicht vor E-Mails mit Entschädigungsversprechen
Sie haben in der Vergangenheit durch Anlagebetrug Geld verloren? Vorsicht: Sie sind noch immer im Visier von Kriminellen. Diese kontaktieren nämlich ehemalige Opfer mit der Behauptung, dass Ihr Geld gefunden wurde. Ignorieren Sie solche Angebote und gehen Sie nicht darauf ein, sonst verlieren Sie erneut Geld!
https://www.watchlist-internet.at/news/anlagebetrug-vorsicht-vor-e-mails-mit-entschaedigungsversprechen/
-GhostEmperor- returns: Mysterious Chinese hacking group spotted for first time in two years
An elusive and highly covert Chinese hacking group tracked as GhostEmperor - notorious for its sophisticated supply-chain attacks targeting telecommunications and government entities in Southeast Asia - has been spotted for the first time in more than two years. And according to the researchers, the group has gotten even better at evading detection.
https://therecord.media/ghostemperor-spotted-first-time-in-two-years
Reverse-Proxy-Phishing-Angriffe trotz Phishing-Schutz
Weltweit lässt sich eine Zunahme von Phishing und Reverse-Proxy-Phishing-Angriffen konstatieren. Anbieter von Sicherheitslösungen haben damit begonnen, fortschrittlichere Erkennungsmethoden zu implementieren. Aber reicht das aus, um entschlossene und ausgebuffte Angreifer abzuwehren? Kuba Gretzky hat sich auf der ..
https://www.borncity.com/blog/2024/07/17/reverse-proxy-phishing-angriffe-anti-phishing-schutz/
Private HTS Program Continuously Used in Attacks
AhnLab SEcurity intelligence Center (ASEC) has previously covered a case where Quasar RAT was distributed through private home trading systems (HTS) in the blog post -Quasar RAT Being Distributed by Private HTS Program-. The same threat actor has been continuously distributing malware, and attack cases have been confirmed even recently. Similar to the previous ..
https://asec.ahnlab.com/en/67969/
Root-Sicherheitslücke bedroht KI-Gadget Rabbit R1
Angreifer können das KI-Gadget Rabbit R1 über den Android-Exploit Kamakiri komplett kompromittieren. Bislang gibt es keinen Sicherheitspatch.
https://heise.de/-9803666
Vulnerabilities
DSA-5731-1 linux - security update
https://lists.debian.org/debian-security-announce/2024/msg00142.html
Oracle Critical Patch Update Advisory - July 2024
https://www.oracle.com/security-alerts/cpujul2024.html
Security Vulnerabilities fixed in Thunderbird 115.13
https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/
Security Vulnerabilities fixed in Thunderbird 128
https://www.mozilla.org/en-US/security/advisories/mfsa2024-32/