Tageszusammenfassung - 02.08.2022

End-of-Day report

Timeframe: Montag 01-08-2022 18:00 - Dienstag 02-08-2022 18:00 Handler: Thomas Pribitzer Co-Handler: Michael Schlagenhaufer


Microsoft announces new solutions for threat intelligence and attack surface management

Defenders are up against the most sophisticated threat landscape we-ve ever seen. Today, we-re proud to execute our threat intelligence vision behind that acquisition and announce several new solutions to help security teams get ahead of adversaries and catch what others miss.


Raccoon Stealer v2: The Latest Generation of the Raccoon Family

In this blog, ThreatLabz will analyze Raccoon Stealer v2 in the exe format, and highlight key differences from its predecessors.


Analyzing Attack Data and Trends Targeting Log4J

The Log4j vulnerability, initially reported in November 2021, has affected millions of devices and applications around the world.


Die Watchlist Internet ist jetzt auf Instagram

Wir versorgen Sie ab sofort auch auf Instagram mit Warnungen vor Internetbetrug. In den Beiträgen und Storys zeigen wir Ihnen, wie Sie sich vor Internetbetrug schützen, Fallen rasch erkennen und sicher im Internet surfen.


giesler-drogerie.com ist Fake

Bei giesler-drogerie.com finden Sie günstige Parfums, Styling-Produkte und Kosmetikartikel. Das vollständige Impressum sowie die angeführten Kontaktmöglichkeiten vermitteln einen seriösen Eindruck. Die Angaben sind aber gefälscht. Wenn Sie dort einkaufen, verlieren Sie Ihr Geld und erhalten keine Lieferung.


Vulnerability Spotlight: How misusing properly serialized data opened TCL LinkHub Mesh Wi-Fi system to 17 vulnerabilities

The TCL LinkHub Mesh Wi-Fi system is a multi-device Wi-Fi system that allows users to expand access to their network over a large physical area.


Manjusaka: A Chinese sibling of Sliver and Cobalt Strike

Cisco Talos recently discovered a new attack framework called "Manjusaka" being used in the wild that has the potential to become prevalent across the threat landscape. This framework is advertised as an imitation of the Cobalt Strike framework.



VMware urges admins to patch critical auth bypass bug immediately

VMware has warned admins today to patch a critical authentication bypass security flaw affecting local domain users in multiple products and enabling unauthenticated attackers to gain admin privileges.


Security updates for Tuesday

Security updates have been issued by Debian (curl and jetty9), Fedora (dovecot), Gentoo (vault), Scientific Linux (java-1.8.0-openjdk, java-11-openjdk, and squid), SUSE (booth, dovecot22, dwarves and elfutils, firefox, gimp, java-11-openjdk, kernel, and oracleasm), and Ubuntu (linux, linux-hwe-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, net-snmp, and samba).


Go-Based Apps Vulnerable to Attacks Due to URL Parsing Issue

Israeli cloud-native application security testing firm Oxeye discovered that the way URL parsing is implemented in some Go-based applications creates vulnerabilities that could allow threat actors to conduct unauthorized actions.


GnuTLS patches memory mismanagement bug - update now!


Security Bulletin: IBM Sterling Connect:Direct for UNIX Certified Container is affected by arbitrary code executiondue to GNU cpio (CVE-2021-38185)




vim: Mehrere Schwachstellen


FastStone ImageViewer: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Benutzerrechten