=====================
= End-of-Day report =
=====================
Timeframe: Mittwoch 02-03-2022 18:00 − Donnerstag 03-03-2022 18:00
Handler: Thomas Pribitzer
Co-Handler: Robert Waldner
=====================
= News =
=====================
∗∗∗ Free decryptor released for HermeticRansom victims in Ukraine ∗∗∗
---------------------------------------------
Avast Threat Labs has released a decryptor for the HermeticRansom ransomware strain used predominately in targeted attacks against Ukrainian systems in the past ten days.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-…
∗∗∗ Researchers Devise Attack for Stealing Data During Homomorphic Encryption ∗∗∗
---------------------------------------------
A vulnerability in a Microsoft crypto library gives attackers a way to figure out what data is being encrypted in lockpicker-like fashion.
---------------------------------------------
https://www.darkreading.com/application-security/researchers-devise-attack-…
∗∗∗ Threat landscape for industrial automation systems, H2 2021 ∗∗∗
---------------------------------------------
By 2021 everyone got used to pandemic limitations – industrial organization employees and IT security professionals and threat actors. If we compare the numbers from 2020 and 2021, we see that 2021 looks more stable, particularly in H2.
---------------------------------------------
https://securelist.com/threat-landscape-for-industrial-automation-systems-h…
∗∗∗ The Truth About USB Device Serial Numbers – (and the lies your tools tell) ∗∗∗
---------------------------------------------
Evidence surrounding the use of USB devices is an often sought-after forensic treasure trove, due to its verbosity in the operating system, as well as the Windows Registry. The difficulty comes in attempting to make sense of all this data. When the many, disparate breadcrumbs of usage are pulled together in a coherent assemblage of user activity, the results can be shocking in their clarity.
---------------------------------------------
https://www.sans.org/blog/the-truth-about-usb-device-serial-numbers?msc=rss
∗∗∗ Vorsicht vor diesen betrügerischen Handwerksdiensten! ∗∗∗
---------------------------------------------
Ihnen ist die Tür zugefallen, der Schlüssel abgebrochen, oder ein Abflussrohr ist verstopft? Solche Notsituationen werden zunehmend von Kriminellen ausgenutzt: Sie bieten schnelle und einfache Hilfe an, doch Vorsicht! Diese unseriösen Anbieter verlangen Wucherpreise in bar und beheben oft nicht einmal das Problem!
---------------------------------------------
https://www.watchlist-internet.at/news/vorsicht-vor-diesen-betruegerischen-…
∗∗∗ Update: Ukraine-Krise - Aktuelle Informationen ∗∗∗
---------------------------------------------
Version 1.3 03.03.2022 15:45
* Weitere Empfehlungen, "Weitere Lektüre" Sektion
* Aufgrund der Ukraine-Krise herrscht momentan eine sehr hohe allgemeine Gefährdungslage im Cyberraum. Eine spezifische Gefährdung für Österreich ist aktuell noch nicht auszumachen.
---------------------------------------------
https://cert.at/de/aktuelles/2022/3/ukraine-krise-aktuelle-informationen
=====================
= Vulnerabilities =
=====================
∗∗∗ Security updates for Thursday ∗∗∗
---------------------------------------------
Security updates have been issued by CentOS (cyrus-sasl), Fedora (kicad), Mageia (php), openSUSE (envoy-proxy, ldns, libdxfrw, librecad, php7, and shapelib), Red Hat (cyrus-sasl), SUSE (firefox, gnutls, ldns, and php7), and Ubuntu (haproxy and php7.2, php7.4).
---------------------------------------------
https://lwn.net/Articles/886683/
∗∗∗ Zoho ManageEngine Desktop Central: Schwachstelle ermöglicht Offenlegung von Informationen ∗∗∗
---------------------------------------------
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Zoho ManageEngine Desktop Central ausnutzen, um Informationen offenzulegen.
CVE Liste: CVE-2022-23779
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K22-0253
∗∗∗ Autodesk AutoCAD: Mehrere Schwachstellen ermöglichen Codeausführung ∗∗∗
---------------------------------------------
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Autodesk AutoCAD ausnutzen, um beliebigen Programmcode auszuführen.
