Tageszusammenfassung - 10.09.2024
End-of-Day report
Timeframe: Montag 09-09-2024 18:00 - Dienstag 10-09-2024 18:00 Handler: Alexander Riepl Co-Handler: n/aNews
Quad7 botnet targets more SOHO and VPN routers, media servers
The Quad7 botnet is expanding its targeting scope with the addition of new clusters and custom implants that now also target Zyxel VPN appliances and Ruckus wireless routers.NoName ransomware gang deploying RansomHub malware in recent attacks
The NoName ransomware gang has been trying to build a reputation for more than three years targeting small and medium-sized businesses worldwide with its encryptors and may now be working as a RansomHub affiliate.Trustwave SpiderLabs Research: 20% of Ransomware Attacks in Financial Services Target Banking Institutions
The 2024 Trustwave Risk Radar Report: Financial Services Sector underscores the escalating threat landscape facing the industry.Russias top-secret military unit reportedly plots undersea cable sabotage
US alarmed by heightened Kremlin naval activity worldwide Russias naval activity near undersea cables is reportedly drawing the scrutiny of US officials, further sparking concerns that the Kremlin may be plotting to "sabotage" underwater infrastructure via a secretive, dedicated military unit called the General Staff Main Directorate for Deep Sea Research (GUGI).https://www.theregister.com/2024/09/09/russia_readies_submarine_cable_sabotage/
Phishing Via Typosquatting and Brand Impersonation: Trends and Tactics
Introduction Following the 2024 ThreatLabz Phishing Report, Zscaler ThreatLabz has been closely tracking domains associated with typosquatting and brand impersonation - common techniques used by threat actors to proliferate phishing campaigns. Typosquatting involves registering domains with misspelled versions of popular websites or ..Slim CD Data Breach Impacts 1.7 Million Individuals
Slim CD says the personal and credit card information of 1.7 million was compromised in a ten-month-long data breach.https://www.securityweek.com/slim-cd-data-breach-impacts-1-7-million-individuals/
Study Finds Excessive Use of Remote Access Tools in OT Environments
The excessive use of remote access tools in OT environments can increase the attack surface, complicate identity management, and hinder visibility.https://www.securityweek.com/study-finds-excessive-use-of-remote-access-tools-in-ot-environments/
Smart home security advice. Ring, SimpliSafe, Swann, and Yale
Introduction This guide covers the security of smart home security products from Ring, Yale, Swann, and SimpliSafe. Whether you-re looking to monitor your property remotely, enhance your home-s security, or ..Firmen überschätzen eigene Abwehrbereitschaft gegen Hacker
Laut einer aktuellen Studie zahlten 86 Prozent der befragten Firmen im vergangenen Jahr "Lösegeld", nachdem ihre Systeme infiziert wurdenThreat Assessment: North Korean Threat Groups
Explore Unit 42s review of North Korean APT groups and their impact, detailing the top 10 malware and tools weve seen from these threat actors.https://unit42.paloaltonetworks.com/threat-assessment-north-korean-threat-groups-2024/
Threat Assessment: Repellent Scorpius, Distributors of Cicada3301 Ransomware
Repellent Scorpius distributes Cicada3301 ransomware, using double extortion and targeting global victims since May 2024. We break down their toolset and more.https://unit42.paloaltonetworks.com/repellent-scorpius-cicada3301-ransomware/
August 2024-s Most Wanted Malware: RansomHub Reigns Supreme While Meow Ransomware Surges
Check Point-s latest threat index reveals RansomHub-s continued dominance and Meow ransomware-s rise with novel tactics and significant impact. Check Point-s Global Threat Index for August 2024 revealed ransomware remains a dominant force, with RansomHub sustaining its position as the top ransomware group. This Ransomware-as-a-Service (RaaS) ..CISA says SonicWall bug being exploited as experts warn of ransomware gang use
Federal cybersecurity experts are warning that a vulnerability affecting products from SonicWall is being exploited, and ordered all federal civilian agencies to implement a patch for the bug by the end of the month.https://therecord.media/cisa-orders-patching-of-sonicwall-bug-ransomware