===================== = End-of-Day report = =====================
Timeframe: Montag 30-12-2024 18:00 − Donnerstag 02-01-2025 18:00 Handler: Alexander Riepl Co-Handler: n/a
===================== = News = =====================
∗∗∗ Cyberangriff: Hacker wollen Daten von IT-Dienstleister Atos erbeutet haben ∗∗∗ --------------------------------------------- Die Angreifer behaupten, im Besitz einer Firmendatenbank von Atos zu sein. Der IT-Dienstleister findet bisher keine Beweise für einen Angriff. --------------------------------------------- https://www.golem.de/news/cyberangriff-hacker-wollen-daten-von-it-dienstleis...
∗∗∗ Supportende naht: Forscher warnt vor Security-Fiasko durch Windows 10 ∗∗∗ --------------------------------------------- Rund zwei Drittel aller Windows-PCs in Deutschland arbeiten noch mit Windows 10. Es besteht dringender Handlungsbedarf - nicht erst im Oktober dieses Jahres. --------------------------------------------- https://www.golem.de/news/supportende-naht-forscher-warnt-vor-security-fiask...
∗∗∗ Chinas cyber intrusions took a sinister turn in 2024 ∗∗∗ ---------------------------------------------
From targeted espionage to pre-positioning - not that they are mutually exclusive The Chinese governments intrusions into Americas telecommunications and other critical infrastructure networks this year appears to signal a shift from cyberspying as usual to prepping for destructive attacks.
--------------------------------------------- https://www.theregister.com/2024/12/31/china_cyber_intrusions_2024/
∗∗∗ US Treasury Department outs the blast radius of BeyondTrusts key leak ∗∗∗ --------------------------------------------- Data pilfered as miscreants roamed affected workstations The US Department of the Treasury has admitted that miscreants were in its systems, accessing documents in what has been called a "major incident." --------------------------------------------- https://www.theregister.com/2024/12/31/us_treasury_department_hacked/
∗∗∗ "Die perfekte Phishing-Mail": Mit KI-Textgeneratoren gegen Führungskräfte ∗∗∗ --------------------------------------------- KI-Technik ermöglicht es Kriminellen, hochpersonalisierte Phishing-Mails an Führungskräfte zu schicken, warnt ein Versicherer. Trainingsmaterial gibt es online. --------------------------------------------- https://www.heise.de/news/Die-perfekte-Phishing-Mail-Mit-KI-Textgeneratoren-...
∗∗∗ U.S. Army Soldier Arrested in AT&T, Verizon Extortions ∗∗∗ --------------------------------------------- Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from AT&T and .. --------------------------------------------- https://krebsonsecurity.com/2024/12/u-s-army-soldier-arrested-in-att-verizon...
∗∗∗ Vorsicht vor betrügerischen E-Mails zur Rückerstattung von ORF-Gebühren ∗∗∗ --------------------------------------------- Derzeit finden zahlreiche Personen ein E-Mail in ihrem Postfach, in dem behauptet wird, dass sie Anspruch auf eine Rückerstattung von ORF-Gebühren in Höhe von 34,40 Euro haben. Achtung: Es handelt sich dabei um einen Phishing-Versuch, der darauf abzielt, Kontodaten zu stehlen. --------------------------------------------- https://www.watchlist-internet.at/news/betruegerisches-orf-rueckerstattung-e...
∗∗∗ Bad Likert Judge: A Novel Multi-Turn Technique to Jailbreak LLMs by Misusing Their Evaluation Capability ∗∗∗ --------------------------------------------- The jailbreak technique "Bad Likert Judge" manipulates LLMs to generate harmful content using Likert scales, exposing safety gaps in LLM guardrails. --------------------------------------------- https://unit42.paloaltonetworks.com/multi-turn-technique-jailbreaks-llms/
∗∗∗ DORA Regulation (Digital Operational Resilience Act): A Threat Intelligence Perspective ∗∗∗ --------------------------------------------- The Digital Operational Resilience Act (DORA) is coming in 2025. --------------------------------------------- https://www.team-cymru.com/post/dora-regulation-digital-operational-resilien...
∗∗∗ Passkey technology is elegant, but it’s most definitely not usable security ∗∗∗ --------------------------------------------- It's that time again, when families and friends gather and implore the more technically inclined among them to troubleshoot problems they're having behind the device screens all around them. One of the most vexing .. --------------------------------------------- https://arstechnica.com/security/2024/12/passkey-technology-is-elegant-but-i...
∗∗∗ I’m Lovin’ It: Exploiting McDonald’s APIs to hijack deliveries and order food for a penny ∗∗∗ --------------------------------------------- API flaws in the McDonald’s McDelivery system in India, one of the world’s most popular food delivery apps, enabled a variety of fun exploits .. --------------------------------------------- https://eaton-works.com/2024/12/19/mcdelivery-india-hack/
∗∗∗ Déjà vu: Ghostly CVEs in my terminal title ∗∗∗ --------------------------------------------- As I've spoken and written about all modern terminals are actually "emulating" something dating from the .. --------------------------------------------- https://dgl.cx/2024/12/ghostty-terminal-title
===================== = Vulnerabilities = =====================
∗∗∗ ZDI-24-1737: Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability ∗∗∗ --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-24-1737/
∗∗∗ ZDI-24-1736: (0Day) Paessler PRTG Network Monitor SNMP Cross-Site Scripting Authentication Bypass Vulnerability ∗∗∗ --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-24-1736/
∗∗∗ ZDI-24-1739: Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability ∗∗∗ --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-24-1739/
∗∗∗ ZDI-24-1738: Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability ∗∗∗ --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-24-1738/
∗∗∗ PAN-OS Firewall Denial of Service (DoS) Vulnerability ∗∗∗ --------------------------------------------- https://fortiguard.fortinet.com/threat-signal-report/5610