Archiv fĆ¼r MƤrz 2026

šŸ“„
security

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

von BrianKrebs ā€¢

The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets — named Aisuru, Kimwolf, JackSkid and Mossad — are responsible for a series of recent record-smashing distributed denial-of-service (DDoS) attacks capable of knocking nearly any target offline.

Mehr lesen ā†’
šŸ“„
pinball

PinShades ā€“ InterBlok @ Melt Yard

von IFPA STAFF ā€¢

sponsored blog post InterBlok @ Melt Yard – by Tommy Vernieri I ended up using an InterBlock to handle a stuck ball in our recent tournament at Marietta Melt Yard during the recent Southeast Flipper Festival (SEFF) in Marietta, GA. We had purchased two InterBloks and installed them in Metallica and The Flintstones. During the […]

Mehr lesen ā†’
šŸ“„
security

VMware-SicherheitslĆ¼cke von 2021 heute aktiv ausgenutzt

von (Melanie Staudacher) ā€¢

Derzeit laufen aktive Cyberangriffe, bei denen Hacker jahrealte SiĀ­cherĀ­heitsĀ­lĆ¼cken ausnutzen, darunter auch in VMware Workspace One UEM. Alle idenĀ­tiĀ­fizierten Schwachstellen haben eine enorm hohe AusnutzungsĀ­wahrĀ­scheinĀ­lichĀ­keit, was auf unzureichendes Patch-Management schlieƟen lƤsst.

Mehr lesen ā†’
šŸ“„
security

Palo Alto Networks enttarnt neue Cyberspionage-Gruppe

von (Melanie Staudacher) ā€¢

TGR-STA-1030 ist eine neu entdeckte Cyberspionage-Gruppe, die 2025 ReĀ­gierungsorganisationen in 37 LƤndern angegriffen hat. Die vermutlich staatĀ­lich unterstĆ¼tzten Akteure nutzen Phishing-Kampagnen und bekannte SchwachĀ­stellen aus.

Mehr lesen ā†’
šŸ“„
security

Zeitfaktor entscheidet Ć¼ber SchadensĀ­begrenzung bei Cyberangriffen

von Harald ā€¢

Viele isolierte Sicherheitstools erzeugen eine Flut von Warnmeldungen und erschweren die Korrelation von Ereignissen. SIEM-Plattformen brechen diese Silos auf: Sie fĆ¼hren Daten aus EDR, XDR, NDR und Identity-MaĀ­nageĀ­ment zentral zusammen, korrelieren Bedrohungen und ermƶglichen auĀ­toĀ­maĀ­tiĀ­sieĀ­rte Reaktionen durch SOAR ā€“ das verkĆ¼rzt MTTD und MTTR messbar.

Mehr lesen ā†’
šŸ“„
soc

CISA Adds One Known Exploited Vulnerability to Catalog

von CISA ā€¢

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. 

  • CVE-2026-20131 Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability

This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. 

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria

Mehr lesen ā†’