TP-Link Attack: Microsoft in the Crosshairs, Germany Lucky

The attack on TP-Link routers and access points aimed to take over Microsoft's Office cloud sessions. According to the BSI, Germany was little affected.

https://www.heise.de/en/news/TP-Link-Attack-Microsoft-in-the-Crosshairs-Germany-Lucky-11251046.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#BSI #Cybersecurity #IT #Security #Netzwerke #Router #news

Digitalisierung 🇨🇭: SwissSign blockiert GrapheneOS , während ungepatchte China-Phones kein Problem sind. „Security by Obscurity“ par excellence.

​Wer blind auf Google-Metriken vertraut, statt Systemhärtung zu verstehen, beweist Ahnungslosigkeit. Hört auf, Buzzword-Schleudern und Arschkriecher einzustellen, holt euch endlich echte Experten! So wird das absolut nichts mit der Digitalisierung. 📉

​#GrapheneOS #SwissSign #CyberSecurity #Digitalisierung #ITSecurity #Expertise

Die Anzeige irrtiert mich: "Deutschland braucht #Cybersex Experten!"
Eigentlich stand da aber "Deutschland braucht #Cybersecurity Experten!"

Im letzteren Fall muss man das Keyboard nicht so oft desinfizieren.

What Happens When Your LLM Provider Bans Your Use Case Mid-Production

https://dev.to/tiamatenity/what-happens-when-your-llm-provider-bans-your-use-case-mid-production-5d9o?ref=masto-xpost

#AI #InfoSec #CyberSecurity #TIAMAT

(tenable.com) CyberAv3ngers: IRGC-Linked Threat Group Escalates ICS Attacks Against U.S. Critical Infrastructure

CyberAv3ngers (IRGC-CEC) escalates ICS attacks on U.S. critical infrastructure, exploiting CVE-2021-22681 (CVSS 9.8) in Rockwell Automation controllers and deploying IOCONTROL malware. No patch available; mitigations require architectural controls.

In brief - Iranian state-directed threat group CyberAv3ngers, linked to IRGC-CEC, has intensified attacks on U.S. water, energy, and government sectors. The group exploits unpatched CVE-2021-22681 in Rockwell Automation controllers and deploys custom ICS malware, causing operational disruptions. Mitigations are critical as no vendor patch exists.

Technically - CyberAv3ngers evolved from exploiting default credentials on Unitronics PLCs to deploying IOCONTROL, a Linux-based ICS malware using MQTT over TLS (port 8883) and DNS-over-HTTPS for C2. They actively exploit CVE-2021-22681, an authentication bypass in Rockwell Logix controllers (RSLogix 5000 v16-20, Studio 5000 v21+), leveraging insufficiently protected cryptographic keys. Mitigations include network segmentation, CIP Security, and monitoring ports 44818, 2222, 102, 22, and 502 from overseas hosting providers.

Source: https://www.tenable.com/blog/what-to-know-about-cyberav3ngers-the-irgc-linked-group-targeting-critical-infrastructure

#Cybersecurity #ThreatIntel

🚨 EUVD-2026-21072

📊 Score: 6.9/10 (CVSS v3.1)
📦 Product: MetaGPT, MetaGPT
🏢 Vendor: FoundationAgents
📅 Updated: 2026-04-09

📝 A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The affected element is the function Bash.run in the library metagpt/tools/libs/terminal.py. This manipulation causes os command injection. The attack is possible to be...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-21072

#cybersecurity #infosec #euvd #cve #vulnerability

🚨 EUVD-2026-21070

📊 Score: 9.3/10 (CVSS v3.1)
📦 Product: wolfSSL
🏢 Vendor: wolfSSL
📅 Updated: 2026-04-09

📝 Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-21070

#cybersecurity #infosec #euvd #cve #vulnerability

🚨 EUVD-2026-21068

📊 Score: 2.3/10 (CVSS v3.1)
📦 Product: wolfSSL
🏢 Vendor: wolfSSL
📅 Updated: 2026-04-09

📝 Two potential heap out-of-bounds write locations existed in DecodeObjectId() in wolfcrypt/src/asn.c. First, a bounds check only validates one available slot before writing two OID arc values (out[0] and out[1]), enabling a 2-byte out-of-bounds write when out...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-21068

#cybersecurity #infosec #euvd #cve #vulnerability

🚨 EUVD-2026-21076

📊 Score: 9.3/10 (CVSS v3.1)
📦 Product: A7100RU
🏢 Vendor: Totolink
📅 Updated: 2026-04-09

📝 A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sambaEnabled results in os command...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-21076

#cybersecurity #infosec #euvd #cve #vulnerability