[CERT-daily] Tageszusammenfassung - 31.08.2022
Daily end-of-shift report
team at cert.at
Wed Aug 31 18:06:33 CEST 2022
=====================
= End-of-Day report =
=====================
Timeframe: Dienstag 30-08-2022 18:00 − Mittwoch 31-08-2022 18:00
Handler: Thomas Pribitzer
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ Hackers hide malware in James Webb telescope images ∗∗∗
---------------------------------------------
Threat analysts have spotted a new malware campaign dubbed GO#WEBBFUSCATOR that relies on phishing emails, malicious documents, and space images from the James Webb telescope to spread malware.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/hackers-hide-malware-in-james-webb-telescope-images/
∗∗∗ Watering Hole Attacks Push ScanBox Keylogger ∗∗∗
---------------------------------------------
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
---------------------------------------------
https://threatpost.com/watering-hole-attacks-push-scanbox-keylogger/180490/
∗∗∗ Infoblox Threat Intelligence: IOCs related to the Russia-Ukraine conflict ∗∗∗
---------------------------------------------
This folder contains IOCs related to the Russian invasion of Ukraine. The majority of the content is based on Infoblox internal analytics and validation analysis, though some OSINT is also included.
---------------------------------------------
https://github.com/infobloxopen/threat-intelligence/tree/main/ukraine
∗∗∗ Webinar: Betrugsfallen im Internet erkennen ∗∗∗
---------------------------------------------
Am Dienstag, den 06.09.2022 von 18:30 – 20:00 Uhr findet das kostenlose Webinar zum Thema „Betrugsfallen im Internet erkennen" statt. Melden Sie sich jetzt an!
---------------------------------------------
https://www.watchlist-internet.at/news/webinar-betrugsfallen-im-internet-erkennen/
=====================
= Vulnerabilities =
=====================
∗∗∗ IBM Security Bulletins 2022-08-30 ∗∗∗
---------------------------------------------
IBM TRIRIGA Application Platform, IBM b-type SAN directors and switches, IBM Integration Bus, IBM App Connect Enterprise, IBM Watson Assistant for IBM Cloud Pak for Data, IBM Engineering Lifecycle Engineering, IBM Cloud Transformation Advisor, IBM Cloud Object Storage Systems.
---------------------------------------------
https://www.ibm.com/blogs/psirt/
∗∗∗ Sicherheitsupdate: Angreifer könnten WordPress-Websites attackieren ∗∗∗
---------------------------------------------
Die WordPress-Entwickler haben drei Lücken im Content-Management-System geschlossen.
---------------------------------------------
https://heise.de/-7249431
∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (dpdk, net-snmp, php-horde-mime-viewer, php-horde-turba, and webkit2gtk), Fedora (rsync), Oracle (openssl and systemd), Red Hat (booth, kernel, kernel-rt, and openssl), Slackware (vim), SUSE (bluez, java-1_8_0-ibm, postgresql10, and zlib), and Ubuntu (kernel, linux, linux-raspi, linux-aws, and linux-oem-5.14).
---------------------------------------------
https://lwn.net/Articles/906579/
∗∗∗ Security Advisory - Traffic Hijacking Vulnerability in Huawei Routers ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2022/huawei-sa-20220831-01-5370a6df-en
∗∗∗ Grafana: Schwachstelle ermöglicht Offenlegung von Informationen ∗∗∗
---------------------------------------------
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1221
∗∗∗ GitLab: Mehrere Schwachstellen ∗∗∗
---------------------------------------------
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1239
∗∗∗ ArubaOS: Mehrere Schwachstellen ∗∗∗
---------------------------------------------
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1238
∗∗∗ GNU libc: Schwachstelle ermöglicht Offenlegung von Informationen ∗∗∗
---------------------------------------------
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1234
∗∗∗ tribe29 checkmk: Mehrere Schwachstellen ∗∗∗
---------------------------------------------
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1230
∗∗∗ Xerox FreeFlow Print Server: Mehrere Schwachstellen ∗∗∗
---------------------------------------------
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1228
∗∗∗ Chrome 105.0.5195.5x fixt 24 Schwachstellen ∗∗∗
---------------------------------------------
https://www.borncity.com/blog/2022/08/31/chrome-105-0-5195-5x-fixt-24-schwachstellen/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list