===================== = End-of-Day report = =====================
Timeframe: Donnerstag 04-09-2025 18:00 − Freitag 05-09-2025 18:00 Handler: Alexander Riepl Co-Handler: n/a
===================== = News = =====================
∗∗∗ The number of mis-issued 1.1.1.1 certificates grows. Here’s the latest. ∗∗∗ --------------------------------------------- Everything to know about the mishap that threatened to expose millions of users queries. --------------------------------------------- https://arstechnica.com/information-technology/2025/09/the-number-of-mis-iss...
∗∗∗ Max severity Argo CD API flaw leaks repository credentials ∗∗∗ --------------------------------------------- An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve all repository credentials associated with the project. --------------------------------------------- https://www.bleepingcomputer.com/news/security/max-severity-argo-cd-api-flaw...
∗∗∗ Seit Mai 2024 bekannt: TP-Link bestätigt Zero-Day-Lücke in Archer-Routern ∗∗∗ --------------------------------------------- Es sind auch hierzulande angebotene TP-Link-Modelle betroffen. Angreifer können unter Umständen aus der Ferne Schadcode einschleusen. --------------------------------------------- https://www.golem.de/news/seit-mai-2024-bekannt-tp-link-bestaetigt-zero-day-...
∗∗∗ IT threat evolution in Q2 2025. Mobile statistics ∗∗∗ --------------------------------------------- The report contains statistics on mobile threats (malware, adware, and unwanted software for Android) for Q2 2025, as well as a description of the most notable malware types identified during the reporting period. --------------------------------------------- https://securelist.com/malware-report-q2-2025-mobile-statistics/117349/
∗∗∗ IT threat evolution in Q2 2025. Non-mobile statistics ∗∗∗ --------------------------------------------- The report presents statistics for Windows, macOS, IoT, and other threats, including ransomware, miners, local and web-based threats, for Q2 2025. --------------------------------------------- https://securelist.com/malware-report-q2-2025-pc-iot-statistics/117421/
∗∗∗ SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild ∗∗∗ --------------------------------------------- A critical security vulnerability impacting SAP S/4HANA, an Enterprise Resource Planning (ERP) software, has come under active exploitation in the wild.The command injection vulnerability, tracked as CVE-2025-42957 (CVSS score: 9.9), was fixed by SAP as part of .. --------------------------------------------- https://thehackernews.com/2025/09/sap-s4hana-critical-vulnerability-cve.html
∗∗∗ Schwachstellen: KI- und Netzwerktechnik von Nvidia ist angreifbar ∗∗∗ --------------------------------------------- Sicherheitsupdates schließen Lücken in unter anderem Nvidias KI-Plattformen DGX und HGX. --------------------------------------------- https://www.heise.de/news/Sicherheitsluecken-Nvidia-KI-und-Netzwerktechnik-a...
∗∗∗ Stealerium-Malware macht heimlich Webcam-Fotos für Erpressung ∗∗∗ --------------------------------------------- Die frei verfügbare Malware Stealerium erkennt Pornokonsum und fertigt heimlich Webcam-Aufnahmen an. Cyberkriminelle nutzen die Fotos für Erpressung. --------------------------------------------- https://www.heise.de/news/Malware-fotografiert-Nutzer-heimlich-bei-Porno-Kon...
∗∗∗ Cyberattack forces Jaguar Land Rover to tell staff to stay at home ∗∗∗ --------------------------------------------- Luxury automaker Jaguar Land Rover says employees should stay home through the weekend as it works to mitigate the impact of a cyberattack. --------------------------------------------- https://therecord.media/jaguar-land-rover-cyberattack-workers-stay-home
∗∗∗ SEO fraud-as-a-service scheme hijacks Windows servers to promote gambling websites ∗∗∗ --------------------------------------------- A malware campaign dubbed GhostRedirector by researchers at ESET attempts to compromise websites to drive traffic to gambling sites. --------------------------------------------- https://therecord.media/seo-scheme-windows-malware-gambling-sites-ghostredir...
∗∗∗ Scammers Exploit Grok AI With Video Ad Scam to Push Malware on X ∗∗∗ --------------------------------------------- Researchers at Guardio Labs have uncovered a new “Grokking” scam where attackers trick Grok AI into spreading malicious… --------------------------------------------- https://hackread.com/scammers-exploit-grok-ai-video-ad-scam-x-malware/
∗∗∗ Microsoft erzwingt mehr Multifaktorauthentifizierung ∗∗∗ --------------------------------------------- Microsoft aktualisiert die Pläne für "Phase 2" der erzwungenen Multifaktorauthentifizierung für Azure. Am 1.10. sind mehr Dienste fällig. --------------------------------------------- https://heise.de/-10633932
∗∗∗ Czechia Warns of Chinese Data Transfers and Remote Administration for Espionage ∗∗∗ --------------------------------------------- Czechia’s national cybersecurity watchdog has issued a warning about foreign cyber operations, focussed on Chinese data transfers and remote administration, urging both government bodies and private businesses to bolster defenses amid rising espionage campaigns tied to China and Russia. The alert, published this week by the National Cyber and I.. --------------------------------------------- https://thecyberexpress.com/czechia-warns-of-chinese-data-transfer/
===================== = Vulnerabilities = =====================
∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by Fedora (udisks2), Oracle (httpd:2.4 and kernel), Red Hat (python-requests), and SUSE (chromium, gn, dcmtk, firefox, himmelblau, nginx, perl-Authen-SASL, perl-Crypt-URandom, postgresql15, python-Django, and python-maturin). --------------------------------------------- https://lwn.net/Articles/1036907/