End-of-Day report
Timeframe: Donnerstag 24-11-2022 18:00 - Freitag 25-11-2022 18:00
Handler: Michael Schlagenhaufer
Co-Handler: n/a
News
Docker Hub repositories hide over 1,650 malicious containers
Over 1,600 publicly available Docker Hub images hide malicious behavior, including cryptocurrency miners, embedded secrets that can be used as backdoors, DNS hijackers, and website redirectors.
https://www.bleepingcomputer.com/news/security/docker-hub-repositories-hide-over-1-650-malicious-containers/
Redacted Documents Are Not as Secure as You Think
Popular redaction tools don-t always work as promised, and new attacks can reveal hidden information, researchers say.
https://www.wired.com/story/redact-pdf-online-privacy/
Alte Social-Media-Konten löschen: Sicherheit durch weniger eigener Daten im Netz
Ungenutzte Social-Media-Accounts beinhalten persönliche Daten und bergen Sicherheitsrisiken. Unser Ratgeber zeigt, wie Sie veraltete Konten finden und löschen.
https://heise.de/-7321954
UEFI-BIOS mit bekannt unsicherem Code gespickt
In einem BIOS-Update fanden Experten mehrere OpenSSL-Versionen, teils mit uralten Sicherheitslücken. Das wirft ein Schlaglicht auf Risiken von PC-Firmware.
https://heise.de/-7351884
Word Documents Disguised as Normal MS Office URLs Being Distributed
Recently, there has been a case of malware disguised as a Word document being distributed through certain paths (e.g. KakaoTalk group chats). The ASEC analysis team has discovered during our additional monitoring process that the URL used in the fake Word document is becoming very cleverly disguised to closely resemble the normal URL, and we wish to advise caution on the part of users.
https://asec.ahnlab.com/en/42554/
Vulnerabilities
Security updates for Friday
Security updates have been issued by Fedora (firefox), Mageia (dropbear, freerdp, java, libx11, and tumbler), Slackware (ruby), SUSE (erlang, grub2, libdb-4_8, and tomcat), and Ubuntu (exim4, jbigkit, and tiff).
https://lwn.net/Articles/915984/
Chrome 107.0.5304.121/122 Sicherheitsupdates
Google hat zum 24. November 2022 einen Schwung an Sicherheitsupdates des Google Chrome im 107er Zweig im Stable Channel für Mac, Linux und Windows sowie für Android freigegeben. Es werden dabei bereits ausgenutzte Schwachstellen geschlossen.
https://www.borncity.com/blog/2022/11/25/chrome-107-0-5304-121-122-sicherheitsupdates/
Canon: Regarding vulnerability measure against buffer overflow for Laser Printers and Small Office Multifunction Printers (CVE-2022-43608) - 25 November 2022
Multiple cases of buffer overflow vulnerabilities have been identified with Canon Laser Printers and Small Office Multifunctional Printers. A list of affected models is given below.
https://www.canon-europe.com/support/product-security-latest-news/
Security Bulletin: A vulnerability in IBM Java Runtime affects IBM ILOG CPLEX Optimization Studio (CVE-2022-3676)
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-java-runtime-affects-ibm-ilog-cplex-optimization-studio-cve-2022-3676/
Security Bulletin: IBM® Db2® is vulnerable to a denial of service after entering a specially crafted malformed SQL statement into the db2expln tool. (CVE-2022-35637)
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-is-vulnerable-to-a-denial-of-service-after-entering-a-specially-crafted-malformed-sql-statement-into-the-db2expln-tool-cve-2022-35637-3/
Security Bulletin: A vulnerability in IBM Java Runtime affects IBM ILOG CPLEX Optimization Studio (CVE-2021-28167)
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-java-runtime-affects-ibm-ilog-cplex-optimization-studio-cve-2021-28167/
Security Bulletin: A vulnerability in IBM Java Runtime affects IBM ILOG CPLEX Optimization Studio (CVE-2021-41041)
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-java-runtime-affects-ibm-ilog-cplex-optimization-studio-cve-2021-41041/