Seite wählen

18.09.2025

9

Warning: Brute force attacks hitting SonicWall firewall configuration backups

CSO Online 18.09.2025 01:06
SonicWall is warning admins that recent brute force attacks on its firewall’s API service for cloud backup could have exposed backup configuration files stored in its cloud portal.
Affected are SonicWall firewalls with preference files backed up to customers’ MySonicWall.com portal, the company said.

9

Microsoft and Cloudflare execute ‘rugpull’ on massive phishing empire

CSO Online 17.09.2025 12:48
Microsoft and Cloudflare executed a coordinated “rugpull” against one of the world’s most sophisticated phishing operations, seizing 338 websites and dismantling infrastructure that generated potentially hundreds of millions of malicious emails targeting business users globally.
The joint operation targeted RaccoonO365, which Microsoft tracks as Storm-2246, a Nigerian-led criminal enterprise that transformed credential theft into a subscription service, according to Microsoft’s Digital Crimes Unit blog post. The phishing-as-a-service platform allowed anyone to launch devastating attacks against Microsoft 365 users without requiring technical expertise.

9

Apple patches critical zero-day in ImageIO amid reports of targeted exploits

CSO Online 17.09.2025 12:12
Apple has rolled out two new updates to patch a zero-day vulnerability in the ImageIO framework, which may have already been exploited in attacks against specific individuals.
The flaw, tracked as CVE-2025-43300, and addressed in iOS 16.7.12 and iPadOS 16.7.12, allows for memory corruption on Apple phones when a malicious file is processed.

9

Hackerangriff auf HEM expert

CSO Online 17.09.2025 12:10
Von dem Cyberangriff auf den Elektrohändler HEM expert sind alle zehn Filialen betroffen.HEM expert Mössingen
HEM expert hat kürzlich ein Rundschreiben an seine Kunden verschickt, in dem über einen Cyberangriff informiert wird. Wie das Unternehmen gegenüber CSO bestätigt, betraf dieser alle zehn Standorte, die sich ausschließlich in Süddeutschland befinden. Die in ganz Deutschland verteilten Filialen der expert Gruppe (Mutterkonzern) seien demnach jedoch verschont geblieben.

9

Cybercrime: Microsoft gelingt Schlag gegen Phishing-Trojaner RaccoonO365

Heise Security 17.09.2025 10:03
Über die Malware RaccoonO365 gelangen Kriminelle an Log-in-Daten von Microsoft 365. Nun wurden in diesem Kontext 338 Websites offline genommen.