[CERT-daily] Tageszusammenfassung - 12.03.2024
Daily end-of-shift report
team at cert.at
Tue Mar 12 18:05:45 CET 2024
=====================
= End-of-Day report =
=====================
Timeframe: Montag 11-03-2024 18:00 − Dienstag 12-03-2024 18:00
Handler: Thomas Pribitzer
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ Inception Attack: Neue Angriffstechnik ermöglicht Manipulation von VR-Inhalten ∗∗∗
---------------------------------------------
Angreifer können nicht nur sensible Informationen abgreifen, sondern auch dem VR-Nutzer angezeigte Inhalte verändern, ohne dass dieser etwas merkt.
---------------------------------------------
https://www.golem.de/news/inception-attack-neue-angriffstechnik-ermoeglicht-manipulation-von-vr-inhalten-2403-183099.html
∗∗∗ Verträge und Abos kündigen: Vorsicht vor kostenpflichtigen Angeboten ∗∗∗
---------------------------------------------
Sie möchten Ihren Vertrag kündigen, wissen aber nicht wie? Oft sind die Informationen zur Kündigung und Kontaktadressen des jeweiligen Unternehmens auch unauffindbar. Aus gutem Grund suchen Konsument:innen daher nach Diensten, die den Kündigungsprozess übernehmen. Oft sind diese Dienste kostenpflichtig oder selbst eine Abofalle.
---------------------------------------------
https://www.watchlist-internet.at/news/vertraege-und-abos-kuendigen-vorsicht-vor-kostenpflichtigen-angeboten/
∗∗∗ Ransomware: Attacks Continue to Rise as Operators Adapt to Disruption ∗∗∗
---------------------------------------------
Available evidence suggests vulnerability exploitation has replaced botnets as a prime infection vector.
---------------------------------------------
https://symantec-enterprise-blogs.security.com/threat-intelligence/ransomware-attacks-exploits
∗∗∗ CISA Publishes SCuBA Hybrid Identity Solutions Guidance ∗∗∗
---------------------------------------------
CISA has published Secure Cloud Business Applications (SCuBA) Hybrid Identity Solutions Guidance (HISG) to help users better understand identity management capabilities and securely integrate their traditional on-premises enterprise networks with cloud-based solutions.
---------------------------------------------
https://www.cisa.gov/news-events/alerts/2024/03/12/cisa-publishes-scuba-hybrid-identity-solutions-guidance
∗∗∗ VCURMS: A Simple and Functional Weapon ∗∗∗
---------------------------------------------
ForitGuard Labs uncovers a rat VCURMS weapon and STRRAT in a phishing campaign
---------------------------------------------
https://feeds.fortinet.com/~/873512375/0/fortinet/blogs~VCURMS-A-Simple-and-Functional-Weapon
=====================
= Vulnerabilities =
=====================
∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (qemu), Mageia (libtiff and thunderbird), Red Hat (kernel, kpatch-patch, postgresql, and rhc-worker-script), SUSE (compat-openssl098, openssl, openssl1, python-Django, python-Django1, and wpa_supplicant), and Ubuntu (accountsservice, libxml2, linux-bluefield, linux-raspi-5.4, linux-xilinx-zynqmp, linux-oem-6.1, openvswitch, postgresql-9.5, and ruby-rack).
---------------------------------------------
https://lwn.net/Articles/965113/
∗∗∗ SAP schließt zehn Sicherheitslücken am März-Patchday ∗∗∗
---------------------------------------------
SAP hat zehn neue Sicherheitsmitteilungen zum März-Patchday veröffentlicht. Zwei der geschlossenen Lücken gelten als kritisch.
---------------------------------------------
https://heise.de/-9652057
∗∗∗ Synology dichtet Sicherheitslecks in SRM ab ∗∗∗
---------------------------------------------
Im Synology Router Manager (SRM) klaffen Sicherheitslecks, durch die Angreifer etwa Scripte einschleusen können. Ein Update steht bereit.
---------------------------------------------
https://heise.de/-9652225
∗∗∗ IBM Security Bulletins ∗∗∗
---------------------------------------------
https://www.ibm.com/support/pages/bulletin/
∗∗∗ Fortiguard Security Advisories ∗∗∗
---------------------------------------------
https://www.fortiguard.com/psirt
∗∗∗ SSA-918992 V1.0: Unused HTTP Service on SENTRON 3KC ATC6 Ethernet Module ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/html/ssa-918992.html
∗∗∗ SSA-832273 V1.0: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 devices ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/html/ssa-832273.html
∗∗∗ SSA-792319 V1.0: Missing Read Out Protection in SENTRON 7KM PAC3x20 Devices ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/html/ssa-792319.html
∗∗∗ SSA-770721 V1.0: Multiple Vulnerabilities in SIMATIC RF160B before V2.2 ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/html/ssa-770721.html
∗∗∗ SSA-653855 V1.0: Information Disclosure vulnerability in SINEMA Remote Connect Client before V3.1 SP1 ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/html/ssa-653855.html
∗∗∗ SSA-576771 V1.0: Multiple Vulnerabilities in SINEMA Remote Connect Server before V3.2 ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/html/ssa-576771.html
∗∗∗ SSA-382651 V1.0: File Parsing Vulnerability in Solid Edge before V223.0.11 ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/html/ssa-382651.html
∗∗∗ SSA-366067 V1.0: Multiple Vulnerabilities in Fortigate NGFW before V7.4.1 on RUGGEDCOM APE1808 devices ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/html/ssa-366067.html
∗∗∗ SSA-353002 V1.0: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/html/ssa-353002.html
∗∗∗ SSA-225840 V1.0: Vulnerabilities in the Network Communication Stack in Sinteso EN and Cerberus PRO EN Fire Protection Systems ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/html/ssa-225840.html
∗∗∗ SSA-145196 V1.0: Authorization Bypass Vulnerability in Siveillance Control ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/html/ssa-145196.html
∗∗∗ PHOENIX CONTACT: Multiple vulnerabilities in CHARX SEC charge controllers ∗∗∗
---------------------------------------------
https://cert.vde.com/de/advisories/VDE-2024-011/
∗∗∗ Citrix SDWAN Security Bulletin for CVE-2024-2049 ∗∗∗
---------------------------------------------
https://support.citrix.com/article/CTX617071/citrix-sdwan-security-bulletin-for-cve20242049
∗∗∗ Stack-based Overflow Vulnerability in the TrueViewTM Desktop Software ∗∗∗
---------------------------------------------
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0005
∗∗∗ Missing PSK secret for IKEv2 connection can cause libreswan to restart ∗∗∗
---------------------------------------------
https://libreswan.org/security/CVE-2024-2357/CVE-2024-2357.txt
∗∗∗ Schneider Electric EcoStruxure Power Design ∗∗∗
---------------------------------------------
https://www.cisa.gov/news-events/ics-advisories/icsa-24-072-01
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list