End-of-Day report
Timeframe: Mittwoch 29-12-2021 18:00 - Donnerstag 30-12-2021 18:00
Handler: Robert Waldner
Co-Handler: Thomas Pribitzer
News
Hiding malware inside the flex capacity space on modern SSDs
Korean researchers have developed a set of attacks against some solid-state drives (SSDs) that could allow planting malware in a location thats beyond the reach of the user and security solutions.
https://www.bleepingcomputer.com/news/security/hiding-malware-inside-the-flex-capacity-space-on-modern-ssds/
Agent Tesla Updates SMTP Data Exfiltration Technique, (Thu, Dec 30th)
Agent Tesla is a Windows-based keylogger and RAT that commonly uses SMTP or FTP to exfiltrate stolen data. This malware has been around since 2014, and SMTP is its most common method for data exfiltration.
https://isc.sans.edu/diary/rss/28190
LastPass Automated Warnings Linked to -Credential Stuffing- Attack
Users of the popular LastPass password manager are being targeted in so-called -credential stuffing- attacks that use email addresses and passwords obtained from third-party breaches.
https://www.securityweek.com/lastpass-automated-warnings-linked-%E2%80%98credential-stuffing%E2%80%99-attack
Android 12: Samsung überrascht zum Jahresende mit regelrechter Update-Flut
Updates für praktisch alle High-End-Smartphones der vergangenen drei Jahre veröffentlicht. Selbst erste Tablets werden schon bedient.
https://www.derstandard.at/story/2000132240383/android-12-samsung-ueberrascht-zum-jahresende-mit-regelrechter-update-flut
Vulnerabilities
Security updates for Thursday
Security updates have been issued by Debian (advancecomp, apache-log4j2, postgis, spip, uw-imap, and xorg-server), Mageia (kernel and kernel-linus), Scientific Linux (log4j), and SUSE (kernel-firmware and mariadb).
https://lwn.net/Articles/880039/
Security Bulletin: A vulnerability in Apache Log4j affects IBM Db2 Web Query for i (CVE-2021-45105)
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-apache-log4j-affects-ibm-db2-web-query-for-i-cve-2021-45105/
Security Bulletin: Vulnerability in Apache Log4j affects some features of IBM® Db2® (CVE-2021-4104)
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-some-features-of-ibm-db2-cve-2021-4104-6/
Security Bulletin: Vulnerability in Apache Log4j affects IBM Guardium Data Encryption (GDE) (CVE-2021-45105 and CVE-2021-45046)
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-ibm-guardium-data-encryption-gde-cve-2021-45105-and-cve-2021-45046/
Trend Micro Apex One und Trend Micro Worry-Free Business Security: Mehrere Schwachstellen
http://www.cert-bund.de/advisoryshort/CB-K21-1320