Tageszusammenfassung - 28.12.2022

End-of-Day report

Timeframe: Dienstag 27-12-2022 18:00 - Mittwoch 28-12-2022 18:00 Handler: Thomas Pribitzer Co-Handler: Stephan Richter


KI-Wunder ChatGPT kann bösartige E-Mails und Code generieren

Check Point Research (CPR) warnt vor Hackern, die ChatGPT und Codex von OpenAI nutzen könnten, um gezielte Cyberangriffe durchzuführen. https://research.checkpoint.com/2022/opwnai-ai-that-can-save-the-day-or-hack-it-away/


Droht eine Exchange ProxyNotShell-Katastrophe zum Jahreswechsel 2022/2023?

Beunruhigende Informationen, die mich gerade erreicht haben. Nicht auf dem aktuellen Patchstand befindliche Microsoft Exchange On-Premises-Server sind anfällig für Angriffe über die ProxyNotShell-Schwachstellen. Vor Weihnachten gab es dann die Information, dass die Hackergruppe FIN7 seit längerem eine automatisierte Angriffsplattform zum [...]


Why Attackers Target GitHub, and How You Can Secure It

The unfettered collaboration of the GitHub model creates a security headache. Follow these seven principles to help relieve the pain.


Playing with Powershell and JSON (and Amazon and Firewalls), (Wed, Dec 28th)

In this post we'll take a look at parsing and manipulating JSON in Powershell.


CVE-2022-27510, CVE-2022-27518 - Measuring Citrix ADC & Gateway version adoption on the Internet

Recently, two critical vulnerabilities were reported in Citrix ADC and Citrix Gateway; where one of them was being exploited in the wild by a threat actor. Due to these vulnerabilities being exploitable remotely and given the situation of past Citrix vulnerabilities, RIFT started to research on how to identify the [...]


EarSpy: Spying on Phone Calls via Ear Speaker Vibrations Captured by Accelerometer

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for eavesdropping on a targeted user-s conversations, according to a team of researchers from several universities in the United States.


Alias and Directive Overloading in GraphQL

Denial of Service (DoS) attacks in GraphQL APIs are nothing new. It turns out that when you let clients control what data they want to receive from the server, malicious users try to abuse this flexibility to exhaust resources.



Security updates for Wednesday

Security updates have been issued by Fedora (curl) and SUSE (curl, freeradius-server, sqlite3, systemd, and vim).


Microsoft Patches Azure Cross-Tenant Data Access Flaw

Microsoft has silently fixed an important-severity security flaw in its Azure Cognitive Search (ACS) after an external researcher warned that a buggy feature allowed cross-tenant network bypass attacks.


ABB Security Advisory: NE843 Pulsar Plus Controller


A security vulnerability has been identified in WebSphere Liberty Profile shipped with IBM License Metric Tool v9 (CVE-2022-34165).