End-of-Day report
Timeframe: Montag 06-09-2021 18:00 - Dienstag 07-09-2021 18:00
Handler: Dimitri Robl
Co-Handler: Robert Waldner
News
Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server
The maintainers of Jenkins-a popular open-source automation server software-have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a recently disclosed vulnerability in Atlassian Confluence service to install a cryptocurrency miner. [...]
"At this time we have no reason to believe that any Jenkins releases, plugins, or source code have been affected," the company said in a statement published over the weekend.
https://thehackernews.com/2021/09/latest-atlassian-confluence-flaw.html
Firefox 92 und ESR-Versionen bringen wichtige Sicherheitsupdates mit
Die neuen Versionen des Browsers nebst Extended Support Releases umfassen nicht nur funktionale Neuerungen, sondern auch Sicherheitslücken-Fixes.
https://heise.de/-6185311
online-handelsregister.eu bucht für einen Handelsregisterauszug über 750 Euro ab
Für einen Handelsregisterauszug verrechnet das Unternehmen hinter online-handelsregister.eu zusätzlich 749,00 Euro - angeblich für die Freischaltung des Portals. Opfern ist meist nicht bewusst, wie dieser Betrag zu Stande kam. Eines ist klar: online-handelsregister.eu geht nicht seriös vor und hat diesen Betrag ohne Berechtigung abgezogen, denn beim Kaufabschluss wurde die sogenannte Button-Lösung nicht eingehalten.
https://www.watchlist-internet.at/news/online-handelsregistereu-bucht-fuer-einen-handelsregisterauszug-ueber-750-euro-ab/
Vulnerabilities
Ghostscript Zero-Day Allows Full Server Compromises
Proof-of-concept exploit code was published online over the weekend for an unpatched Ghostscript vulnerability that puts all servers that rely on the component at risk of attacks. From a report: Published by Vietnamese security researcher Nguyen The Duc, the proof-of-concept code is available on GitHub and was confirmed to work by several of todays leading security researchers.
https://it.slashdot.org/story/21/09/07/1532205/ghostscript-zero-day-allows-full-server-compromises
Netgear schließt Sicherheitslücken in 20 Switches
Wenn die Voraussetzungen stimmen, könnten Angreifer die Kontrolle über Netgear-Switches erlangen. Sicherheitsupdates sind verfügbar.
https://heise.de/-6184272
Lücken in Gutenberg-Template-Plug-in gefährden eine Million WordPress-Websites
Angreifer könnten WordPress-Websites mit dem Plug-in Gutenberg Template Library & Redux Framework attackieren. Ein Sicherheitspatch steht zum Download.
https://heise.de/-6184875
Security updates for Tuesday
Security updates have been issued by openSUSE (apache2, java-11-openjdk, libesmtp, nodejs10, ntfs-3g_ntfsprogs, openssl-1_1, xen, and xerces-c), Red Hat (kernel-rt and kpatch-patch), and SUSE (ntfs-3g_ntfsprogs and openssl-1_1).
https://lwn.net/Articles/868569/
Synology-SA-21:26 Photo Station
A vulnerability allows remote attackers to bypass security constraints via a susceptible version of Photo Station.
https://www.synology.com/en-global/support/security/Synology_SA_21_26
Security Bulletin: A security vulnerability has been identified in Oracle Oct 2020 CPU for Java 8 shipped with IBM® Intelligent Operations Center (CVE-2020-14782)
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-identified-in-oracle-oct-2020-cpu-for-java-8-shipped-with-ibm-intelligent-operations-center-cve-2020-14782/
Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-and-ibm-java-runtime-affect-rational-functional-tester-4/
Security Bulletin: Vulnerability in Dojo affects WebSphere Application Server (CVE-2020-5258)
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-dojo-affects-websphere-application-server-cve-2020-5258-4/
Security Bulletin: Multiple vulnerabilities have been identified in Oracle Jan 2021 CPU for Java 8 shipped with IBM® Intelligent Operations Center (CVE-2020-14803) (CVE-2020-27221)
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-have-been-identified-in-oracle-jan-2021-cpu-for-java-8-shipped-with-ibm-intelligent-operations-center-cve-2020-14803-cve-2020-27221/
Security Bulletin: A security vulnerability has been identified in Oracle Oct 2020 CPU for Java 8 shipped with IBM® Intelligent Operations Center (CVE-2020-2773)
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-identified-in-oracle-oct-2020-cpu-for-java-8-shipped-with-ibm-intelligent-operations-center-cve-2020-2773/
Security Bulletin: Vulnerability in Bind affects IBM Integrated Analytics System
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-bind-affects-ibm-integrated-analytics-system-6/
Security Bulletin: Multiple vulnerabilities in OpenSSL may affect IBM Workload Scheduler
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-openssl-may-affect-ibm-workload-scheduler-4/
Security Bulletin: CVE-2020-1971 vulnerability in OpenSSL may affect IBM Workload Scheduler
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2020-1971-vulnerability-in-openssl-may-affect-ibm-workload-scheduler/
Security Bulletin: Multiple vulnerabilities have been identified in Oracle Oct 2020 CPU for Java 8 shipped with IBM® Intelligent Operations Center (CVE-2020-14779, CVE-2020-14792,CVE-2020-14796,CVE-2020-14797,CVE-2020-14798)
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-have-been-identified-in-oracle-oct-2020-cpu-for-java-8-shipped-with-ibm-intelligent-operations-center-cve-2020-14779-cve-2020-14792cve-2020-14796/
Security Bulletin: Multiple vulnerabilities in OpenSSL may affect IBM Workload Scheduler
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-openssl-may-affect-ibm-workload-scheduler-3/
Mitsubishi Electric MELSEC iQ-R Series
https://us-cert.cisa.gov/ics/advisories/icsa-21-250-01
Hitachi ABB Power Grids System Data Manager
https://us-cert.cisa.gov/ics/advisories/icsa-21-250-02