CVE Liste: CVE-2022-25789, CVE-2022-25790, CVE-2022-25791, CVE-2022-25792, CVE-2022-25795
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K22-0252
∗∗∗ Security Bulletin: IBM i is vulnerable to bypass security restrictions due to Samba SMB1 (CVE-2021-43566 and CVE-2021-44141) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-i-is-vulnerable-to-by…
∗∗∗ Security Bulletin: Multiple vulnerabilities may affect IBM Robotic Process Automation ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-…
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server due to Expat vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-…
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server due to Expat vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-…
∗∗∗ Security Bulletin: IBM OpenPages with Watson has addressed Apache Log4j vulnerability (CVE-2021-44832) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-openpages-with-watson…
∗∗∗ Security Bulletin: IBM i components are affected by CVE-2021-4104 (log4j version 1.x) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-i-components-are-affe…
∗∗∗ Security Bulletin: IBM DataPower affected by vulnerabilities in Node.js ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-datapower-affected-by…
∗∗∗ Security Bulletin: IBM Rational Build Forge is affected by Apache HTTP Server version used in it. (CVE-2021-44790) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-…
∗∗∗ K73200428: Linux kernel vulnerability CVE-2022-0185 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K73200428?utm_source=f5support&utm_mediu…
∗∗∗ BD Pyxis ∗∗∗
---------------------------------------------
https://us-cert.cisa.gov/ics/advisories/icsma-22-062-01
∗∗∗ BD Viper LT ∗∗∗
---------------------------------------------
https://us-cert.cisa.gov/ics/advisories/icsma-22-062-02
∗∗∗ IPCOMM ipDIO ∗∗∗
---------------------------------------------
https://us-cert.cisa.gov/ics/advisories/icsa-22-062-01
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
=====================
= End-of-Day report =
=====================
Timeframe: Dienstag 01-03-2022 18:00 − Mittwoch 02-03-2022 18:00
Handler: Thomas Pribitzer
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ Phishing attacks target countries aiding Ukrainian refugees ∗∗∗
---------------------------------------------
A spear-phishing campaign likely coordinated by a state-backed threat actor has been targeting European government personnel providing logistics support to Ukrainian refugees.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/phishing-attacks-target-coun…
∗∗∗ Geoblocking when you cant Geoblock, (Tue, Mar 1st) ∗∗∗
---------------------------------------------
Given recent events, I've gotten a flood of calls from clients who want to start blocking egress traffic to specific countries, or block ingress traffic from specific countries (or both).
---------------------------------------------
https://isc.sans.edu/diary/rss/28392
∗∗∗ TeaBot Android Banking Malware Spreads Again Through Google Play Store Apps ∗∗∗
---------------------------------------------
An Android banking trojan designed to steal credentials and SMS messages has been observed once again sneaking past Google Play Store protections to target users of more than 400 banking and financial apps, including those from Russia, China, and the U.S.
---------------------------------------------
https://thehackernews.com/2022/03/teabot-android-banking-malware-spreads.ht…
∗∗∗ "Authority-Scam": Kriminelle imitieren Behörden für Investment-Betrug ∗∗∗
---------------------------------------------
Beim „Authority-Scam“ geben sich die Kriminellen als Behörde aus und fordern Zahlungen wegen der Investments. Nicht bezahlen!
---------------------------------------------
https://www.watchlist-internet.at/news/authority-scam-kriminelle-imitieren-…
∗∗∗ Know Your Infusion Pump Vulnerabilities and Secure Your Healthcare Organization ∗∗∗
---------------------------------------------
Scans of more than 200,000 infusion pumps on the networks of hospitals and other healthcare organizations found 75% had known security gaps.
---------------------------------------------
https://unit42.paloaltonetworks.com/infusion-pump-vulnerabilities/
=====================
= Vulnerabilities =
=====================
∗∗∗ Critical Bugs Reported in Popular Open Source PJSIP SIP and Media Stack ∗∗∗
---------------------------------------------
As many as five security vulnerabilities have been disclosed in the PJSIP open-source multimedia communication library that could be abused by an attacker to trigger arbitrary code execution and denial-of-service (DoS) in applications that use the protocol stack.
---------------------------------------------
https://thehackernews.com/2022/03/critical-bugs-reported-in-popular-open.ht…
∗∗∗ IBM warnt vor zahlreichen Sicherheitslücken ∗∗∗
---------------------------------------------
IBM hat für diverse Produkte Updates veröffentlicht, die teils kritische Sicherheitslücken schließen. Administratoren sollten sie zeitnah installieren.
---------------------------------------------
https://heise.de/-6531076
∗∗∗ Sicherheitsupdates von Fortinet: Angreifer könnten Admin-Zugänge erraten ∗∗∗
---------------------------------------------
Unter anderen FortiMail und FortiWLC sind verwundbar. Eine Lücke gilt als kritisch.
