===================== = End-of-Day report = =====================
Timeframe: Mittwoch 29-10-2025 18:00 − Donnerstag 30-10-2025 18:00 Handler: Alexander Riepl Co-Handler: n/a
===================== = News = =====================
∗∗∗ Kein Fix verfügbar: Milliarden von Webbrowsern lassen sich in Sekunden crashen ∗∗∗ --------------------------------------------- Eine bisher ungepatchte Sicherheitslücke betrifft Nutzer Chromium-basierter Browser. Die Software lässt sich sekundenschnell zum Absturz bringen. --------------------------------------------- https://www.golem.de/news/kein-fix-verfuegbar-milliarden-von-webbrowsern-las...
∗∗∗ GIMP: Manipulierte Bilder können Schadcode einschmuggeln ∗∗∗ --------------------------------------------- Die GIMP-Version 3.0.6 schließt einige hochriskante Sicherheitslücken. Angreifer können mit präparierten Bildern Malware einschleusen. --------------------------------------------- https://www.heise.de/news/Bildbarbeitung-GIMP-Version-3-0-6-schliesst-Codesc...
∗∗∗ Sicherheitslücke: MOVEit Transfer ist für Attacken anfällig ∗∗∗ --------------------------------------------- Ein Patch schließt eine Schwachstelle in der Dateiübertragungssoftware MOVEit Transfer. --------------------------------------------- https://www.heise.de/news/Sicherheitsluecke-Angreifer-koennen-Dienst-von-MOV...
∗∗∗ USA: Verkaufsverbot für TP-Link-Router wird immer wahrscheinlicher ∗∗∗ --------------------------------------------- Das US-Handelsministerium schlägt ein Verkaufsverbot für TP-Link-Router vor. Mehrere Bundesbehörden sehen ein Sicherheitsrisiko durch Verbindungen nach China. --------------------------------------------- https://www.heise.de/news/USA-Verkaufsverbot-fuer-TP-Link-Router-wird-immer-...
∗∗∗ Security awareness: four pillars for staying safe online ∗∗∗ --------------------------------------------- TL;DR Introduction When it comes to being security aware, there are seemingly endless things you need to consider. Here are four key areas as a user you can focus on to keep yourself secure. --------------------------------------------- https://www.pentestpartners.com/security-blog/security-awareness-four-pillar...
∗∗∗ #5TageGegenDeepfakes: Kriminelle nutzen Deepfakes von Promis für Investmentscams ∗∗∗ --------------------------------------------- Einige Prominente genießen aufgrund ihrer Persönlichkeit eine hohe Vertrauenswürdigkeit. Kriminelle machen sich dies zunutze und erstellen Deepfakes der Promis, um sie betrügerische Investments bewerben zu lassen. --------------------------------------------- https://www.watchlist-internet.at/news/5tagegegendeepfakes-kriminelle-nutzen...
∗∗∗ Former Trenchant exec pleads guilty to selling cyber exploits to Russian broker ∗∗∗ --------------------------------------------- The former executive sold the trade secrets to a Russian cyber-tools broker that “publicly advertises itself as a reseller of cyber exploits to various customers, including the Russian government,” according to the Department of Justice. --------------------------------------------- https://therecord.media/trenchant-exec-pleads-guilty-russia-secrets
∗∗∗ Cyber info sharing ‘holding steady’ despite lapse in CISA 2015, official says ∗∗∗ --------------------------------------------- The comments come roughly a month after the expiration of the 2015 Cybersecurity Information Sharing Act, which incentivized private entities to share threat data with the government with antitrust and liability safeguards. --------------------------------------------- https://therecord.media/cyber-info-sharing-holding-steady-official-says
∗∗∗ Russian Hackers Exploit Adaptix Pentesting Tool in Ransomware Attacks ∗∗∗ --------------------------------------------- Silent Push wars of Russian hackers exploiting Adaptix, a pentesting tool built for Windows, Linux, and macOS, in ransomware campaigns. --------------------------------------------- https://hackread.com/russian-hackers-adaptix-pentest-ransomware/
∗∗∗ New Guidance Released on Microsoft Exchange Server Security Best Practices ∗∗∗ --------------------------------------------- Today, CISA, in partnership with the National Security Agency and international cybersecurity partners, released Microsoft Exchange Server Security Best Practices, a guide to help network defenders harden on-premises Exchange servers against exploitation .. at high risk of compromise. Best practices in this guide focus on hardening user --------------------------------------------- https://www.cisa.gov/news-events/alerts/2025/10/30/new-guidance-released-mic...
∗∗∗ Learnings from recent npm supply chain compromises ∗∗∗ --------------------------------------------- A look at recent npm supply chain compromises and how we can learn from them to better prepare for future incidents. --------------------------------------------- https://securitylabs.datadoghq.com/articles/learnings-from-recent-npm-compro...
∗∗∗ Vulnerabilities in LUKS2 disk encryption for confidential VMs ∗∗∗ --------------------------------------------- Trail of Bits is disclosing vulnerabilities in eight different confidential computing systems that use Linux Unified Key Setup version 2 (LUKS2) for disk encryption. Using these vulnerabilities, a malicious actor with access to storage disks can extract all confidential data stored on that disk and can modify the contents of the disk arbitrarily. The vulnerabilities are caused by malleable metadata headers that allow an attacker to trick a trusted execution environment guest into encrypting .. --------------------------------------------- https://blog.trailofbits.com/2025/10/30/vulnerabilities-in-luks2-disk-encryp...
===================== = Vulnerabilities = =====================
∗∗∗ SVD-2025-1011: Third-Party Package Updates in Splunk Operator for Kubernetes Add-on - October 2025 ∗∗∗ --------------------------------------------- Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Operator for Kubernetes Add-on version 3.0.0 and higher. --------------------------------------------- https://advisory.splunk.com//advisories/SVD-2025-1011
∗∗∗ SVD-2025-1010: Third-Party Package Updates in Splunk AppDynamics Analytics Agent - October 2025 ∗∗∗ --------------------------------------------- Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk AppDynamics Analytics Agent version 25.7.0 and higher. --------------------------------------------- https://advisory.splunk.com//advisories/SVD-2025-1010
∗∗∗ SVD-2025-1009: Third-Party Package Updates in Splunk AppDynamics Private Synthetic Agent - October 2025 ∗∗∗ --------------------------------------------- Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk AppDynamics Private Synthetic Agent version 25.7.0 and higher. --------------------------------------------- https://advisory.splunk.com//advisories/SVD-2025-1009
∗∗∗ SVD-2025-1008: Third-Party Package Updates in Splunk AppDynamics Machine Agent - October 2025 ∗∗∗ --------------------------------------------- Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk AppDynamics Machine Agent version 25.7.0 and higher. --------------------------------------------- https://advisory.splunk.com//advisories/SVD-2025-1008
∗∗∗ Simple OAuth (OAuth2) & OpenID Connect - Critical - Access bypass - SA-CONTRIB-2025-114 ∗∗∗ --------------------------------------------- https://www.drupal.org/sa-contrib-2025-114