Timeframe: Mittwoch 15-11-2023 18:00 - Donnerstag 16-11-2023 18:00
Handler: Stephan Richter
Co-Handler: Thomas Pribitzer
Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups
A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer email data, user credentials, and authentication tokens.
Deep Dive: Learning from Okta - the hidden risk of HAR files
HAR is short for HTTP Archive, and it-s a way of saving full details of the high-level network traffic in a web browsing session, usually for development, debugging, or testing purposes.
Fake-Shops locken mit Black-Friday-Angeboten
Rund um den Blackfriday lässt sich das ein oder andere Schnäppchen ergattern. Wir raten aber dazu, Online-Shops vor einer Bestellung genau zu prüfen.
Attacker - hidden in plain sight for nearly six months - targeting Python developers
For close to six months, a malicious actor has been stealthily uploading dozens of malicious Python packages, most of them mimicking the names of legitimate ones, to bait unsuspecting developers.
FBI and CISA Release Advisory on Scattered Spider Group
Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Advisory (CSA) on Scattered Spider-a cybercriminal group targeting commercial facilities sectors and subsectors.
New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar
Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory.
Security updates for Thursday
Security updates have been issued by Debian (chromium and openvpn), Oracle (kernel, microcode_ctl, plexus-archiver, and python), Red Hat (.NET 6.0, dotnet6.0, dotnet7.0, dotnet8.0, kernel, linux-firmware, and open-vm-tools), SUSE (apache2, chromium, jhead, postgresql12, postgresql13, and qemu), and Ubuntu (dotnet6, dotnet7, dotnet8, frr, python-pip, quagga, and tidy-html5).
Mollie for Drupal - Moderately critical - Faulty payment confirmation logic - SA-CONTRIB-2023-052
FortiOS & FortiProxy VM - Bypass of root file system integrity checks at boot time on VM
FortiOS & FortiProxy - DOS in headers management
Cisco Secure Client Software Denial of Service Vulnerabilities
Cisco IP Phone Stored Cross-Site Scripting Vulnerability
Cisco Secure Endpoint for Windows Scanning Evasion Vulnerability
Cisco Identity Services Engine Vulnerabilities
Cisco AppDynamics PHP Agent Privilege Escalation Vulnerability
FortiSIEM - OS command injection in Report Server
IBM Security Bulletins
2023-11 Security Bulletin: JSA Series: Multiple vulnerabilities resolved
WebKitGTK and WPE WebKit Security Advisory WSA-2023-0010
Released: November 2023 Exchange Server Security Updates
Citrix Releases Security Updates for Citrix Hypervisor