---------------------------------------------
https://heise.de/-6531249
∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Fedora (mingw-expat and seamonkey), openSUSE (mc, mysql-connector-java, nodejs12, and sphinx), Red Hat (kernel and kpatch-patch), SUSE (cyrus-sasl, kernel, nodejs12, and php74), and Ubuntu (glibc).
---------------------------------------------
https://lwn.net/Articles/886560/
∗∗∗ Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco…
∗∗∗ Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure Privilege Escalation Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco…
∗∗∗ Cisco StarOS Command Injection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco…
∗∗∗ Cisco Identity Services Engine RADIUS Service Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco…
∗∗∗ Security Bulletin: Vulnerabilities in AIX CAA (CVE-2022-22350, CVE-2021-38996) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-aix-ca…
∗∗∗ Security Bulletin: SQL injection vulnerability in PostgreSQL affects IBM Connect:Direct Web Services (CVE-2021-23214) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-sql-injection-vulnerabili…
∗∗∗ Security Bulletin: Vulnerability in BIND affects AIX (CVE-2021-25219) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-bind-aff…
∗∗∗ Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to remote attacker due to Apache Log4j (CVE-2021-44832) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-sterling-connectdirec…
∗∗∗ Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Connect:Direct Web Services ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-…
∗∗∗ Security Bulletin: Security Bulletin: IBM InfoSphere Master Data Management Server vulnerability in OpenSSL ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-security-bulletin-ibm-inf…
∗∗∗ Security Bulletin: Vulnerabilities with Expat, Spring Framework and Apache HTTP Server affect IBM Cloud Object Storage Systems (Feb 2022 V2) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-with-expa…
∗∗∗ VMSA-2022-0007 ∗∗∗
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2022-0007.html
∗∗∗ K34519550: Linux kernel vulnerability CVE-2021-27364 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K34519550
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
=====================
= End-of-Day report =
=====================
Timeframe: Montag 28-02-2022 18:00 − Dienstag 01-03-2022 18:00
Handler: Thomas Pribitzer
Co-Handler: Robert Waldner
=====================
= News =
=====================
∗∗∗ Axis Communications shares details on disruptive cyberattack ∗∗∗
---------------------------------------------
Axis Communications has published a post mortem about a cyberattack that caused severe disruption in their systems, with some systems still partially offline.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/axis-communications-shares-d…
∗∗∗ Cyber threat activity in Ukraine: analysis and resources ∗∗∗
---------------------------------------------
Microsoft has been monitoring escalating cyber activity in Ukraine and has published analysis on observed activity in order to give organizations the latest intelligence to guide investigations into potential attacks and information to implement proactive protections against future attempts. We’ve brought together all our analysis and guidance for customers who may be impacted by events ...
---------------------------------------------
https://msrc-blog.microsoft.com:443/2022/02/28/analysis-resources-cyber-thr…
∗∗∗ Instagram scammers as busy as ever: passwords and 2FA codes at risk ∗∗∗
---------------------------------------------
Instagram scams dont seem to be dying out - were seeing more variety and trickiness than ever...
---------------------------------------------
https://nakedsecurity.sophos.com/2022/02/28/instagram-scammers-as-busy-as-e…
∗∗∗ Triaging A Malicious Docker Container ∗∗∗
---------------------------------------------
Malicious Docker containers are a relatively new form of attack, taking advantage of an exposed Docker API or vulnerable host to do their evil plotting. In this article, we will walk through the triage of a malicious image containing a previously undetected-in-VirusTotal (at the time of this writing) piece of malware
---------------------------------------------
https://sysdig.com/blog/triaging-malicious-docker-container/
∗∗∗ How To Protect Magento Websites ∗∗∗
---------------------------------------------
As of recently, Magento1 has become outdated and no longer supported. Adobe’s goal is to move all users away to Magento2 instead, which has 2FA and a non-standard login URL enabled by default, being generally more secure.
Migrating is very costly for an average business, however, so this article will hopefully shed some light on how you can still protect your site regardless of which version of Magento is currently being used.
---------------------------------------------
https://blog.sucuri.net/2022/02/how-to-protect-magento-websites.html
∗∗∗ Trickbot Malware Gang Upgrades its AnchorDNS Backdoor to AnchorMail ∗∗∗
---------------------------------------------
Even as the TrickBot infrastructure closed shop, the operators of the malware are continuing to refine and retool their arsenal to carry out attacks that culminated in the deployment of Conti ransomware. IBM Security X-Force, which discovered the revamped version of the criminal gangs AnchorDNS backdoor, dubbed the new, upgraded variant AnchorMail.
