NEU Microsoft
23 20th April – Threat Intelligence Report
Multiple zero-days (BlueHammer, RedSun, UnDefend) in Microsoft Defender are being actively exploited, requiring immediate patching.
Niedrig
Archiv-Ansicht — diese Daten sind möglicherweise nicht aktuell.
CTI Status
Joel Traber AG
Stand:
Letzter Pipeline-Run:
Lage Ruhig
Alle Threats
Sortiert nach KEV · Risk · EPSS NEU Linux
20 CVE-2026-31430
The vulnerability can be triggered by an unprivileged user via the keyrings API, enabling local privilege escalation.
Niedrig
EPSS
0%
NEU Microsoft
0 Ungepatchte Windows-Zero-Days RedSun, UnDefend und BlueHammer werden attackiert
Describes active exploitation of multiple unpatched Windows zero-days (RedSun, UnDefend, BlueHammer) in the wild, indicating immediate risk beyond a standard patch advisory.
Niedrig
NEU Microsoft
0 Zero-Day-Lücken unter Beschuss: Angriffe auf Windows-Systeme beobachtet
Describes an active attack campaign exploiting zero-day vulnerabilities in Windows systems, indicating immediate defensive action is required.
Niedrig
NEU Microsoft
0 Microsoft: Teams increasingly abused in helpdesk impersonation attacks
Describes an active campaign where attackers are specifically abusing external Teams access for helpdesk impersonation, a novel social engineering vector.
Niedrig
NEU Microsoft
0 Microsoft releases emergency updates to fix Windows Server issues
Highlights emergency, out-of-band updates to resolve critical stability or security issues introduced by a recent patch cycle.
Niedrig
NEU
0 DFIR Report – The Gentlemen & SystemBC: A Sneak Peek Behind the Proxy
Provides insight into the TTPs of a threat actor using SystemBC malware for C2 and lateral movement within a Windows domain environment.
Niedrig