IT‑Sicherheits‑Digest (2026-02-21)

Aktuelle Security‑News

heise security

  • Zahlreiche Kernel-Lücken in Dell PowerProtect Data Manager geschlossen (2026-02-20 12:16 UTC)
    • Kurz: Dells Backuplösung PowerProtect Data Manager ist unter anderem für Schadcode-Attacken anfällig. Sicherheitspatches stehen zum Download bereit.
    • Quelle: Link
  • Kommentar: Russlands Cyber-Angriffe erfordern eine Reaktion (2026-02-20 12:07 UTC)
    • Kurz: Jürgen Schmidt sprach sich lange Zeit gegen offensive Cyber-Aktionen aus. Russlands Sabotage-Angriff auf Polens Energieversorgung hat seine Meinung geändert.
    • Quelle: Link
  • Adidas bezieht Stellung zu möglichem Datenleck bei externem Dienstleister (2026-02-20 11:20 UTC)
    • Kurz: Die Cybergang Lapsus$ behauptet in einem Untergrundforum, Daten von Adidas bei einem externen Dienstleister kopiert zu haben.
    • Quelle: Link

BleepingComputer

  • Japanese tech giant Advantest hit by ransomware attack (2026-02-20 18:30 UTC)
    • Kurz: Advantest Corporation disclosed that its corporate network has been targeted in a ransomware attack that may have affected customer or employee data. […]
    • Quelle: Link
  • CISA: BeyondTrust RCE flaw now exploited in ransomware attacks (2026-02-20 17:02 UTC)
    • Kurz: Hackers are actively exploiting the CVE-2026-1731 vulnerability in the BeyondTrust Remote Support product, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns. […]
    • Quelle: Link
  • Data breach at French bank registry impacts 1.2 million accounts (2026-02-20 16:20 UTC)
    • Kurz: The French Ministry of Finance has published an announcement informing of a cybersecurity incident that has impacted 1.2 million accounts. […]
    • Quelle: Link

The Hacker News

  • BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration (2026-02-20 15:45 UTC)
    • Kurz: Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products to conduct a wide range of malicious actions, including deploying …
    • Quelle: Link
  • Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems (2026-02-20 14:20 UTC)
    • Kurz: In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to stealthily install OpenClaw, a self-hosted autonomous AI agent that has become exceedingly popular …
    • Quelle: Link
  • ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware (2026-02-20 11:55 UTC)
    • Kurz: Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised legitimate sites to deliver a previously undocumented remote access trojan (RAT) called MIMICRAT (aka AstarionRAT). “The campaign demonstrat…
    • Quelle: Link

Neue CVEs (letzte 24h, NVD‑Abgleich)

Fortinet FortiGate (7.4.x)

  • Keine neuen Treffer in den letzten 24h.

Atlassian (Jira/Confluence)

  • Keine neuen Treffer in den letzten 24h.

HPE/Aruba Switches

  • Keine neuen Treffer in den letzten 24h.

VMware ESXi/vCenter (7.x)

  • Keine neuen Treffer in den letzten 24h.

Hinweis

  • CVE‑Treffer sind ein Frühwarn‑Check (NVD) und müssen für eure exakten Versionen/Deployments gegengeprüft werden (Vendor Advisory/Patches).