===================== = End-of-Day report = =====================
Timeframe: Donnerstag 12-02-2026 18:00 − Freitag 13-02-2026 18:00 Handler: Michael Schlagenhaufer Co-Handler: Felician Fuchs
===================== = News = =====================
∗∗∗ Microsoft: New Windows LNK spoofing issues arent vulnerabilities ∗∗∗ --------------------------------------------- Today, at Wild West Hackin Fest, security researcher Wietze Beukema disclosed multiple vulnerabilities in Windows LK shortcut files that allow attackers to deploy malicious payloads. --------------------------------------------- https://www.bleepingcomputer.com/news/microsoft/microsoft-new-windows-lnk-sp...
∗∗∗ Ivanti EPMM Zero-Day Bugs Spark Exploit Frenzy — Again ∗∗∗ --------------------------------------------- A handful of European government agencies have been compromised by hackers in recent weeks, thanks to a new round of critical vulnerabilities in an Ivanti product — and it's another grim reminder of the heyday attackers have been having with edge devices. --------------------------------------------- https://www.darkreading.com/endpoint-security/ivanti-epmm-zero-day-bugs-expl...
∗∗∗ 37 Millionen Downloads: 287 Chrome-Extensions bei der Spionage erwischt ∗∗∗ --------------------------------------------- Forscher haben den Traffic zahlreicher Chrome-Erweiterungen analysiert. 287 davon spionieren für Datenbroker das Surfverhalten aus. --------------------------------------------- https://www.golem.de/news/37-millionen-downloads-287-chrome-extensions-bei-d...
∗∗∗ Bypassing Administrator Protection by Abusing UI Access ∗∗∗ --------------------------------------------- In my last blog post I introduced the new Windows feature, Administrator Protection and how it aimed to create a secure boundary for UAC where one didn’t exist. I described one of the ways I was able to bypass the feature before it was released. In total I found 9 bypasses during my research that have now all been fixed.In this blog post I wanted to describe the root cause of 5 of those 9 issues, specifically the implementation of UI Access, how this has been a long standing problem with UAC that’s been under-appreciated, and how it’s being fixed now. --------------------------------------------- https://projectzero.google/2026/02/windows-administrator-protection.html
∗∗∗ IPFire stellt freie Domain-Blockliste DBL vor ∗∗∗ --------------------------------------------- Die IPFire-Entwickler haben mit DBL eine kategorisierte Domain-Blockliste veröffentlicht. Sie soll Malware, Phishing und Tracker blockieren. --------------------------------------------- https://www.heise.de/news/IPFire-stellt-freie-Domain-Blockliste-DBL-vor-1117...
∗∗∗ How to find and remove credential-stealing Chrome extensions ∗∗∗ --------------------------------------------- Researchers have uncovered 30 Chrome extensions stealing user data. Here’s how to check your browser and remove any malicious extensions step by step. --------------------------------------------- https://www.malwarebytes.com/blog/news/2026/02/how-to-find-and-remove-creden...
∗∗∗ Vorsicht, Trojaner! Kursierende Nachrichten zu Urheberrechtsverletzungen sind Fakes! ∗∗∗ --------------------------------------------- Mit Phishing-Nachrichten im Namen real existierender Unternehmen versuchen Kriminelle aktuell, Schadsoftware auf die Endgeräte ihrer Opfer zu schummeln. Die erhobenen Anschuldigungen sind natürlich frei erfunden, das angehängte Dokument ist allerdings hochgefährlich. --------------------------------------------- https://www.watchlist-internet.at/news/vorsicht-trojaner-urheberrechtsverlet...
∗∗∗ Urgent warnings from UK and US cyber agencies after Polish energy grid attack ∗∗∗ --------------------------------------------- A coordinated cyberattack that targeted Polands energy infrastructure in late December 2025 has prompted cybersecurity agencies to issue urgent warnings to critical national infrastructure operators on both sides of the Atlantic. --------------------------------------------- https://www.fortra.com/blog/urgent-warnings-uk-and-us-cyber-agencies-after-p...
∗∗∗ Naming and shaming: How ransomware groups tighten the screws on victims ∗∗∗ --------------------------------------------- When corporate data is exposed on a dedicated leak site, the consequences linger long after the attack fades from the news cycle. --------------------------------------------- https://www.welivesecurity.com/en/ransomware/naming-shaming-ransomware-group...
∗∗∗ Lawful access to encrypted data: why is this so hard to do? ∗∗∗ --------------------------------------------- As I am now a member of the EU expert group which is tasked with coming up with a solution, I have been thinking a lot about this problem. An interesting train of thought turned out to be the question “We managed to give Law Enforcement (LE) wiretapping powers in old-style phone networks, but not in modern, Internet-based communication services. Why?” --------------------------------------------- https://www.cert.at/en/blog/2026/2/lawful-access-to-encrypted-data-why-is-th...
∗∗∗ 8,000+ ChatGPT API Keys Left Publicly Accessible ∗∗∗ --------------------------------------------- The rapid integration of artificial intelligence into mainstream software development has introduced a new category of security risk, one that many organizations are still unprepared to manage. According to research conducted by Cyble Research and Intelligence Labs (CRIL), thousands of exposed ChatGPT API keys are currently accessible across public infrastructure, dramatically lowering the barrier for abuse. CRIL identified more than 5,000 publicly accessible GitHub repositories containing --------------------------------------------- https://thecyberexpress.com/exposed-chatgpt-api-keys-github-websites/
===================== = Vulnerabilities = =====================
∗∗∗ Jetzt patchen! Angreifer attackieren BeyondTrust-Fernwartungslösungen ∗∗∗ --------------------------------------------- Angreifer nutzen eine kritische Schadcode-Lücke in BeyondTrust Remote Support und Privileged Remote Access aus. Sicherheitspatches sind verfügbar. --------------------------------------------- https://www.heise.de/news/Jetzt-patchen-Angreifer-attackieren-BeyondTrust-Fe...
∗∗∗ Qnap-NAS: Unbefugte Dateisystemzugriffe möglich ∗∗∗ --------------------------------------------- Sicherheitspatches für die NAS-Betriebssysteme QTS und QuTS hero von Qnap schließen mehrere Lücken. --------------------------------------------- https://www.heise.de/news/Qnap-NAS-Unbefugte-Dateisystemzugriffe-moeglich-11...
∗∗∗ LWN Security updates for Friday ∗∗∗ --------------------------------------------- https://lwn.net/Articles/1058642/