===================== = End-of-Day report = =====================
Timeframe: Montag 06-09-2021 18:00 − Dienstag 07-09-2021 18:00 Handler: Dimitri Robl Co-Handler: Robert Waldner
===================== = News = =====================
∗∗∗ Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server ∗∗∗ --------------------------------------------- The maintainers of Jenkins—a popular open-source automation server software—have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a recently disclosed vulnerability in Atlassian Confluence service to install a cryptocurrency miner. [...] "At this time we have no reason to believe that any Jenkins releases, plugins, or source code have been affected," the company said in a statement published over the weekend. --------------------------------------------- https://thehackernews.com/2021/09/latest-atlassian-confluence-flaw.html
∗∗∗ Firefox 92 und ESR-Versionen bringen wichtige Sicherheitsupdates mit ∗∗∗ --------------------------------------------- Die neuen Versionen des Browsers nebst Extended Support Releases umfassen nicht nur funktionale Neuerungen, sondern auch Sicherheitslücken-Fixes. --------------------------------------------- https://heise.de/-6185311
∗∗∗ online-handelsregister.eu bucht für einen Handelsregisterauszug über 750 Euro ab ∗∗∗ --------------------------------------------- Für einen Handelsregisterauszug verrechnet das Unternehmen hinter online-handelsregister.eu zusätzlich 749,00 Euro – angeblich für die Freischaltung des Portals. Opfern ist meist nicht bewusst, wie dieser Betrag zu Stande kam. Eines ist klar: online-handelsregister.eu geht nicht seriös vor und hat diesen Betrag ohne Berechtigung abgezogen, denn beim Kaufabschluss wurde die sogenannte Button-Lösung nicht eingehalten. --------------------------------------------- https://www.watchlist-internet.at/news/online-handelsregistereu-bucht-fuer-e...
===================== = Vulnerabilities = =====================
∗∗∗ Ghostscript Zero-Day Allows Full Server Compromises ∗∗∗ --------------------------------------------- Proof-of-concept exploit code was published online over the weekend for an unpatched Ghostscript vulnerability that puts all servers that rely on the component at risk of attacks. From a report: Published by Vietnamese security researcher Nguyen The Duc, the proof-of-concept code is available on GitHub and was confirmed to work by several of todays leading security researchers. --------------------------------------------- https://it.slashdot.org/story/21/09/07/1532205/ghostscript-zero-day-allows-f...
∗∗∗ Netgear schließt Sicherheitslücken in 20 Switches ∗∗∗ --------------------------------------------- Wenn die Voraussetzungen stimmen, könnten Angreifer die Kontrolle über Netgear-Switches erlangen. Sicherheitsupdates sind verfügbar. --------------------------------------------- https://heise.de/-6184272
∗∗∗ Lücken in Gutenberg-Template-Plug-in gefährden eine Million WordPress-Websites ∗∗∗ --------------------------------------------- Angreifer könnten WordPress-Websites mit dem Plug-in Gutenberg Template Library & Redux Framework attackieren. Ein Sicherheitspatch steht zum Download. --------------------------------------------- https://heise.de/-6184875
∗∗∗ Security updates for Tuesday ∗∗∗ --------------------------------------------- Security updates have been issued by openSUSE (apache2, java-11-openjdk, libesmtp, nodejs10, ntfs-3g_ntfsprogs, openssl-1_1, xen, and xerces-c), Red Hat (kernel-rt and kpatch-patch), and SUSE (ntfs-3g_ntfsprogs and openssl-1_1). --------------------------------------------- https://lwn.net/Articles/868569/
∗∗∗ Synology-SA-21:26 Photo Station ∗∗∗ --------------------------------------------- A vulnerability allows remote attackers to bypass security constraints via a susceptible version of Photo Station. --------------------------------------------- https://www.synology.com/en-global/support/security/Synology_SA_21_26
∗∗∗ Security Bulletin: A security vulnerability has been identified in Oracle Oct 2020 CPU for Java 8 shipped with IBM® Intelligent Operations Center (CVE-2020-14782) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-h...
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-i...
∗∗∗ Security Bulletin: Vulnerability in Dojo affects WebSphere Application Server (CVE-2020-5258) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-dojo-affe...
∗∗∗ Security Bulletin: Multiple vulnerabilities have been identified in Oracle Jan 2021 CPU for Java 8 shipped with IBM® Intelligent Operations Center (CVE-2020-14803) (CVE-2020-27221) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-h...
∗∗∗ Security Bulletin: A security vulnerability has been identified in Oracle Oct 2020 CPU for Java 8 shipped with IBM® Intelligent Operations Center (CVE-2020-2773) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-h...
∗∗∗ Security Bulletin: Vulnerability in Bind affects IBM Integrated Analytics System ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-bind-affe...
∗∗∗ Security Bulletin: Multiple vulnerabilities in OpenSSL may affect IBM Workload Scheduler ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-i...
∗∗∗ Security Bulletin: CVE-2020-1971 vulnerability in OpenSSL may affect IBM Workload Scheduler ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-cve-2020-1971-vulnerabilit...
∗∗∗ Security Bulletin: Multiple vulnerabilities have been identified in Oracle Oct 2020 CPU for Java 8 shipped with IBM® Intelligent Operations Center (CVE-2020-14779, CVE-2020-14792,CVE-2020-14796,CVE-2020-14797,CVE-2020-14798) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-h...
∗∗∗ Security Bulletin: Multiple vulnerabilities in OpenSSL may affect IBM Workload Scheduler ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-i...
∗∗∗ Mitsubishi Electric MELSEC iQ-R Series ∗∗∗ --------------------------------------------- https://us-cert.cisa.gov/ics/advisories/icsa-21-250-01
∗∗∗ Hitachi ABB Power Grids System Data Manager ∗∗∗ --------------------------------------------- https://us-cert.cisa.gov/ics/advisories/icsa-21-250-02