[CERT-daily] Tageszusammenfassung - 28.12.2022

Wed Dec 28 18:17:01 CET 2022

=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 27-12-2022 18:00 − Mittwoch 28-12-2022 18:00
Handler:     Thomas Pribitzer
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ KI-Wunder ChatGPT kann bösartige E-Mails und Code generieren ∗∗∗
---------------------------------------------
Check Point Research (CPR) warnt vor Hackern, die ChatGPT und Codex von OpenAI nutzen könnten, um gezielte Cyberangriffe durchzuführen. 
https://research.checkpoint.com/2022/opwnai-ai-that-can-save-the-day-or-hack-it-away/
---------------------------------------------
https://www.zdnet.de/88406214/ki-wunder-chatgpt-kann-boesartige-e-mails-und-code-generieren/


∗∗∗ Droht eine Exchange ProxyNotShell-Katastrophe zum Jahreswechsel 2022/2023? ∗∗∗
---------------------------------------------
Beunruhigende Informationen, die mich gerade erreicht haben. Nicht auf dem aktuellen Patchstand befindliche Microsoft Exchange On-Premises-Server sind anfällig für Angriffe über die ProxyNotShell-Schwachstellen. Vor Weihnachten gab es dann die Information, dass die Hackergruppe FIN7 seit längerem eine automatisierte Angriffsplattform zum [...]
---------------------------------------------
https://www.borncity.com/blog/2022/12/28/droht-eine-exchange-proxynotshell-katastrophe-zum-jahreswechsel-2022-2023/


∗∗∗ Why Attackers Target GitHub, and How You Can Secure It ∗∗∗
---------------------------------------------
The unfettered collaboration of the GitHub model creates a security headache. Follow these seven principles to help relieve the pain.
---------------------------------------------
https://www.darkreading.com/edge-articles/why-attackers-target-github-and-how-you-can-secure-it


∗∗∗ Playing with Powershell and JSON (and Amazon and Firewalls), (Wed, Dec 28th) ∗∗∗
---------------------------------------------
In this post we'll take a look at parsing and manipulating JSON in Powershell.
---------------------------------------------
https://isc.sans.edu/diary/rss/29380


∗∗∗ CVE-2022-27510, CVE-2022-27518 - Measuring Citrix ADC & Gateway version adoption on the Internet ∗∗∗
---------------------------------------------
Recently, two critical vulnerabilities were reported in Citrix ADC and Citrix Gateway; where one of them was being exploited in the wild by a threat actor. Due to these vulnerabilities being exploitable remotely and given the situation of past Citrix vulnerabilities, RIFT started to research on how to identify the [...]
---------------------------------------------
https://blog.fox-it.com/2022/12/28/cve-2022-27510-cve-2022-27518-measuring-citrix-adc-gateway-version-adoption-on-the-internet/


∗∗∗ EarSpy: Spying on Phone Calls via Ear Speaker Vibrations Captured by Accelerometer ∗∗∗
---------------------------------------------
As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for eavesdropping on a targeted user’s conversations, according to a team of researchers from several universities in the United States.
---------------------------------------------
https://www.securityweek.com/earspy-spying-phone-calls-ear-speaker-vibrations-captured-accelerometer


∗∗∗ Alias and Directive Overloading in GraphQL ∗∗∗
---------------------------------------------
Denial of Service (DoS) attacks in GraphQL APIs are nothing new. It turns out that when you let clients control what data they want to receive from the server, malicious users try to abuse this flexibility to exhaust resources.
---------------------------------------------
https://checkmarx.com/blog/alias-and-directive-overloading-in-graphql/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Fedora (curl) and SUSE (curl, freeradius-server, sqlite3, systemd, and vim).
---------------------------------------------
https://lwn.net/Articles/918655/


∗∗∗ Microsoft Patches Azure Cross-Tenant Data Access Flaw ∗∗∗
---------------------------------------------
Microsoft has silently fixed an important-severity security flaw in its Azure Cognitive Search (ACS) after an external researcher warned that a buggy feature allowed cross-tenant network bypass attacks.
---------------------------------------------
https://www.securityweek.com/microsoft-patches-azure-cross-tenant-data-access-flaw


∗∗∗ ABB Security Advisory: NE843 Pulsar Plus Controller ∗∗∗
---------------------------------------------
https://search.abb.com/library/Download.aspx?DocumentID=9AKK108467A6732&LanguageCode=en&DocumentPartId=&Action=Launch


∗∗∗ A security vulnerability has been identified in WebSphere Liberty Profile shipped with IBM License Metric Tool v9 (CVE-2022-34165). ∗∗∗
---------------------------------------------
https://www.ibm.com/support/pages/node/6851953

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily