Tageszusammenfassung - 24.05.2022

End-of-Day report

Timeframe: Montag 23-05-2022 18:00 - Dienstag 24-05-2022 18:00 Handler: Michael Schlagenhaufer Co-Handler: Robert Waldner

News

Researchers to release exploit for new VMware auth bypass, patch now

Proof-of-concept exploit code is about to be published for a vulnerability that allows administrative access without authentication in several VMware products.

https://www.bleepingcomputer.com/news/security/researchers-to-release-exploit-for-new-vmware-auth-bypass-patch-now/


Beneath the surface: Uncovering the shift in web skimming

Web skimming campaigns now employ various obfuscation techniques to deliver and hide the skimming scripts. It-s a shift from earlier tactics where attackers conspicuously injected the malicious scripts into e-commerce platforms and content management systems (CMSs) via vulnerability exploitation, making this threat highly evasive to traditional security solutions.

https://www.microsoft.com/security/blog/2022/05/23/beneath-the-surface-uncovering-the-shift-in-web-skimming/


Anatomy of a DDoS amplification attack

Amplification attacks are one of the most common distributed denial of service (DDoS) attack vectors. These attacks are typically categorized as flooding or volumetric attacks, where the attacker succeeds in generating more traffic than the target can process, resulting in exhausting its resources due to the amount of traffic it receives.

https://www.microsoft.com/security/blog/2022/05/23/anatomy-of-ddos-amplification-attacks/


New Research Paper: Pre-hijacking Attacks on Web User Accounts

In 2020, MSRC awarded two Identity Project Research Grants to support external researchers working to further strengthen the security of identity protocols and systems. Today we are pleased to release the results of the first of these projects.

https://msrc-blog.microsoft.com/2022/05/23/pre-hijacking-attacks/


Cybersecurity Community Warned of Fake PoC Exploits Delivering Malware

Researchers have spotted fake proof-of-concept (PoC) exploits that appear to have been created by threat actors in an effort to deliver malware to members of the cybersecurity community.

https://www.securityweek.com/cybersecurity-community-warned-fake-poc-exploits-delivering-malware


Die wichtigsten Einstellungen für ein sicheres Smartphone

Das Smartphone ist mittlerweile ein treuer Begleiter. Kontaktinformationen, Termine, Fotos, Bankdaten und Nachrichten befinden sich auf unseren Geräten. Kein Wunder, dass uns ein ungutes Gefühl überkommt, wenn das Smartphone nicht auffindbar und möglicherweise verloren gegangen ist. Am Smartphone sind viele persönliche Daten gespeichert und diese gilt es zu schützen.

https://www.watchlist-internet.at/news/die-wichtigsten-einstellungen-fuer-ein-sicheres-smartphone/


Breaking out of Windows Kiosks using only Microsoft Edge

I will take you through the steps that I performed to get code execution on a Windows kiosk host using ONLY Microsoft Edge.

https://blog.nviso.eu/2022/05/24/breaking-out-of-windows-kiosks-using-only-microsoft-edge/

Vulnerabilities

Zyxel: Lücken in Access-Points, Access-Point-Controllern und Firewalls

Der Netzwerkausrüster Zyxel warnt vor mehreren Sicherheitslücken in den Access-Points, Access-Point-Controllern sowie Firewalls. Updates sind verfügbar.

https://heise.de/-7108626


Security updates for Tuesday

Security updates have been issued by Debian (firefox-esr and openldap), Fedora (curl), Oracle (kernel and kernel-container), Red Hat (maven:3.5), SUSE (cacti, cacti-spine, firefox, go1.18, openldap2, python-requests, rsyslog, and slurm_20_11), and Ubuntu (firefox, htmldoc, libpng, libxfixes, libxrender, thunderbird, and vim).

https://lwn.net/Articles/896114/


CVE-2022-25237: Bonitasoft Authorization Bypass and RCE

https://rhinosecuritylabs.com/application-security/cve-2022-25237-bonitasoft-authorization-bypass/


Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale which is packaged in IBM ESS (CVE-2022-22368)

https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-has-been-identified-in-ibm-spectrum-scale-which-is-packaged-in-ibm-ess-cve-2022-22368/


Security Bulletin: IBM DataPower Gateway Operand affected by vulnerabilities in Go (CVE-2021-44716, CVE-2021-44717)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-datapower-gateway-operand-affected-by-vulnerabilities-in-go-cve-2021-44716-cve-2021-44717/


Security Bulletin: IBM DataPower Gateway potentially vulnerable to DNS spoofing

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-datapower-gateway-potentially-vulnerable-to-dns-spoofing/


Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale where an unauthorized user can send arbitrary data to the CLI commands and daemon (CVE-2020-4926)

https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-has-been-identified-in-ibm-spectrum-scale-where-an-unauthorized-user-can-send-arbitrary-data-to-the-cli-commands-and-daemon-cve-2020-4926/


Security Bulletin: This Power System update is being released to address CVE 2022-22309

https://www.ibm.com/blogs/psirt/security-bulletin-this-power-system-update-is-being-released-to-address-cve-2022-22309/


Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty affects IBM Spectrum Scale packaged in IBM ESS ( CVE-2021-39031)

https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-websphere-application-server-liberty-affects-ibm-spectrum-scale-packaged-in-ibm-ess-cve-2021-39031/


Security Bulletin: Linux Kernel vulnerability may affect IBM Elastic Storage System (CVE-2021-4083)

https://www.ibm.com/blogs/psirt/security-bulletin-linux-kernel-vulnerability-may-affect-ibm-elastic-storage-system-cve-2021-4083/


Security Bulletin: A vulnerability in IBM JAVA JDK affects IBM Spectrum Scale packaged in IBM Elastic Storage System (CVE-2022-21291)

https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-java-jdk-affects-ibm-spectrum-scale-packaged-in-ibm-elastic-storage-system-cve-2022-21291/


Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty affects IBM Spectrum Scale packaged in IBM Elastic Storage System (CVE-2021-39031)

https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-websphere-application-server-liberty-affects-ibm-spectrum-scale-packaged-in-ibm-elastic-storage-system-cve-2021-39031/


Security Bulletin: This Power System update is being released to address CVE-2020-1968

https://www.ibm.com/blogs/psirt/security-bulletin-this-power-system-update-is-being-released-to-address-cve-2020-1968/


Security Bulletin: IBM Security Verify Adapters are vulnerable to denial of service and bypass security restrictions due to OpenSSL (CVE-2021-3449, CVE-2021-3450)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-verify-adapters-are-vulnerable-to-denial-of-service-and-bypass-security-restrictions-due-to-openssl-cve-2021-3449-cve-2021-3450/


Security Bulletin: IBM Navigator for i is vulnerable to an SQL injection (CVE-2022-22495)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-navigator-for-i-is-vulnerable-to-an-sql-injection-cve-2022-22495/


Security Bulletin: IBM DataPower Gateway affected by vulnerability in JRE

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-datapower-gateway-affected-by-vulnerability-in-jre/


Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale that could allow an attacker to decrypt highly sensitive information(CVE-2022-22368)

https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-has-been-identified-in-ibm-spectrum-scale-that-could-allow-an-attacker-to-decrypt-highly-sensitive-informationcve-2022-22368-2/


Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale which is packaged in IBM ESS (CVE-2020-4926)

https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-has-been-identified-in-ibm-spectrum-scale-which-is-packaged-in-ibm-ess-cve-2020-4926/


Security Bulletin: IBM App Connect Enterprise Certified Container Operator may be vulnerable to denial of service due to CVE-2021-38561

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-app-connect-enterprise-certified-container-operator-may-be-vulnerable-to-denial-of-service-due-to-cve-2021-38561/


F-Secure Produkte: Schwachstelle ermöglicht Denial of Service

https://www.cert-bund.de/advisoryshort/CB-K22-0646


Matrikon OPC Server

https://us-cert.cisa.gov/ics/advisories/icsa-22-144-02