Tageszusammenfassung - 05.05.2023
End-of-Day report
Timeframe: Donnerstag 04-05-2023 18:00 - Freitag 05-05-2023 18:00 Handler: Robert Waldner Co-Handler: Michael SchlagenhauferNews
What is XML-RPC? Security Risks & How to Disable
In this article, we will discuss what xmlrpc.php is, why disabling it can improve your website-s security, and how to determine if it-s currently active on your WordPress site. https://blog.sucuri.net/2023/05/what-is-xml-rpc-security-risks-how-to-disable.htmlFleckpe Android Malware Sneaks onto Google Play Store with Over 620,000 Downloads
The list of the offending apps is as follows: - Beauty Camera Plus - Beauty Photo Camera - Beauty Slimming Photo Editor - Fingertip Graffiti - GIF Camera Editor - HD 4K Wallpaper - Impressionism Pro Camera - Microclip Video Editor - Night Mode Camera Pro - Photo Camera Editor - Photo Effect Editor https://thehackernews.com/2023/05/fleckpe-android-malware-sneaks-onto.htmlPackagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Compromised
PHP software package repository Packagist revealed that an "attacker" gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs to date. "The attacker forked each of the packages and replaced the package description in composer.json with their own message but did not otherwise make any malicious changes," [..] https://thehackernews.com/2023/05/packagist-repository-hacked-over-dozen.htmlAn overview of the OSI model and its security threats
The OSI model is a representation of how communications between devices occur. The conceptual model makes it easier to understand how data is transmitted. In its complex process, threat actors have found ways to exploit and compromise systems. It is very important to identify the kind of attacks and vulnerabilities available on each layer and implement proper defense strategies to protect a network. https://www.tripwire.com/state-of-security/overview-osi-model-and-its-security-threats-Login mit neuem Gerät-: Kriminelle versenden personalisierte E-Mail im Namen der BAWAG
Kriminelle versenden derzeit betrügerische Nachrichten im Namen der BAWAG. Die E-Mails sind personalisiert und daher besonders glaubwürdig. Sie werden zwar nicht mit Ihrem Namen, allerdings mit ihrer E-Mail-Adresse angesprochen. In der Nachricht behaupten die Kriminellen, dass mit einem neuen Gerät auf Ihr Konto zugegriffen wurde. https://www.watchlist-internet.at/news/login-mit-neuem-geraet-kriminelle-versenden-personalisierte-e-mail-im-namen-der-bawag/Vulnerabilities
ZDI-23-547: (0Day) Linux Kernel IPv6 RPL Protocol Reachable Assertion Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. http://www.zerodayinitiative.com/advisories/ZDI-23-547/Sante DICOM Viewer Vulnerabilites
https://www.zerodayinitiative.com/advisories/ZDI-23-523/https://www.zerodayinitiative.com/advisories/ZDI-23-524/ https://www.zerodayinitiative.com/advisories/ZDI-23-525/ https://www.zerodayinitiative.com/advisories/ZDI-23-526/ https://www.zerodayinitiative.com/advisories/ZDI-23-527/ https://www.zerodayinitiative.com/advisories/published/