End-of-Day report
Timeframe: Donnerstag 30-11-2023 18:00 - Freitag 01-12-2023 18:00
Handler: Robert Waldner
Co-Handler: Michael Schlagenhaufer
News
IT threat evolution Q3 2023
Non-mobile statistics & Mobile statistics
https://securelist.com/it-threat-evolution-q3-2023/111171/
Skimming Credit Cards with WebSockets
In this post we-ll review what web sockets are, why they are beneficial to attackers to use in skimming attacks, and an analysis of several different web socket credit card skimmers that we-ve identified on compromised ecommerce websites.
https://blog.sucuri.net/2023/11/skimming-credit-cards-with-websockets.html
Cyber Resilience Act: EU einigt sich auf Vorschriften für vernetzte Produkte
Anbieter müssen in der EU zukünftig für längere Zeit Sicherheitsupdates zur Verfügung stellen - in der Regel für fünf Jahre.
https://www.heise.de/-9545873
Opening Critical Infrastructure: The Current State of Open RAN Security
The Open Radio Access Network (ORAN) architecture provides standardized interfaces and protocols to previously closed systems. However, our research on ORAN demonstrates the potential threat posed by malicious xApps that are capable of compromising the entire Ran Intelligent Controller (RIC) subsystem.
https://www.trendmicro.com/en_us/research/23/l/the-current-state-of-open-ran-security.html
Vulnerabilities
Apple security updates and Rapid Security Responses
WebKit: CVE-2023-42916, CVE-2023-42917 * Safari 17.1.2 * iOS 17.1.2 and iPadOS 17.1.2 * macOS Sonoma 14.1.2
https://support.apple.com/en-us/HT201222
Multiple Vulnerabilities in Autodesk Desktop Licensing Service
Autodesk Desktop Licensing Service has been affected by multiple vulnerabilities detailed below. Exploitation of these vulnerabilities could lead to code execution due to weak permissions. Autodesk Desktop Licensing Installer, libcurl: CVE-2023-38039, CVE-2023-28321, CVE-2023-38545
https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0023
VMware Cloud Director 10.5 GA Workaround for CVE-2023-34060
VMware released VMware Cloud Director 10.5.1 on November 30th 2023. This version includes a fix for the authentication bypass vulnerability documented in VMSA-2023-0026.
https://kb.vmware.com/s/article/95534
Security updates for Friday
Security updates have been issued by Debian (chromium, gimp-dds, horizon, libde265, thunderbird, vlc, and zbar), Fedora (java-17-openjdk and xen), Mageia (optipng, roundcubemail, and xrdp), Red Hat (postgresql), Slackware (samba), SUSE (chromium, containerd, docker, runc, libqt4, opera, python-django-grappelli, sqlite3, and traceroute), and Ubuntu (linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop, and linux-azure, linux-azure-6.2, linux-azure-fde-6.2, linux-gcp, linux-gcp-6.2).
https://lwn.net/Articles/953512/
Mattermost security updates 9.2.3 / 9.1.4 / 9.0.5 / 8.1.7 (ESR) released
We-re informing you about a Mattermost security update, which addresses low- to medium-level severity vulnerabilities. We highly recommend that you apply the update. The security update is available for Mattermost dot releases 9.2.3, 9.1.4, 9.0.5, and 8.1.7 (Extended Support Release), for both Team Edition and Enterprise Edition.
https://mattermost.com/blog/mattermost-security-updates-9-2-3-9-1-4-9-0-5-8-1-7-esr-released/
IBM Security Bulletins
https://www.ibm.com/support/pages/bulletin/