===================== = End-of-Day report = =====================

Timeframe: Dienstag 03-03-2026 18:00 − Mittwoch 04-03-2026 18:00 Handler: Guenes Holler Co-Handler: Michael Schlagenhaufer

===================== = News = =====================

∗∗∗ Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations ∗∗∗ --------------------------------------------- The intrusions, identified by Huntress last month across five partner organizations, involved the threat actors using email spam as lures, followed by a phone call from an IT desk that activates a layered malware delivery pipeline. --------------------------------------------- https://thehackernews.com/2026/03/fake-tech-support-spam-deploys.html

∗∗∗ Angriffe auf VMware Aria Operations beobachtet ∗∗∗ --------------------------------------------- In der vergangenen Woche hatte Broadcom eine Warnung veröffentlicht, die Sicherheitslecks in VMware Aria Operations betraf. Die Software kommt auch in Cloud Foundation, Telco Cloud Platform, Telco Cloud Infrastructure und vSphere Foundation zum Einsatz, sodass auch diese verwundbar sind. Die CISA meldet nun Angriffe auf eine Schwachstelle, die nicht authentifizierten Akteuren das Ausführen beliebiger Befehle und in der Folge von beliebigem Schadcode aus dem Netz in VMware Aria Operations ermöglicht. --------------------------------------------- https://www.heise.de/news/Angriffe-auf-VMware-Aria-Operations-beobachtet-111...

∗∗∗ ESC-Tickets: Hohes Risiko bei Kauf über hellotickets.de! ∗∗∗ --------------------------------------------- Bis zum großen Spektakel des Eurovision Song Contest (ESC) sind es noch knapp zwei Monate. Alle Shows sind bereits ausverkauft. Dennoch werden auf der Website hellotickets.de vermeintlich weiterhin Eintrittskarten angeboten. --------------------------------------------- https://www.watchlist-internet.at/news/esc-tickets-hohes-risiko-hellotickets...

∗∗∗ Telegram Increasingly Used to Sell Access, Malware and Stolen Logs ∗∗∗ --------------------------------------------- Cybercriminals are now increasingly using Telegram to sell corporate access, malware subscriptions, and stealer logs, turning the messaging app into a fast cybercrime hub. --------------------------------------------- https://hackread.com/telegram-used-sell-access-malware-stolen-logs/

===================== = Vulnerabilities = =====================

∗∗∗ Cisco Security Advisories 2026 Mar 04 ∗∗∗ --------------------------------------------- On March 4, 2026, Cisco released 27 new security advisories. Two of these advisories impact the Cisco Firewall Management Center and have been classified as critical (Authentication Bypass CVE-2026-20079 and Remote Code Execution CVE-2026-20131). --------------------------------------------- https://sec.cloudapps.cisco.com/security/center/publicationListing.x

∗∗∗ Vulnerability & Patch Roundup — February 2026 ∗∗∗ --------------------------------------------- To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this past month. --------------------------------------------- https://blog.sucuri.net/2026/02/vulnerability-patch-roundup-february-2026.ht...

∗∗∗ LWN: Security updates for Wednesday ∗∗∗ --------------------------------------------- https://lwn.net/Articles/1061295/

∗∗∗ [R1] Nessus Manager Versions 10.10.3 and 10.11.3 Fix One Vulnerability ∗∗∗ --------------------------------------------- https://www.tenable.com/security/tns-2026-08