Tageszusammenfassung - 10.06.2021

End-of-Day report

Timeframe: Mittwoch 09-06-2021 18:00 - Donnerstag 10-06-2021 18:00 Handler: Robert Waldner Co-Handler: Dimitri Robl


Cloud Atlas Navigates Us Into New Waters

Learn how to interpret nameserver activity to enumerate infrastructure in the context of a recent Cloud Atlas example investigated by Senior Security Researcher, Chad Anderson.


BloodHound - Sniffing Out the Path Through Windows Domains

BloodHound is as a tool allowing for the analysis of AD rights and relations, focusing on the ones that an attacker may abuse.


Quarterly Report: Incident Response trends from Spring 2021

While the security community made a great effort to warn users of the exploitation of several Microsoft Exchange Server zero-day vulnerabilities, it was still the biggest threat Cisco Talos Incident Response (CTIR) saw this past quarter.


CISA Addresses the Rise in Ransomware Targeting Operational Technology Assets

CISA has published the Rising Ransomware Threat to OT Assets fact sheet in response to the recent increase in ransomware attacks targeting operational technology (OT) assets and control systems.



Jetzt patchen! Attacken auf Googles Webbrowser Chrome könnten bevorstehen

Es ist eine gegen verschiedene Attacken abgesicherte Version des Webbrowsers Chrome erschienen.


Security updates for Thursday

Security updates have been issued by Debian (htmldoc, lasso, and rails), Fedora (exiv2, firefox, and microcode_ctl), openSUSE (python-HyperKitty), Oracle (389-ds-base, qemu-kvm, qt5-qtimageformats, and samba), Red Hat (container-tools:3.0, container-tools:rhel8, postgresql:12, and postgresql:13), Scientific Linux (389-ds-base, hivex, libwebp, qemu-kvm, qt5-qtimageformats, samba, and thunderbird), SUSE (caribou, djvulibre, firefox, gstreamer-plugins-bad, kernel, libopenmpt, libxml2,


ZOLL Defibrillator Dashboard

This advisory contains mitigations for Unrestricted Upload of File with Dangerous Type, Use of Hard-coded Cryptographic Key, Cleartext Storage of Sensitive Information, Cross-site Scripting, Storing Passwords in a Recoverable Format, and Improper Privilege Management vulnerabilities in the ZOLL Defibrillator Dashboard software.


Rockwell Automation FactoryTalk Services Platform

This advisory contains mitigations for a Protection Mechanism Failure vulnerability in Rockwell Automations Factory Talk Services Platform software.


AGG Software Web Server Plugin

This advisory contains mitigations for Path Traversal, and Cross-site Scripting vulnerabilities in AGG Softwares Server Plugin.


Security Advisory - Resource Management Error Vulnerability in Some Huawei Products


Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - Java SE (CVE-2020-2773)


Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - Eclipse Jetty (CVE-2021-28163, CVE-2021-28164, CVE-2021-28165)


Security Bulletin: Vulnerabilities in IBM Db2 affect IBM Spectrum Protect Server (CVE-2020-5024, CVE-2020-5025, CVE-2020-4976)


Citrix Hypervisor Security Update