===================== = End-of-Day report = =====================
Timeframe: Montag 04-11-2024 18:00 − Dienstag 05-11-2024 18:00 Handler: Alexander Riepl Co-Handler: n/a
===================== = News = =====================
∗∗∗ Windows Server 2025 released—here are the new features ∗∗∗ --------------------------------------------- Microsoft has announced that Windows Server 2025, the latest version of its server operating system, is generally available starting Friday, November 1st. --------------------------------------------- https://www.bleepingcomputer.com/news/microsoft/windows-server-2025-released...
∗∗∗ Nokia investigates breach after hacker claims to steal source code ∗∗∗ --------------------------------------------- Nokia is investigating whether a third-party vendor was breached after a hacker claimed to be selling the companys stolen source code. --------------------------------------------- https://www.bleepingcomputer.com/news/security/nokia-investigates-breach-aft...
∗∗∗ Google fixes two Android zero-days used in targeted attacks ∗∗∗ --------------------------------------------- Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51 vulnerabilities. --------------------------------------------- https://www.bleepingcomputer.com/news/security/google-fixes-two-android-zero...
∗∗∗ Angriff auf Schneider Electric: Hungrige Hacker fordern Baguettes als Lösegeld ∗∗∗ --------------------------------------------- Die Angreifer behaupten, über 40 GBytes an Daten von Schneider Electric erbeutet zu haben. Ihre Forderung: 125.000 US-Dollar in Form von Baguettes. --------------------------------------------- https://www.golem.de/news/angriff-auf-schneider-electric-hungrige-hacker-for...
∗∗∗ Olympia-Kassensysteme: Registrierkassen seit drei Jahren ohne Sicherheitsupdates ∗∗∗ --------------------------------------------- Registrierkassen der Marke Olympia laufen auf Android 11 und bergen Risiken für den Zahlungsverkehr. --------------------------------------------- https://www.golem.de/news/olympia-kassensysteme-registrierkassen-seit-drei-j...
∗∗∗ Python RAT with a Nice Screensharing Feature ∗∗∗ --------------------------------------------- While hunting, I found another interesting Python RAT in the wild. This is not brand new because the script was released two years ago. The script I found is based on the same tool and still .. --------------------------------------------- https://isc.sans.edu/diary/Python+RAT+with+a+Nice+Screensharing+Feature/3141...
∗∗∗ Maritime lawyers assemble! ∗∗∗ --------------------------------------------- Maritime cyber insurance has been playing catch-up with maritime cyber security for a while now. It was all pretty good until the availability of cheap VSAT meant that ships .. --------------------------------------------- https://www.pentestpartners.com/security-blog/maritime-lawyers-assemble/
∗∗∗ In final check-in before Election Day, CISA cites low-level threats, and not much else ∗∗∗ --------------------------------------------- Incidents to date have included “low level” distributed denial-of-service activity, criminal destruction of ballot drop boxes and continued threats targeting election officials, CISA Director Jen Easterly .. --------------------------------------------- https://therecord.media/cisa-2024-presidential-election-threats
∗∗∗ Smart Cities gegen Cyberattacken resilient machen ∗∗∗ --------------------------------------------- Ob es uns gefällt oder nicht – Städte weltweit wandeln sich in sogenannte "Smart Cities". Die Protagonisten versprechen Innovation, Nachhaltigkeit und digitales Wachstum. Aber diese Infrastruktur bzw. die .. --------------------------------------------- https://www.borncity.com/blog/2024/11/05/smart-cities-gegen-cyberattacken-re...
∗∗∗ SOC Around the Clock: World Tour Survey Findings ∗∗∗ --------------------------------------------- Trend surveyed 750 cybersecurity professionals in 49 countries to learn more about the state of .. --------------------------------------------- https://www.trendmicro.com/en_us/research/24/k/world-tour-survey-results.htm...
===================== = Vulnerabilities = =====================
∗∗∗ Security updates for Tuesday ∗∗∗ --------------------------------------------- Security updates have been issued by AlmaLinux (firefox, openexr, and thunderbird), Fedora (llama-cpp and python-quart), Oracle (firefox, openexr, thunderbird, and xorg-x11-server and xorg-x11-server-Xwayland), SUSE (chromium, govulncheck-vulndb, openssl-1_1, python311, and python312), and Ubuntu (linux-azure, linux-bluefield, linux-azure, linux-gcp, linux-ibm, openjpeg2, and ruby3.0, ruby3.2, ruby3.3). --------------------------------------------- https://lwn.net/Articles/997030/