[CERT-daily] Tageszusammenfassung - 26.06.2023

[Daily end-of-shift report]

=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 23-06-2023 18:00 − Montag 26-06-2023 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ FortiNAC: Kritische Sicherheitslücke erlaubt Codeschmuggel, Update vergfügbar ∗∗∗
---------------------------------------------
Fortinet stellt Softwareupdates bereit, die unter anderem eine kritische Sicherheitslücke in FortiNAC schließen. Angreifer können Schadcode einschleusen.
---------------------------------------------
https://heise.de/-9197438


∗∗∗ Teams-Lücke vereinfacht Unterjubeln von Malware ∗∗∗
---------------------------------------------
In Microsoft Teams können Angreifer potenziellen Opfern einfach Malware zukommen lassen. Herkömmlicher Phishing-Schutz hilft nicht dagegen.
---------------------------------------------
https://heise.de/-9197620


∗∗∗ DNS Analyzer - Finden von DNS-Schwachstellen mit Burp Suite ∗∗∗
---------------------------------------------
Ein brandneues Plugin für Burp Suite zum Aufspüren von DNS-Schwachstellen in Webanwendungen!
---------------------------------------------
https://sec-consult.com/de/blog/detail/dns-analyzer-finden-von-dns-schwachstellen-mit-burp-suite/


∗∗∗ Betrug bei der Wohnungssuche: Kriminelle führen in gemieteten Airbnb-Wohnungen Besichtigungen durch ∗∗∗
---------------------------------------------
Es ist kaum zu glauben: Sie haben gerade Ihre Traumwohnung besichtigt, noch dazu ist sie sehr günstig! In diesem Fall raten wir aber, Verträge nicht voreilig zu unterschreiben und auch keine Kaution zu überweisen, denn aktuell mieten Kriminelle Airbnb-Wohnungen und stellen diese dann zur Vermietung ins Internet. Sie besichtigen eine nicht verfügbare Wohnung, unterschreiben einen ungültigen Vertrag und überweisen Kriminellen die Kaution!
---------------------------------------------
https://www.watchlist-internet.at/news/betrug-bei-der-wohnungssuche-kriminelle-fuehren-in-gemieteten-airbnb-wohnungen-besichtigungen-durch/


∗∗∗ Grafana warns of critical auth bypass due to Azure AD integration ∗∗∗
---------------------------------------------
Grafana has released security fixes for multiple versions of its application, addressing a vulnerability that enables attackers to bypass authentication and take over any Grafana account that uses Azure Active Directory for authentication.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/grafana-warns-of-critical-auth-bypass-due-to-azure-ad-integration/


∗∗∗ 5 facts to know about the Royal ransomware gang ∗∗∗
---------------------------------------------
A quick look the cybercriminal group known as Royal—one of the fastest growing ransomware gangs today.
---------------------------------------------
https://www.malwarebytes.com/blog/business/2023/06/5-facts-to-know-about-the-royal-ransomware-gang


∗∗∗ Exploiting Noisy Oracles with Bayesian Inference ∗∗∗
---------------------------------------------
In cryptographic attacks, we often rely on abstracted information sources which we call “oracles”. [...] In practice, however, not all oracles are created equal: an oracle that comes from error messages may well be perfectly reliable, whereas one which relies on (say) timing side channels may have to deal with a non-negligible amount of noise. In this post, we’ll look at how to deal with noisy oracles, and how to mount attacks using them.
---------------------------------------------
https://research.nccgroup.com/2023/06/23/exploiting-noisy-oracles-with-bayesian-inference/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (bind9 and owslib), Fedora (dav1d, dotnet6.0, dotnet7.0, mingw-dbus, vim, and wabt), and SUSE (cloud-init and golang-github-vpenso-prometheus_slurm_exporter).
---------------------------------------------
https://lwn.net/Articles/936332/


∗∗∗ Multiple Vulnerabilities in Autodesk® InfraWorks software ∗∗∗
---------------------------------------------
Autodesk InfraWorks has been affected by multiple vulnerabilities detailed below. Exploitation of these vulnerabilities may lead to remote code execution and/or denial-of-service to the software and user devices. Hotfixes are available in the Autodesk Desktop App or the Accounts Portal to help resolve these vulnerabilities
---------------------------------------------
https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0012


∗∗∗ WAGO: Controller with CODESYS 2.3 Runtime Denial-of-Service ∗∗∗
---------------------------------------------
https://cert.vde.com/de/advisories/VDE-2023-006/


∗∗∗ WAGO: Series 750-3x/-8x prone to MODBUS server DoS ∗∗∗
---------------------------------------------
https://cert.vde.com/de/advisories/VDE-2023-005/


∗∗∗ A vulnerability in containerd affects IBM Robotic Process Automation for Cloud Pak and may result in a denial of service (CVE-2022-23471) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/pages/node/7006699


∗∗∗ IBM Spectrum Scale Transparent Cloud Tiering is affected by a vulnerability which can allow an attacker to execute arbitrary code ∗∗∗
---------------------------------------------
https://www.ibm.com/support/pages/node/7006819


∗∗∗ Security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for May 2023 ∗∗∗
---------------------------------------------
https://www.ibm.com/support/pages/node/6998727

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily