Tageszusammenfassung - 02.05.2022
End-of-Day report
Timeframe: Freitag 29-04-2022 18:00 - Montag 02-05-2022 18:00 Handler: Michael Schlagenhaufer Co-Handler: Thomas PribitzerNews
Fake Windows 10 updates infect you with Magniber ransomware
Fake Windows 10 updates on crack sites are being used to distribute the Magniber ransomware in a massive campaign that started earlier this month.REvil ransomware returns: New malware sample confirms gang is back
The notorious REvil ransomware operation has returned amidst rising tensions between Russia and the USA, with new infrastructure and a modified encryptor allowing for more targeted attacks.Fake-YouTube-Videos mit Elon Musk führen zu Betrug mit Kryptowährung
Kriminelle fälschen Videos mit Elon Musk. In diesen Videos erhalten Zuseher:innen angeblich ein Geschenk von Musk. Er bietet die Möglichkeit, Bitcoins oder Ethereum zu verdoppeln. Und das ganz einfach: Sie überweisen Kryptowährung an ein bestimmtes Wallet und erhalten das Doppelte zurück. Achtung: Sie überweisen an Kriminelle und verlieren Geld!Analysis on recent wiper attacks: examples and how wiper malware works
This blog post looks to explain how wipers work, what makes them so effective and provides a short overview of the most recent samples that appeared in the eastern Europe geopolitical conflict.Vulnerabilities
Security updates for Monday
Security updates have been issued by Debian (ffmpeg, ghostscript, libarchive, and tinyxml), Fedora (CuraEngine, epiphany, gzip, usd, vim, xen, and xz), Oracle (maven-shared-utils and qemu), Red Hat (gzip, python27-python and python27-python-pip, rh-maven36-maven-shared-utils, rh-python38-python, rh-python38-python-lxml, and rh-python38-python-pip, and zlib), Slackware (pidgin), SUSE (jasper, java-11-openjdk, libcaca, libslirp, mariadb, mutt, nodejs12, opera, and python-Twisted), [...]https://lwn.net/Articles/893440/
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to stack-based buffer overflow in GNU C Library (CVE-2022-23219)
Security Bulletin: IBM Integration Designer is vulnerable to arbitrary code execution because of Apache Log4j (CVE-2021-4104)
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a stack-based buffer overflow in GNU C Library (CVE-2022-23218)
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow and underflow in GNU C Library (CVE-2021-3999)
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for April 2022
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 91.8.0ESR) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF16 - 2022.4.0
K24207649: GNU C Library (glibc) vulnerability CVE-2021-3999
https://support.f5.com/csp/article/K24207649
K52308021: GNU C Library (glibc) vulnerabilities CVE-2022-23218 and CVE-2022-23219
https://support.f5.com/csp/article/K52308021
K19473898: Multiple Expat vulnerabilities CVE-2022-23852, CVE-2022-25235, CVE-2022-25236, and CVE-2022-23515
https://support.f5.com/csp/article/K19473898
K91589041: Expat vulnerabilities CVE-2021-45960, CVE-2022-22825, CVE-2022-22826, and CVE-2022-22827
https://support.f5.com/csp/article/K91589041
K23421535: Expat vulnerabilities CVE-2022-22822, CVE-2022-22823, and CVE-2022-22824
https://support.f5.com/csp/article/K23421535
K23231802: Expat vulnerability CVE-2021-46143
https://support.f5.com/csp/article/K23231802
TRUMPF: TruTops Fab, TruTops Boost prone to vulnerability
https://cert.vde.com/de/advisories/VDE-2022-016/
Vulnerabilities in the communication protocol of the PLC runtime
https://psirt.bosch.com/security-advisories/bosch-sa-577411.html