[CERT-daily] Tageszusammenfassung - 08.10.2020

Daily end-of-shift report team at cert.at
Thu Oct 8 18:23:43 CEST 2020


=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 07-10-2020 18:00 − Donnerstag 08-10-2020 18:00
Handler:     Dimitri Robl
Co-Handler:  Robert Waldner

=====================
=       News        =
=====================

∗∗∗ SiteCheck Malware Report: September Summary ∗∗∗
---------------------------------------------
In September alone, a total of 17,138,086 website scans were performed using SiteCheck. Of those scans, 178,299 infected sites were detected. 
---------------------------------------------
https://blog.sucuri.net/2020/10/sitecheck-malware-report-september-summary.html


∗∗∗ Researchers Find Vulnerabilities in Microsoft Azure Cloud Service ∗∗∗
---------------------------------------------
Now according to the latest research, two security flaws in Microsoft's Azure App Services could have enabled a bad actor to carry out server-side request forgery (SSRF) attacks or execute arbitrary code and take over the administration server.
...
Discovered by Paul Litvak of Intezer Labs, the flaws were reported to Microsoft in June, after which the company subsequently addressed them.
---------------------------------------------
https://thehackernews.com/2020/10/microsoft-azure-vulnerability.html






=====================
=  Vulnerabilities  =
=====================

∗∗∗ QNAP NAS: Neue Version der Helpdesk-App beseitigt zwei kritische Lücken ∗∗∗
---------------------------------------------
Die Helpdesk-App für Netzwerkspeicher von QNAP wies zwei Sicherheitslücken auf, über die Angreifer die Kontrolle über die Geräte hätten erlangen können.
---------------------------------------------
https://heise.de/-4923916


∗∗∗ Multiple Cross-Site Scripting Vulnerabilities in Confluence Marketplace Plugins ∗∗∗
---------------------------------------------
Multiple Confluence Plugins from different vendors are affected by stored cross-site scripting vulnerabilities which allow attackers to inject malicious JavaScript code into Confluence pages.
PlantUML, Refined Toolkit for Confluence, Linking for Confluence, Countdown Timer, Server Status
Business recommendation: Update to the latest versions of the plugins.
---------------------------------------------
https://sec-consult.com/./en/blog/advisories/multiple-cross-site-scripting-vulnerabilities-in-confluence-marketplace-plugins/


∗∗∗ Vulnerability Exposes Over 4 Million Sites Using WPBakery ∗∗∗
---------------------------------------------
On July 27th, our Threat Intelligence team discovered a vulnerability in WPBakery, a WordPress plugin installed on over 4.3 million sites. This flaw made it possible for authenticated attackers with contributor-level or above permissions to inject malicious JavaScript in posts. [...] a final sufficient patch was released on September 24, 2020. We highly recommend updating to the latest version, 6.4.1 as of today, immediately. 
---------------------------------------------
https://www.wordfence.com/blog/2020/10/vulnerability-exposes-over-4-million-sites-using-wpbakery/


∗∗∗ IBM Security Bulletins ∗∗∗
---------------------------------------------
IBM hat eine Reihe von Security Bulletins veröffentlicht:
* https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-pak-for-data-node-js-cve-2020-8172-cve-2020-8174-cve-2020-11080/
* https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-an-oracle-mysql-vulnerabilities-4/ 
* https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-a-kernel-vulnerability-17/
---------------------------------------------
https://www.ibm.com/blogs/psirt/


∗∗∗ Sicherheitsupdates: Angreifer könnten Videoüberwachung von Cisco deaktivieren ∗∗∗
---------------------------------------------
Der Netzwerkausrüster Cisco hat wichtige Patches für unter anderem Überwachungskameras und die Online-Meeting-Software Webex veröffentlicht.
Liste nach Bedrohungsgrad absteigend sortiert:
* Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Remote Code Execution and Denial of Service
* Webex Teams Client for Windows DLL Hijacking
* Identity Services Engine Authorization Bypass
* Industrial Network Director Denial of Service
* Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Memory Leak
* Vision Dynamic Signage Director Missing Authentication
* SD-WAN vManage Cross-Site Scripting
* StarOS Privilege Escalation
* Expressway Series and TelePresence Video Communication Server Denial of Service
* Email Security Appliance URL Filtering Bypass
* Nexus Data Broker Software Path Traversal
* Firepower Management Center Cross-Site Scripting
* Identity Services Engine Cross-Site Scripting
* StarOS Privilege Escalation
---------------------------------------------
https://heise.de/-4924026

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list