News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Teamviewer reports cyberattack
B2B Cyber ​​Security ShortNews

As early as June 26, 2024, the security team of the remote service provider Teamviewer discovered an "anomalies" in their IT structure. It is now clear that there was a cyberattack by the APT group Midnight Blizzard. The specialist for remote and support access for companies announced that there was unauthorized access to its systems. After the initial investigations, there was only talk of an anomaly in the IT system. The internal response team was immediately activated and had initiated appropriate processes. Teamviewer wants to evaluate the attack together with globally recognized IT security experts. Midnight Blizzard also attacked...

Read more

Vulnerabilities in Check Point Security Gateways attacked
B2B Cyber ​​Security ShortNews

According to the BSI, the published vulnerabilities in Check Point security gateways are currently being attacked. The BSI does not rule out the possibility of data leakage. Check Point is already offering hotfixes. On May 26, 2024, Check Point published a high-priority advisory. In it, the manufacturer pointed out a newly discovered vulnerability in the Quantum and Maestro product lines that allows attackers to read information from these security gateways - especially credentials or VPN access data - remotely and without authentication. Be sure to run hotfixes -...

Read more

Major hack at Dropbox Sign
Major hack on Dropbox Sign - MS - AI

Sign, the Dropbox service for legally binding electronic signatures on contracts and the like, must report a cyberattack. Email addresses, usernames, phone numbers, hashed passwords and general account settings were stolen. Included: Authentication information such as API keys, OAuth tokens and multi-factor authentication. Many companies in particular rely on the Dropbox Sign service for legally valid electronic signatures, such as those needed for contracts. The current hack is a serious attack on the existing data and authentication information used by Dropbox. The process is so serious that Dropbox not only blocked users' passwords and issued a new...

Read more

Darknet: 34 million Roblox credentials on offer
B2B Cyber ​​Security ShortNews

Kaspersky cybersecurity experts have discovered 34 million stolen credentials for the online game platform Roblox on the dark web. Identity theft and credential hacks via infostealer attacks continue to increase. Between 2021 and 2023, almost 34 million login details for the online game Roblox were stolen and published on the dark web. Overall, the number increased by 231 percent from around 4,7 million in 2021 to 15,5 million in 2023. Taken together, data leaks from entertainment platforms such as Twitch, Electronic Arts, Sony PlayStation and Steam increased by 112 percent in the three years to. Massive access data to…

Read more

Vulnerability in tachograph could be infected by worm
B2B Cyber ​​Security ShortNews

Vulnerabilities in common electronic tachographs (ELDs) could be present in more than 14 million U.S. trucks, according to researchers at Colorado State University. The experts demonstrated how the attacks could take place. U.S. regulations require modern trucks to be equipped with electronic logging devices (ELDs), but these have become potential cybersecurity threat vectors. Research from three Colorado State University experts uncovers three critical vulnerabilities in commonly used ELDs. Three vulnerabilities in the tachographs First they showed that the ELDs can be controlled wirelessly to any controller area network...

Read more

Fake Europcar hack
Fake Europcar hack

At the end of January, alleged data from around 50 million Europcar customers was offered in an underground forum. Europcar reacted quickly and denied that it was a real file. The data is neither consistent nor are the email addresses in particular known to Europcar. While Europcar suggested that this data was generated using generative AI (e.g. ChatGPT), other security researchers are of the opinion that no AI was at work here. What they all have in common, however, is the opinion that this data was generated by machines. Suspicions quickly arose in the forum too...

Read more

Data on the Darknet: ALPHV hacks US defense company Ultra  
B2B Cyber ​​Security ShortNews

Most recently, BlackCat fought with the FBI with ALPHV - now the APT group has landed a new hack: The US company Ultra I&C, which supplies Switzerland, NATO and many other countries with military equipment and cybersecurity, is said to have lost 30 GB of data have them available for download on the dark web. There is currently no official statement from Ultra I&C (Ultra Intelligence & Communications) on the hack by the Russian APT group BlackCat with the ransomware ALPHV, but other bodies, such as the Swiss Army, have. The Federal Department of Defense and Civil Protection…

Read more

SSH vulnerable: Millions of servers are no longer secure
B2B Cyber ​​Security ShortNews

The SSH protocol has been in use for almost 30 years. Now Bochum researchers have developed an attack that has the potential to undermine, if not even disable, cryptographic SSH protection measures. According to ShadowServer, there are over 1 million SSH servers active in Germany - several million worldwide. The Terrapin attack is a new attack technique on the SSH protocol discovered by researchers at Ruhr University Bochum. The attack can compromise the integrity of secure SSH connections by making targeted adjustments to sequence numbers during the handshake as part of the connection setup. This allows the attacker to remove some messages sent by the client or…

Read more

ALPHV: Casinos and hotels in Las Vegas paralyzed by hack
B2B Cyber ​​Security ShortNews

MGM Resorts, a U.S. operator of hotels and casinos, was recently hit by a ransomware attack that disabled multiple systems at some of its key Las Vegas locations, bringing operations to a halt at several Las Vegas casinos and hotels brought. MGM Resorts, which operates many of Las Vegas' most popular casinos and hotels including the Bellagio, is still dealing with the aftermath of the attack. At the beginning of last week, hackers significantly disrupted operations, leading to casino closures. Through the attack...

Read more

iOS 16: Simulated flight mode as a hidden hack
iOS 16: Simulated flight mode as a hidden hack - Photo by Sten Ritterfeld on Unsplash

Jamf Threat Labs has developed a technique on iOS16 that can simulate airplane mode. In concrete terms, this means that hackers could exploit this opportunity to trick the victim into thinking that the device's flight mode is turned on. However, malware is working in the background. The attacker actually installed an artificial flight mode (after successfully using an exploit on the device). This changes the user interface so that the airplane mode symbol is displayed and the Internet connection to all apps is interrupted - except the application that the hacker wants to use. The technology has probably not yet been used by malicious...

Read more