End-of-Day report
Timeframe: Montag 27-01-2020 18:00 - Dienstag 28-01-2020 18:00
Handler: Thomas Pribitzer
Co-Handler: Stephan Richter
News
Sicherheitslücken: L1DES und VRS machen Intel-Chips angreifbar
Neue Attacken per Microarchitectural Data Sampling (MDS) treffen Intel-Prozessoren: Bei L1DES alias Cache Out ist der L1-Puffer das Ziel, bei VRS werden Vector-Register ausgenutzt. Intel arbeitet an Microcode-Updates.
https://www.golem.de/news/sicherheitsluecken-l1des-und-vrs-machen-intel-chips-angreifbar-2001-146308-rss.html
Millions of Devices Using LoRaWAN Exposed to Hacker Attacks
Millions of devices deployed across a wide range of sectors could be exposed to hacker attacks due to security issues associated with the use of LoRaWAN, cybersecurity firm IOActive warned on Tuesday.
https://www.securityweek.com/millions-devices-using-lorawan-exposed-hacker-attacks
Umfrage führt zu Geldwäsche in Ihrem Namen!
Auf diversen Job-Portalen stoßen Sie momentan auf Ausschreibungen betrügerischer Umfrageportale wie die HENRIKSON Research GmbH. Schon bei der Registrierung verlangt man Ihre Ausweiskopie sowie Selfies mit Pass oder Personalausweis. Melden Sie sich hier nicht an! Kriminelle stehlen Ihre Daten und tarnen die Eröffnung eines Bankkontos in Ihrem Namen als bezahlte Umfrage. Achtung: Auch diverse andere Websites locken in diese Falle.
https://www.watchlist-internet.at/news/umfrage-fuehrt-zu-geldwaesche-in-ihrem-namen/
E-Mail: Doppelte Abbuchung Ihrer Magenta-Rechnung ist Fake
-Aufgrund eines Fehlers unserer Rechnungsabteilung wurde Ihnen das Doppelte Ihrer letzten Rechnung in Rechnung gestellt- heißt es in der betrügerischen E-Mail, die angeblich von Magenta versendet wurde. Sie werden weiters aufgefordert, eine Rückerstattung zu beantragen. Klicken Sie keinesfalls auf den Link, Sie gelangen auf eine gefälschte Magenta-Seite. Kriminelle stehlen Ihre Zugangs- und Kreditkartendaten.
https://www.watchlist-internet.at/news/e-mail-doppelte-abbuchung-ihrer-magenta-rechnung-ist-fake/
Attacking Azure, Azure AD, and Introducing PowerZure
Over the past decade, Azure-s presence in businesses has grown significantly as new features and support were added to Azure. The purpose of this article is to cover three main points:
1. Explain the components of Azure and how they fit into a modern IT environment.
2. Explain how certain things within Azure can be leveraged from an offensive perspective.
3. Introduce the PowerZure project and explain how it helps offensive operations against Azure.
https://posts.specterops.io/attacking-azure-azure-ad-and-introducing-powerzure-ca70b330511a
Vulnerabilities
[20200103] - Core - XSS in com_actionlogs
Project: Joomla! SubProject: CMS Impact: High Severity: Low Versions: 3.9.0-3.9.14 Exploit type: XSS Reported Date: 2019-December-25 Fixed Date: 2020-January-28 CVE Number: CVE-2020-xxxxx Description Inadequate escaping of usernames allow XSS attacks in com_actionlogs. Affected Installs Joomla! CMS versions 3.9.0 - 3.9.14 Solution Upgrade to version 3.9.15 Contact The JSST at the Joomla! Security Centre. Reported By: Mayank Kumbhar from Techjoomla
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/12kRPDhkkFM/800-20200103-core-xss-in-com-actionlogs.html
[20200102] - Core - CSRF com_templates LESS compiler
Project: Joomla! SubProject: CMS Impact: High Severity: Low Versions: 3.0.0-3.9.14 Exploit type: CSRF Reported Date: 2019-December-18 Fixed Date: 2020-January-28 CVE Number: CVE-2020-xxxxx Description A missing CSRF token check in the LESS compiler of com_templates causes a CSRF vulnerability. Affected Installs Joomla! CMS versions 3.0.0 - 3.9.14 Solution Upgrade to version 3.9.15 Contact The JSST at the Joomla! Security Centre. Reported By: Lee Thao from Viettel Cyber Security
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/gs3oN6Illx8/799-20200102-core-csrf-com-templates-less-compiler.html
[20200101] - Core - CSRF in batch actions
Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 3.0.0-3.9.14 Exploit type: CSRF Reported Date: 2019-December-23 Fixed Date: 2020-January-28 CVE Number: CVE-2020-xxxxx Description Missing token checks in the batch actions of various components causes CSRF vulnerabilities. Affected Installs Joomla! CMS versions 3.0.0 - 3.9.14 Solution Upgrade to version 3.9.15 Contact The JSST at the Joomla! Security Centre. Reported By: Lee Thao from Viettel Cyber Security
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/9zV9kdB-WAw/798-20200101-core-csrf-in-batch-actions.html
Security updates for Tuesday
Security updates have been issued by Debian (iperf3, openjpeg2, and tomcat7), Mageia (ansible, c3p0, fontforge, glpi, gthumb, libbsd, libmediainfo, libmp4v2, libqb, libsass, mbedtls, opencontainers-runc, php, python-pip, python-reportlab, python3, samba, sysstat, tomcat, virtualbox, and webkit2), openSUSE (java-11-openjdk, libredwg, and sarg), Oracle (sqlite), Red Hat (libarchive, nss, and openjpeg2), Scientific Linux (sqlite), SUSE (nodejs6), and Ubuntu (cyrus-sasl2, linux, linux-aws, linux, [...]
https://lwn.net/Articles/810771/
Security Bulletin: IBM MQ Appliance is affected by OpenSSL vulnerabilities (CVE-2018-0734 and CVE-2019-1559)
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-openssl-vulnerabilities-cve-2018-0734-and-cve-2019-1559/
Security Bulletin: An Apache Commons Compress vulnerability has been identified with the embedded IBM FileNet P8 Content Platform Engine component in IBM Business Process Manager and IBM Business Automation Workflow
https://www.ibm.com/blogs/psirt/security-bulletin-an-apache-commons-compress-vulnerability-has-been-identified-with-the-embedded-ibm-filenet-p8-content-platform-engine-component-in-ibm-business-process-manager-and-ibm-business-auto/
Security Bulletin: IBM MQ Appliance is affected by an OpenSSH vulnerability (CVE-2018-15473)
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-an-openssh-vulnerability-cve-2018-15473/
Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-ze
https://www.ibm.com/blogs/psirt/security-bulletin-vyatta-5600-vrouter-software-patches-release-1801-ze/
Security Bulletin: IBM MQ Appliance affected by HTTP/2 vulnerabilities (CVE-2019-9511 and CVE-2019-9513)
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-affected-by-http-2-vulnerabilities-cve-2019-9511-and-cve-2019-9513/
Security Bulletin: A security vulnerability was fixed in IBM Security Access Manager
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-was-fixed-in-ibm-security-access-manager/
Security Bulletin: A Security Vulnerability Has Been Identified In WebSphere Application Server ND shipped with IBM Security Identity Manager (CVE-2019-4505)
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-identified-in-websphere-application-server-nd-shipped-with-ibm-security-identity-manager-cve-2019-4505/