===================== = End-of-Day report = =====================
Timeframe: Dienstag 11-08-2020 18:00 − Mittwoch 12-08-2020 18:00 Handler: Dimitri Robl Co-Handler: Thomas Pribitzer
===================== = News = =====================
∗∗∗ CEO Fraud via WhatsApp und Sprachnachrichten ∗∗∗ --------------------------------------------- CEO Fraud läuft in den meisten bekannten Fällen via E-Mail ab: Kriminelle geben sich gegenüber MitarbeiterInnen mit Überweisungsrecht als CEO/CFO/etc. aus und verlangen, dass unverzüglich und ohne Rücksprache mit anderen eine hohe Summe auf ein Bankkonto (vorzugsweise im Ausland) transferiert werden muss, um einen extrem wichtigen Deal zu fixieren. --------------------------------------------- https://cert.at/de/aktuelles/2020/8/ceo-fraud-via-whatsapp-und-sprachnachric...
∗∗∗ Mobilfunk: LTE-Anrufe ließen sich trotz Verschlüsselung abhören ∗∗∗ --------------------------------------------- Je länger das Opfer in der Leitung bleibt, desto mehr lässt sich von vorherigen Gesprächen rekonstruieren. --------------------------------------------- https://www.golem.de/news/mobilfunk-lte-anrufe-liessen-sich-trotz-verschlues...
∗∗∗ Code Injection Schwachstelle in SAP Application Server ABAP – Solution Tools Plugin ST-PI ∗∗∗ --------------------------------------------- SAP ist einer der größten Anbieter für Unternehmenssoftware weltweit. Schwere Sicherheitslücken in SAP Produkten könnten sich gravierend auf die Sicherheit von Unternehmens-IT-Infrastrukturen auswirken. --------------------------------------------- https://sec-consult.com/blog/2020/08/code-injection-schwachstelle-in-sap-app...
∗∗∗ FIDO2 for Microsoft Online Accounts / Azure AD ∗∗∗ --------------------------------------------- Nowadays a secure password doesnt necessarily mean your account is safe. --------------------------------------------- https://sec-consult.com/en/blog/2020/08/fido2-for-microsoft-online-accounts-...
∗∗∗ Hunting for SQL injections (SQLis) and Cross-Site Request Forgeries (CSRFs) in WordPress Plugins ∗∗∗ --------------------------------------------- This is a detailed overview of the bugs found while reviewing the source code of WordPress plugins. I cover 3 reported vulnerabilities (CVE-2020–5766, CVE-2020–5767 and CVE-2020–5768) which can be exploited for information disclosure and sending forged emails. --------------------------------------------- https://medium.com/tenable-techblog/hunting-for-sql-injections-sqlis-and-cro...
===================== = Vulnerabilities = =====================
∗∗∗ Patchday: Microsoft schließt aktiv ausgenutzte Windows- und Browser-Lücken ∗∗∗ --------------------------------------------- Zum Patch Tuesday hat Microsoft unter anderem zwei kritische Sicherheitslücken geschlossen, die bereits für Angriffe missbraucht wurden. --------------------------------------------- https://heise.de/-4868224
∗∗∗ Security updates for Tuesday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (firmware-nonfree, golang-github-seccomp-libseccomp-golang, and ruby-kramdown), Fedora (kernel, libmetalink, and nodejs), openSUSE (go1.13, perl-XML-Twig, and thunderbird), Oracle (kernel, libvncserver, and thunderbird), Red Hat (kernel-rt and python-paunch and openstack-tripleo-heat-templates), SUSE (dpdk, google-compute-engine, libX11, webkit2gtk3, xen, and xorg-x11-libX11), and Ubuntu (nss and samba). --------------------------------------------- https://lwn.net/Articles/828554/
∗∗∗ QNX-2020-001 Vulnerability in slinger web server Impacts BlackBerry QNX Software Development Platform ∗∗∗ --------------------------------------------- http://support.blackberry.com/kb/articleDetail?language=en_US&articleNum...
∗∗∗ Security Advisory - Improper Authorization Vulnerability in Several Products ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200812-0...
∗∗∗ Security Advisory - Improper Interface Design Vulnerability in Huawei Product ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200812-0...
∗∗∗ Security Advisory - Command Injection Vulnerability in FusionCompute ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200812-0...
∗∗∗ Security Bulletin: Java vulnerabilities affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-java-vulnerabilities-affec...
∗∗∗ Security Bulletin: A vulnerability in jQuery affects IBM WIoTP MessageGateway (CVE-2020-7656) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-jquery-...
∗∗∗ Security Bulletin: IBM i2 Analysts' Notebook and IBM i2 Analysts' Notebook Premium Memory vulnerabilities ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-i2-analysts-notebook-a...
∗∗∗ Security Bulletin: OpenSLP vulnerability affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-openslp-vulnerability-affe...
∗∗∗ Security Bulletin: Incorrect permissions on IBM Spectrum Protect Plus agent files (CVE-2020-4631) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-incorrect-permissions-on-i...
∗∗∗ Security Bulletin: Vulnerabilities in Apache Camel's JMX, Apache Camel RabbitMQ and Apache Camel Netty affects IBM Operations Analytics Predictive Insights (CVE-2020-11971, CVE-2020-11972, CVE-2020-11973) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-apache-...
∗∗∗ Security Bulletin: Multiple Vulnerabilities in jQuery affect IBM WIoTP MessageGateway ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-i...
∗∗∗ Security Bulletin: Network Security (NSS) vulnerability affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-network-security-nss-vulne...
∗∗∗ Security Bulletin: Vulnerabilities in Netty affect IBM Netcool Agile Service Manager (CVE-2020-7238) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-netty-a...
∗∗∗ Security Bulletin: Multiple vulnerabilities in jQuery affect IBM WIoTP MessageGateway (CVE-2020-11023, CVE-2020-11022) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-i...
∗∗∗ IPAS: Security Advisories for August 2020 ∗∗∗ --------------------------------------------- https://blogs.intel.com/technology/2020/08/ipas-security-advisories-for-augu...