IT‑Sicherheits‑Digest (2026-03-07)

Aktuelle Security‑News

heise security

  • KI Claude findet in zwei Wochen über 100 Firefox-Bugs (2026-03-06 16:59 UTC)
    • Kurz: In einem internen Test fand Anthropics KI Claude Opus 4.6 binnen zwei Wochen mehr Schwachstellen im Browser Firefox als die Community in zwei Monaten.
    • Quelle: Link
  • Social Media: Länder fordern strikten Jugendschutz und IP-Speicherung (2026-03-06 16:17 UTC)
    • Kurz: Die Ministerpräsidentenkonferenz will Plattformen in die Pflicht nehmen, pocht auf Altersgrenzen und fordert die zügige Einführung der Vorratsdatenspeicherung.
    • Quelle: Link
  • BSI: 11.500 kritische Einrichtungen unter NIS2 registriert (2026-03-06 16:09 UTC)
    • Kurz: Zum Registrierungsfristende haben tausende Unternehmen den Prozess abgeschlossen – doch knapp 20.000 fehlen wohl noch.
    • Quelle: Link

BleepingComputer

  • Cognizant TriZetto breach exposes health data of 3.4 million patients (2026-03-06 19:50 UTC)
    • Kurz: TriZetto Provider Solutions, a healthcare IT company that develops software and services used by health insurers and healthcare providers, has suffered a data breach that exposed the sensitive information of over 3.4 million people. […]
    • Quelle: Link
  • CISA warns feds to patch iOS flaws exploited in crypto-theft attacks (2026-03-06 15:57 UTC)
    • Kurz: CISA ordered U.S. federal agencies to patch three iOS security flaws targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit. […]
    • Quelle: Link
  • EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security (2026-03-06 15:00 UTC)
    • Kurz: EC-Council, creator of the world-renowned Certified Ethical Hacker (CEH) credential and a global leader in applied cybersecurity education, today launched its Enterprise AI Credential Suite, with four new role-based AI certifications debuti…
    • Quelle: Link

The Hacker News

  • Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India (2026-03-06 15:11 UTC)
    • Kurz: The Pakistan-aligned threat actor known as Transparent Tribe has become the latest hacking group to embrace artificial intelligence (AI)-powered coding tools to strike targets with various implants. The activity is designed to produce a “hi…
    • Quelle: Link
  • Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT (2026-03-06 14:33 UTC)
    • Kurz: Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan (RATs) payloads that correspond to XWorm, AsyncRAT, and Xeno RAT. The …
    • Quelle: Link
  • The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity (2026-03-06 10:30 UTC)
    • Kurz: Scaling cybersecurity services as an MSP or MSSP requires technical expertise and a business model that delivers measurable value at scale. Risk-based cybersecurity is the foundation of that model. When done right, it builds client trust, i…
    • Quelle: Link

Neue CVEs (letzte 24h, NVD‑Abgleich)

Fortinet FortiGate (7.4.x)

  • Keine neuen Treffer in den letzten 24h.

Atlassian (Jira/Confluence)

  • Keine neuen Treffer in den letzten 24h.

HPE/Aruba Switches

  • Keine neuen Treffer in den letzten 24h.

VMware ESXi/vCenter (7.x)

  • Keine neuen Treffer in den letzten 24h.

Hinweis

  • CVE‑Treffer sind ein Frühwarn‑Check (NVD) und müssen für eure exakten Versionen/Deployments gegengeprüft werden (Vendor Advisory/Patches).