---------------------------------------------
https://thehackernews.com/2022/03/trickbot-malware-gang-upgrades-its.html
∗∗∗ Nein, Signal wurde nicht gehackt ∗∗∗
---------------------------------------------
Auf Twitter tritt Signal derzeit Gerüchten entgegen, die behaupten, der Messenger sei gehackt oder anderweitig kompromittiert worden. Die Gerüchte "sind falsch. Signal wurde nicht gehackt", betont Signal auf Twitter. "Wir glauben, dass diese Gerüchte Teil einer koordinierten Fehlinformationskampagne sind, die die Menschen dazu bringen soll, weniger sichere Alternativen zu nutzen."
---------------------------------------------
https://www.golem.de/news/messenger-nein-signal-wurde-nicht-gehackt-2203-16…
∗∗∗ Unusual sign-in activity mail goes phishing for Microsoft account holders ∗∗∗
---------------------------------------------
We look at a phishing mail which may cause concern for users of Microsoft services as it claims theres been a suspicious login from Russia.The post Unusual sign-in activity mail goes phishing for Microsoft account holders appeared first on Malwarebytes Labs.
---------------------------------------------
https://blog.malwarebytes.com/scams/2022/03/unusual-sign-in-activity-mail-g…
∗∗∗ DDoS Attacks Abuse Network Middleboxes for Reflection, Amplification ∗∗∗
---------------------------------------------
Threat actors specializing in distributed denial-of-service (DDoS) attacks have started abusing network middleboxes for reflection and amplification, Akamai warns.
---------------------------------------------
https://www.securityweek.com/ddos-attacks-abuse-network-middleboxes-reflect…
∗∗∗ Betrügerische Investitionsplattformen: Checken Sie unsere Liste ∗∗∗
---------------------------------------------
Betrügerische Investitionsplattformen versprechen hohe Gewinne – risikofrei und ohne Finanzwissen. Der Handel erfolgt automatisiert oder mit persönlicher Beratung. Bereits mit kleinen Investitionen können angeblich hohe Gewinne erzielt werden. Klingt sehr verlockend, ist aber Betrug! In diesem Artikel listen wir betrügerische Investitionsplattformen.
---------------------------------------------
https://www.watchlist-internet.at/news/betruegerische-investitionsplattform…
∗∗∗ Tales from the Field: Coin-Operated Culprit ∗∗∗
---------------------------------------------
Due to a lack of proper visibility and segmentation, a breakroom vending machine was provided unfettered access to an operational network worth billions of dollars.
---------------------------------------------
https://claroty.com/2022/02/28/blog-tales-from-the-field-coin-operated-culp…
=====================
= Vulnerabilities =
=====================
∗∗∗ Multiple vulnerabilities in VoipMonitor ∗∗∗
---------------------------------------------
I discovered and reported a few bugs in VoipMonitor ranging from a simple authentication bypass to a full RCE chain. Here I'll describe "most" of these bugs. The issues have been patched in VoipMonitor GUI version 24.97.
---------------------------------------------
https://kerbit.io/research/read/blog/3
∗∗∗ Cloud-Schutzlösung von Okta könnte Schadcode auf Server lassen ∗∗∗
---------------------------------------------
Ein wichtiges Sicherheitsupdate schließt ein Schadcode-Schlupfloch in Okta Advanced Server Client.
---------------------------------------------
https://heise.de/-6529223
∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (thunderbird), Oracle (kernel, kernel-container, and ruby:2.5), Red Hat (rh-ruby26-ruby), Slackware (libxml2 and libxslt), SUSE (htmldoc and SUSE Manager Server 4.2), and Ubuntu (mariadb-10.3, mariadb-10.5, policykit-1, qemu, virglrenderer, and webkit2gtk).
---------------------------------------------
https://lwn.net/Articles/886472/
∗∗∗ Vulnerability Spotlight: Vulnerabilities in Lansweeper could lead to JavaScript, SQL injections ∗∗∗
---------------------------------------------
Cisco Talos recently discovered multiple vulnerabilities in the Lansweeper IT asset management solution that could allow an attacker to inject JavaScript or SQL code on the targeted device. [..] Users are encouraged to update these affected products as soon as possible: Lansweeper version 9.1.20.2. Talos tested and confirmed this version is affected by these vulnerabilities. Lansweeper 9.2.0 incorporates fixes for these issues.
