Tageszusammenfassung - 08.06.2021
End-of-Day report
Timeframe: Montag 07-06-2021 18:00 - Dienstag 08-06-2021 18:00 Handler: Dimitri Robl Co-Handler: Stephan RichterNews
Microsoft Office MSGraph vulnerability could lead to code execution
Microsoft today will release a patch for a vulnerability affecting the Microsoft Office MSGraph component, responsible for displaying graphics and charts, that could be exploited to execute code on a target machine. https://www.bleepingcomputer.com/news/security/microsoft-office-msgraph-vulnerability-could-lead-to-code-execution/Picture this: Malware Hides in Steam Profile Images
SteamHide abuses the gaming platform Steam to serve payloads for malware downloaders. Malware operators can also update already infected machines by adding new profile images to Steam. The developers seem to have a few more ambitious goals. https://www.gdatasoftware.com/blog/steamhide-malware-in-profile-imagesSicherheitslücke FragAttacks: FritzOS-Updates für alte Fritzboxen
Der Mittelklasse-Router Fritzbox 3490 aus dem Jahr 2014 bekommt das aktuelle FritzOS 7.27 spendiert. Weitere Altmodelle könnten folgen. https://heise.de/-6065367Patchday Android: Kritische System- und Qualcomm-Lücken geschlossen
Angreifer könnten Android-Geräte attackieren und unter anderem Informationen leaken oder sogar Schadcode ausführen. https://heise.de/-6064923Organizations Warned About DoS Flaws in Popular Open Source Message Brokers
Organizations have been warned about denial of service (DoS) vulnerabilities found in RabbitMQ, EMQ X and VerneMQ, three widely used open source message brokers. https://www.securityweek.com/organizations-warned-about-dos-flaws-popular-open-source-message-brokersVorsicht vor Werbung unseriöser Online-Shops!
Egal ob Facebook, Instagram, Tiktok oder Google: All diese Plattformen sind für Unternehmen attraktive Kanäle, um ihre Werbung zu platzieren. Das gilt allerdings nicht nur für seriöse, sondern auch für unseriöse Unternehmen. Immer wieder melden LeserInnen der Watchlist Internet, dass sie durch Werbeeinschaltungen auf einen problematischen Online-Shop gestoßen sind. Eine aktuelle Untersuchung der Arbeiterkammer Wien in Zusammenarbeit mit der Watchlist Internet [...] https://www.watchlist-internet.at/news/vorsicht-vor-werbung-unserioeser-online-shops/TeamTNT Using WatchDog TTPs to Expand Its Cryptojacking Footprint
We have identified indicators traditionally pointing to WatchDog operations being used by the TeamTNT cryptojacking group. https://unit42.paloaltonetworks.com/teamtnt-cryptojacking-watchdog-operations/Vulnerabilities
Wago: Updates fixen gefährliche Lücken in industriellen Steuerungssystemen
Seit Mai veröffentlicht Wago nach und nach wichtige Firmware-Updates gegen kritische Lücken in speicherprogrammierbaren Steuerungen (PLC) der Serie 750. https://heise.de/-6065199Security updates for Tuesday
Security updates have been issued by Debian (nginx), Fedora (musl), Mageia (dnsmasq, firefox, graphviz, libebml, libpano13, librsvg, libxml2, lz4, mpv, tar, and vlc), openSUSE (csync2, python-py, and snakeyaml), Oracle (qemu), Red Hat (container-tools:2.0, kernel, kpatch-patch, nettle, nginx:1.16, and rh-nginx116-nginx), Slackware (httpd and polkit), SUSE (389-ds, gstreamer-plugins-bad, shim, and snakeyaml), and Ubuntu (gnome-autoar and isc-dhcp). https://lwn.net/Articles/858644/SAP Patchday Juni
https://www.cert-bund.de/advisoryshort/CB-K21-0616Citrix Cloud Connector Security Update
https://support.citrix.com/article/CTX316690Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update
https://support.citrix.com/article/CTX297155SSA-133038: Multiple Modfem File Parsing Vulnerabilities in Simcenter Femap
https://cert-portal.siemens.com/productcert/txt/ssa-133038.txtSSA-200951: Multiple Vulnerabilities in Third-Party Component libcurl of TIM Devices
https://cert-portal.siemens.com/productcert/txt/ssa-200951.txtSSA-208356: DFT File Parsing Vulnerabilities in Solid Edge
https://cert-portal.siemens.com/productcert/txt/ssa-208356.txtSSA-211752: Multiple NTP-Client Related Vulnerabilities in SIMATIC NET CP 443-1 OPC
https://cert-portal.siemens.com/productcert/txt/ssa-211752.txtSSA-419820: Denial-of-Service Vulnerability in TIM 1531 IRC
https://cert-portal.siemens.com/productcert/txt/ssa-419820.txtSSA-522654: Privilege Escalation Vulnerability in Mendix SAML Module
https://cert-portal.siemens.com/productcert/txt/ssa-522654.txtSSA-645530: TIFF File Parsing Vulnerability in JT2Go and Teamcenter Visualization
https://cert-portal.siemens.com/productcert/txt/ssa-645530.txthttps://new.siemens.com/global/en/products/services/cert.html