[CERT-daily] Tageszusammenfassung - 22.09.2020
Daily end-of-shift report
team at cert.at
Tue Sep 22 18:30:12 CEST 2020
=====================
= End-of-Day report =
=====================
Timeframe: Montag 21-09-2020 18:00 − Dienstag 22-09-2020 18:00
Handler: Stephan Richter
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ Google Cloud Buckets Exposed in Rampant Misconfiguration ∗∗∗
---------------------------------------------
A too-large percentage of cloud databases containing highly sensitive information are publicly available, an analysis shows.
---------------------------------------------
https://threatpost.com/google-cloud-buckets-exposed-misconfiguration/159429/
∗∗∗ New and improved Security Update Guide! ∗∗∗
---------------------------------------------
We're excited to announce a significant update to the Security Update Guide, our one-stop site for information about all security updates provided by Microsoft. This new version will provide a more intuitive user experience to help protect our customers regardless of what Microsoft products or services they use in their environment.
---------------------------------------------
https://msrc-blog.microsoft.com:443/2020/09/21/new-and-improved-security-update-guide/
∗∗∗ Cyberbedrohungen: Kostenlose "Adversary Emulation Plans" für Firmen verfügbar ∗∗∗
---------------------------------------------
Ein neues MITRE-Projekt stellt Informationen bereit, die Red Teams Schritt für Schritt beim Nachstellen realitätsnaher Angriffsszenarien unterstützen sollen.
---------------------------------------------
https://heise.de/-4907083
∗∗∗ instructionsweb.com führt in Abo-Falle ∗∗∗
---------------------------------------------
Die Suche nach einer Gebrauchsanleitung für ein elektronisches Gerät führte Sie zu instructionsweb.com? Sie haben dort schnell und unkompliziert die benötigte Anleitung gefunden? Auch der Preis von 95 Cent ist erschwinglich. Vorsicht: Mit Eingabe Ihrer Kreditkartendaten tappen Sie in eine Abo-Falle, die Sie monatlich € 11,95 kostet! Und: Anleitung gibt's trotz Bezahlung keine!
---------------------------------------------
https://www.watchlist-internet.at/news/instructionswebcom-fuehrt-in-abo-falle/
∗∗∗ Does your business have a Well-Known URL for changing passwords? It should! ∗∗∗
---------------------------------------------
If you're a business which has a website that customers access via a password, spend a few minutes create your own .well-known/change-password which points users to the correct place.
---------------------------------------------
https://businessinsights.bitdefender.com/business-url-changing-password
∗∗∗ Optimizing Away JavaScript Obfuscation. (arXiv:2009.09170v1 [cs.CR]) ∗∗∗
---------------------------------------------
JavaScript is a popular attack vector for releasing malicious payloads on unsuspecting Internet users. Authors of this malicious JavaScript often employ numerous obfuscation techniques in order to prevent the automatic detection by antivirus and hinder manual analysis by professional malware analysts. Consequently, this paper presents SAFE-Deobs, a JavaScript deobfuscation tool that we have built.
---------------------------------------------
https://arxiv.org/abs/2009.09170
∗∗∗ Microsoft sichert ungeschützten Backend-Server seiner Suchmaschine Bing ∗∗∗
---------------------------------------------
Er gibt 6,5 TByte Daten preis. Es handelt sich ausschließlich um Log-Dateien ohne persönliche Informationen. Microsoft spricht von einer Fehlkonfiguration – dem fraglichen Server fehlte ein Passwort.
---------------------------------------------
https://www.zdnet.de/88382854/microsoft-sichert-ungeschuetzten-backend-server-seiner-suchmaschine-bing/
=====================
= Vulnerabilities =
=====================
∗∗∗ Firefox: Neue Desktop-Versionen beseitigen mögliche Einfallstore für Angreifer ∗∗∗
---------------------------------------------
Mit den Versionen 81 und ESR 78.3 des Webbrowsers Firefox liefert das Mozilla-Team auch diverse Lücken-Fixes aus.
---------------------------------------------
https://heise.de/-4909119
∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Mageia (mysql-connector-java), openSUSE (chromium, curl, libqt4, and singularity), Red Hat (bash and kernel), SUSE (python-pip and python3), and Ubuntu (busybox, ceph, freeimage, libofx, libpam-tacplus, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-azure, linux-gcp, linux-oracle, novnc, and tnef).
---------------------------------------------
https://lwn.net/Articles/832164/
∗∗∗ VMware Horizon DaaS: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen ∗∗∗
---------------------------------------------
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in VMware Horizon DaaS ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
---------------------------------------------
https://www.cert-bund.de/advisoryshort/CB-K20-0916
∗∗∗ Xen Security Advisories ∗∗∗
---------------------------------------------
The Xen Project has released 10 Security Advisories on 2020-09-22.
---------------------------------------------
https://xenbits.xen.org/xsa/
∗∗∗ Security Bulletin: CVE-2020-2590 (deferred from Oracle Jan 2020 CPU) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2020-2590-deferred-from-oracle-jan-2020-cpu-2/
∗∗∗ Security Bulletin: CVE-2020-2601 (deferred from Oracle Jan 2020 CPU) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2020-2601-deferred-from-oracle-jan-2020-cpu-2/
∗∗∗ Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-data-risk-manager-is-affected-by-multiple-vulnerabilities-2/
∗∗∗ Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU – Jul 2020 – Includes Oracle Jul 2020 CPU plus one additional vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-sdk-java-technology-edition-quarterly-cpu-jul-2020-includes-oracle-jul-2020-cpu-plus-one-additional-vulnerability-2/
∗∗∗ Security Bulletin: CVE-2020-2601 (deferred from Oracle Jan 2020 CPU) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2020-2601-deferred-from-oracle-jan-2020-cpu/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Cloud Manager with OpenStack ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-cloud-manager-with-openstack-3/
∗∗∗ Security Bulletin: Apache ZooKeeper as used by IBM QRadar SIEM is vulnerable to information disclosure (CVE-2019-0201) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-apache-zookeeper-as-used-by-ibm-qradar-siem-is-vulnerable-to-information-disclosure-cve-2019-0201/
∗∗∗ Security Bulletin: CVE-2020-2590 (deferred from Oracle Jan 2020 CPU) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2020-2590-deferred-from-oracle-jan-2020-cpu/
∗∗∗ Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise V11 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-node-js-affect-ibm-app-connect-enterprise-v11/
∗∗∗ Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU – Jul 2020 – Includes Oracle Jul 2020 CPU plus one additional vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-sdk-java-technology-edition-quarterly-cpu-jul-2020-includes-oracle-jul-2020-cpu-plus-one-additional-vulnerability/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list