---------------------------------------------
http://blog.talosintelligence.com/2022/03/vuln-spotlight-.html
∗∗∗ ZDI-22-424: (0Day) Delta Industrial Automation DIAEnergie AM_Handler SQL Injection Information Disclosure Vulnerability ∗∗∗
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-22-424/
∗∗∗ ZDI-22-423: (0Day) Delta Industrial Automation DIAEnergie HandlerPage_KID Arbitrary File Upload Remote Code Execution Vulnerability ∗∗∗
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-22-423/
∗∗∗ ZDI-22-422: (0Day) Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability ∗∗∗
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-22-422/
∗∗∗ ZDI-22-421: (0Day) Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability ∗∗∗
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-22-421/
∗∗∗ Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Sourcing (CVE-2021-2332) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vu…
∗∗∗ Security Bulletin: Apache HTTP Server as used by IBM QRadar SIEM is vulnerable to buffer overflow and denial of service (CVE-2021-44790, CVE-2021-34798, CVE-2021-39275) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-apache-http-server-as-use…
∗∗∗ Security Bulletin: Ansible vulnerability affects IBM Elastic Storage System (CVE-2021-3583) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ansible-vulnerability-aff…
∗∗∗ Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale where mmfsd daemon can be prevented from servicing requests (CVE-2020-4925) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-has-been-…
∗∗∗ Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Sourcing (CVE-2021-35558) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vu…
∗∗∗ Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Sourcing (CVE-2021-35557) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vu…
∗∗∗ Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Program Management (CVE-2021-35557) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vu…
∗∗∗ Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Contract Management(CVE-2021-35557) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vu…
∗∗∗ Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-35557) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vu…
∗∗∗ Security Bulletin: IBM MQ Appliance is affected by an incorrect session invalidation vulnerability (CVE-2021-38986) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affec…
∗∗∗ Security Bulletin: IBM App Connect Enterprise Certified Container Dashboards may be vulnerable to a denial of service vulnerability due to IBM X-Force vulnerability 220063 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-app-connect-enterpris…
∗∗∗ Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Supplier Lifecycle Management (CVE-2021-2332) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vu…
∗∗∗ Security Bulletin: Vulnerability in AIX audit commands (CVE-2021-38955) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-aix-audi…
∗∗∗ Security Bulletin: IBM RackSwitch firmware products are affected by vulnerabilities in OpenSSL ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rackswitch-firmware-p…
∗∗∗ Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-2332) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vu…
∗∗∗ Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Contract Management (CVE-2021-35558) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vu…
∗∗∗ Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Contract Management (CVE-2021-2332) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vu…
∗∗∗ Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Program Management (CVE-2021-35558) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vu…
∗∗∗ Security Bulletin: Multiple vulnerabilities may affect IBM® Semeru Runtime ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-…
∗∗∗ Security Bulletin: IBM MQ Appliance is affected by a Java vulnerability (CVE-2021-35578) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affec…
∗∗∗ Security Bulletin: IBM Flex System switch firmware products are affected by vulnerabilities in Libxml2 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-flex-system-switch-fi…
∗∗∗ Security Bulletin: IBM HTTP Server (powered by Apache) for i is vulnerable to CVE-2021-44224 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-http-server-powered-b…
∗∗∗ Security Bulletin: IBM RackSwitch firmware products are affected by vulnerabilities in Libxml2 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rackswitch-firmware-p…
∗∗∗ Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-35558) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vu…
∗∗∗ Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Supplier Lifecycle Management (CVE-2021-35557) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vu…
∗∗∗ Security Bulletin: IBM MQ Appliance could allow unauthorized viewing of logs and files (CVE-2022-22326) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-could-al…
∗∗∗ Security Bulletin: IBM Sterling Connect:Direct for UNIX Certified Container is affected by multiple vulnerabilities in Red Hat Universal Base Image version 8.4-206.1626828523 and Binutils version 2.30-93 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-sterling-connectdirec…
∗∗∗ Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 – October 2021 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-…
∗∗∗ Security Bulletin: IBM Flex System switch firmware products are affected by vulnerabilities in OpenSSL ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-flex-system-switch-fi…
∗∗∗ Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Program Management (CVE-2021-2332) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vu…
∗∗∗ Security Bulletin: glibc vulnerability affects IBM Elastic Storage System (CVE-2021-27645) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-glibc-vulnerability-affec…
∗∗∗ Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Supplier Lifecycle Management (CVE-2021-35558) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-oracle-database-server-vu…
∗∗∗ Security Bulletin: IBM MQ Appliance affected by a password hash that provides insufficient protection (CVE-2022-22321) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-affected…
∗∗∗ Security Bulletin: Due to use of Apache Log4j, IBM Datacap is vulnerable to arbitrary code execution (CVE-2021-4104) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-due-to-use-of-apache-log4…
∗∗∗ BECKHOFF: Null Pointer Dereference vulnerability in products with OPC UA technology ∗∗∗
---------------------------------------------
https://cert.vde.com/de/advisories/VDE-2022-003/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily