Tageszusammenfassung - 27.01.2021

End-of-Day report

Timeframe: Dienstag 26-01-2021 18:00 - Mittwoch 27-01-2021 18:00 Handler: Dimitri Robl Co-Handler: Thomas Pribitzer


Emotet Takedown: Wir informieren Betroffene in Österreich

In einer koordinierten Aktion von mehreren Strafverfolgungsbehörden wurde das Netzwerk rund um die Malware Emotet ausgeschaltet und übernommen.


Heres how a researcher broke into Microsoft VS Codes GitHub

This month a researcher was awarded a bug bounty award of an undisclosed amount after he broke into the official GitHub repository of Microsoft Visual Studio Code.


Linux malware uses open-source tool to evade detection

AT&T Alien Labs security researchers have discovered that the TeamTNT cybercrime group upgraded their Linux crypto-mining with open-source detection evasion capabilities.


Phishing & Malspam with Leaf PHPMailer

It-s common knowledge that attackers often use email as a delivery mechanism for their malicious activity - which can range from enticing victims to click a phishing URL or download a malicious attachment.


Phishing Campaign Leverages WOFF Obfuscation and Telegram Channels for Communication

FireEye Email Security recently encountered various phishing campaigns, mostly in the Americas and Europe, using source code obfuscation with compromised or bad domains.


Vorsicht beim Online-Kauf von FFP2-Masken!

Auf den Webseiten givenic.com und quantheco.com werden günstige FFP2-Masken und weitere -COVID-19 Gesundheitstools- angeboten.


LogoKit: Simple, Effective, and Deceptive

As sophisticated attacks dominate the headlines, its important to remember that the vast majority of cybercrime results from simple, effective, and tested tools.



Apple critical patches fix in-the-wild iPhone exploits - update now!

Apple says. "Additional details available soon", which you can translate as "this one took us by surprise". So patch now!


New Attack Could Let Remote Hackers Target Devices On Internal Networks

A newly devised variant of the NAT Slipstreaming attack can be leveraged to compromise and expose any device in an internal network, according to the latest research.


New Docker Container Escape Bug Affects Microsoft Azure Functions

Cybersecurity researchers today disclosed an unpatched vulnerability in Microsoft Azure Functions that could be used by an attacker to escalate privileges and escape the Docker container used for hosting them.


Sicherheitsupdate: Tor Browser vor möglichen Schadcode-Attacken geschützt

Wer weiterhin anonym und sicher mit dem Tor Browser im Internet surfen möchte, sollte die aktuelle Version installieren.


Jetzt updaten: Kritische sudo-Lücke gewährt lokalen Angreifern Root-Rechte

Über die zehn Jahre alte Lücke CVE-2021-3156 können lokale Angreifer Root-Rechte via sudo ohne sudo-Berechtigungen erlangen.


Security updates for Wednesday

Security updates have been issued by Arch Linux (sudo), CentOS (sudo), Debian (sudo), Fedora (kernel, php-pear, and sudo), Gentoo (cacti, mutt, and sudo), Mageia (sudo), openSUSE (sudo), Oracle (sudo), Red Hat (sudo), Scientific Linux (sudo), Slackware (sudo), SUSE (go1.14, go1.15, nodejs8, and sudo), and Ubuntu (libsndfile and sudo).


OS command injection vulnerability in multiple Infoscience Corporation log management tools


Security Advisory - Buffer Overflow Vulnerability in Some Huawei Mobile Phones


Mozilla Firefox und Thunderbird: Mehrere Schwachstellen


MISP: Schwachstelle ermöglicht Cross-Site Scripting


Trend Micro ServerProtect: Mehrere Schwachstellen ermöglichen Denial of Service


Fuji Electric Tellus Lite V-Simulator and V-Server Lite


Eaton EASYsoft (Update A)


Mitsubishi Electric Multiple Products (Update A)


Denial of Service in Rexroth ID 200/C-ETH using EtherNet/IP Protocol