End-of-Day report
Timeframe: Mittwoch 13-10-2021 18:00 - Donnerstag 14-10-2021 18:00
Handler: Dimitri Robl
Co-Handler: Wolfgang Menezes
News
Nach Datenleck: Hausdurchsuchung statt Dankeschön
Rund 700.000 Personen sind von einem Datenleck betroffen. Ein Programmierer hatte die Lücke entdeckt und gemeldet - und erhielt eine Anzeige. Von Moritz Tremmel (Datenleck, Server)
https://www.golem.de/news/nach-datenleck-hausdurchsuchung-statt-dankeschoen-2110-160269-rss.html
Romance scams with a cryptocurrency twist - new research from SophosLabs
Romance scams and dating site treachery with a new twist - "theres an app for that!"
https://nakedsecurity.sophos.com/2021/10/13/romance-scams-with-a-cryptocurrency-twist-new-research-from-sophoslabs/
A Handshake with MySQL Bots
It-s well known that we just don-t put services or devices on the edge of the Internet without strong purpose justification. Services, whether maintained by end-users or administrators, have a ton of security challenges. Databases belong to a group that often needs direct access to the Internet - no doubt that security requirements are a priority here.
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/handshake-with-mysql-bots/
We analyzed 80 million ransomware samples - here-s what we learned
[...] VirusTotal-s first Ransomware Activity Report provides a holistic view of ransomware attacks by combining more than 80 million potential ransomware-related samples submitted over the last year and a half.
https://blog.google/technology/safety-security/we-analyzed-80-million-ransomware-samples-heres-what-we-learned/
-Free Steam game- scams on TikTok are Among Us
We look at a dubious free game offer via TikTok, and explore what the site owners expect you to do in order to snag a supposed freebie.
https://blog.malwarebytes.com/scams/2021/10/free-steam-game-scams-on-tiktok-are-among-us/
Wege in Fake-Shops
Betrügerische und unseriöse Shops sind ein großes Problem im Online-Handel. Doch wie kommen Konsumentinnen und Konsumenten eigentlich zu Fake-Shops? Mit dieser Frage hat sich die Watchlist Internet in den Sommermonaten beschäftigt. Klar wurde: Google- und Facebook-Werbung sind die größten Zubringer zu Fake-Shops. Über diese Wege kommt der Großteil der Opfer auf betrügerische Online-Shops.
https://www.watchlist-internet.at/news/wege-in-fake-shops/
Don-t get phished! How to be the one that got away
If it looks like a duck, swims like a duck, and quacks like a duck, then its probably a duck. Now, how do you apply the duck test to defense against phishing?
https://www.welivesecurity.com/2021/10/13/phishing-how-be-one-got-away/
New Yanluowang ransomware used in targeted attacks
New arrival to the targeted ransomware scene appears to be still in development.
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/yanluowang-targeted-ransomware
Acer confirms second security breach this year
A spokesperson for Taiwanese computer maker Acer has confirmed today that the company suffered a second security breach this year after hackers advertised the sale of more than 60 GB of data on an underground cybercrime forum.The post Acer confirms second security breach this year appeared first on The Record by Recorded Future.
https://therecord.media/acer-confirms-second-security-breach-this-year/
Q&A: Secure PLC Programming Insights
Members of the Top 20 Secure PLC Coding Practices project recently joined Claroty-s Aperture podcast to discuss the group-s list of top 20 secure coding practices for programmable logic controllers (PLCs). What follows is an edited transcript of our discussion with Martin Scheu of SWITCH-CERT and Dirk Rotermund of gefeba Engineering GmbH.
https://claroty.com/2021/10/13/blog-qa-secure-plc-programming-insights/
Windows Oktober 2021-Updates: PrintNightmare-Stand und Netzwerk-Druckprobleme
Zum 12. Oktober 2021 hat Microsoft neue Schwachstellen im Umfeld der als PrintNightmare bekannten Sicherheitslücken per Update adressiert. Daher ein kurzer Blick auf das betreffende Thema, welches auch weiterhin nicht vom Tisch ist.
https://www.borncity.com/blog/2021/10/14/windows-oktober-2021-updates-printnightmare-stand-und-netzwerk-druckprobleme/
Vulnerabilities
IBM Security Bulletins
IBM hat 16 Security Bulletins veröffentlicht.
https://www.ibm.com/blogs/psirt/
Security updates for Thursday
Security updates have been issued by Mageia (golang, grilo, mediawiki, plib, python-flask-restx, python-mpmath, thunderbird, and xstream/xmlpull/mxparser), Oracle (389-ds-base, grafana, httpd:2.4, kernel, libxml2, and openssl), Red Hat (httpd), and SUSE (kernel).
https://lwn.net/Articles/872945/
Loft Data Grids - Moderately critical - XML External Entity (XXE) Processing - SA-CONTRIB-2021-043
https://www.drupal.org/sa-contrib-2021-043
Juniper JUNOS und Juniper JUNOS Evolved: Mehrere Schwachstellen
http://www.cert-bund.de/advisoryshort/CB-K21-1070
Microsoft Exchange Server: Mehrere Schwachstellen
http://www.cert-bund.de/advisoryshort/CB-K21-1069