===================== = End-of-Day report = =====================
Timeframe: Mittwoch 08-05-2024 18:00 − Freitag 10-05-2024 18:00 Handler: Alexander Riepl Co-Handler: Thomas Pribitzer
===================== = News = =====================
∗∗∗ Datenschutzvorfall: Dell informiert über Abfluss von Kundendaten ∗∗∗ --------------------------------------------- Zu den abgeflossenen Informationen zählen laut Dell Namen, Adressdaten sowie weitere Daten über Bestellungen und darin enthaltene Dell-Hardware. --------------------------------------------- https://www.golem.de/news/datenschutzvorfall-dell-informiert-ueber-abfluss-v...
∗∗∗ APT trends report Q1 2024 ∗∗∗ --------------------------------------------- The report features the most significant developments relating to APT groups in Q1 2024, including the new malware campaigns DuneQuixote and Durian, and hacktivist activity. --------------------------------------------- https://securelist.com/apt-trends-report-q1-2024/112473/
∗∗∗ Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery ∗∗∗ --------------------------------------------- Two recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet. --------------------------------------------- https://thehackernews.com/2024/05/mirai-botnet-exploits-ivanti-connect.html
∗∗∗ GhostStripe attack haunts self-driving cars by making them ignore road signs ∗∗∗ --------------------------------------------- Six boffins mostly hailing from Singapore-based universities have proven it's possible to attack autonomous vehicles by exploiting the system's reliance on camera-based computer vision and cause it to not recognize road signs. --------------------------------------------- https://go.theregister.com/feed/www.theregister.com/2024/05/10/baidu_apollo_...
∗∗∗ Back to the Hype: An Update on How Cybercriminals Are Using GenAI ∗∗∗ --------------------------------------------- Generative AI continues to be misused and abused by malicious individuals. In this article, we dive into new criminal LLMs, criminal services with ChatGPT-like capabilities, and deepfakes being offered on criminal sites. --------------------------------------------- https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-thr...
∗∗∗ Zscaler Investigates Hacking Claims After Data Offered for Sale ∗∗∗ --------------------------------------------- Zscaler says its customer, production and corporate environments are not impacted after a notorious hacker offers to sell access. --------------------------------------------- https://www.securityweek.com/zscaler-investigates-hacking-claims-after-data-...
∗∗∗ With nation-state threats in mind, nearly 70 software firms agree to Secure by Design pledge ∗∗∗ --------------------------------------------- The nation’s top cybersecurity agency said 68 of the world’s leading software manufacturers have signed on to a voluntary pledge to design products that have security built in from the beginning. --------------------------------------------- https://therecord.media/secure-by-design-companies-cisa-rsa
∗∗∗ In interview, LockbitSupp says authorities outed the wrong guy ∗∗∗ --------------------------------------------- The leader of the LockBit ransomware gang, who goes by the name LockbItSupp, told Click Here in an interview that international law enforcement has made a mistake. --------------------------------------------- https://therecord.media/lockbitsupp-interview-ransomware-cybercrime-lockbit
∗∗∗ Krypto-Betrüger: Sechs Österreicher festgenommen ∗∗∗ --------------------------------------------- Weil sie einen Online-Handel mit angeblich neuer Kryptowährung aufgezogen und damit Investoren abgezockt haben, wurden nun sechs Österreicher verhaftet. --------------------------------------------- https://heise.de/-9714300
===================== = Vulnerabilities = =====================
∗∗∗ Security updates for Thursday ∗∗∗ --------------------------------------------- Security updates have been issued by AlmaLinux (ansible-core, avahi, bind, buildah, containernetworking-plugins, edk2, fence-agents, file, freeglut, freerdp, frr, git-lfs, gnutls, golang, grafana, grafana-pcp, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, harfbuzz, httpd, ipa, libjpeg-turbo, libnbd, LibRaw, libreswan, libsndfile, libssh, libtiff, libvirt, libX11, libXpm, mingw components, mingw-glib2, mingw-pixman, mod_http2, mod_jk and mod_proxy_cluster, motif, [...] --------------------------------------------- https://lwn.net/Articles/973071/
∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by AlmaLinux (container-tools:4.0, container-tools:rhel8, git-lfs, glibc, libxml2, nodejs:18, and nodejs:20), Debian (dav1d and libpgjava), Fedora (kernel and pypy), Red Hat (glibc and nodejs:16), SUSE (ffmpeg, ffmpeg-4, ghostscript, go1.21, go1.22, less, python-python-jose, python-Werkzeug, and sssd), and Ubuntu (fossil, glib2.0, and libspreadsheet-parsexlsx-perl). --------------------------------------------- https://lwn.net/Articles/973206/
∗∗∗ Admins müssen selbst handeln: PuTTY-Sicherheitslücke bedroht Citrix Hypervisor ∗∗∗ --------------------------------------------- Um XenCenter für Citrix Hypervisor abzusichern, müssen Admins händisch ein Sicherheitsupdate für das SSH-Tool PuTTY installieren. --------------------------------------------- https://heise.de/-9713898
∗∗∗ Google Chrome: Exploit für Zero-Day-Lücke gesichtet ∗∗∗ --------------------------------------------- In Googles Webbrowser Chrome klafft eine Sicherheitslücke, für die ein Exploit existiert. Google reagiert mit einem Notfall-Update. --------------------------------------------- https://heise.de/-9714519
∗∗∗ IBM Security Bulletins ∗∗∗ --------------------------------------------- https://www.ibm.com/support/pages/bulletin/
∗∗∗ 2024-05 Reference Advisory: Junos OS and Junos OS Evolved: Multiple CVEs reported in OpenSSH ∗∗∗ --------------------------------------------- https://supportportal.juniper.net/s/article/2024-05-Reference-Advisory-Junos...