End-of-Day report
Timeframe: Donnerstag 24-10-2024 18:00 - Freitag 25-10-2024 18:00
Handler: Alexander Riepl
Co-Handler: Michael Schlagenhaufer
News
Denial of Service in Cisco ASA & FTD und weitere Cisco Advisories
Cisco berichtet in einem kürzlich veröffentlichten Advisory, sich "malicious use" einer Denial-of-Service Sicherheitslücke in Cisco Adaptive Security Appliance & Firepower Threat Defense Software Remote Access VPN bewusst zu sein. Berichten nach handelt es sich hierbei aber nicht um gezielte Denial-of-Service Angriffe, sondern um Seiteneffekte von breitgestreuten Brute-Force oder Credential-Spraying Attacken.
https://www.cert.at/de/aktuelles/2024/10/denial-of-service-in-cisco-asa-ftd-und-weitere-cisco-advisories
Objektorientiert und weniger redundant: Das BSI stellt den IT-Grundschutz++ vor
Das BSI hat sich das Ziel gesetzt, den IT-Grundschutz anwenderfreundlicher zu machen. Dafür setzt man auf Maschinenlesbarkeit und eine schlankere Dokumentation.
https://heise.de/-9994010
AWS Cloud Development Kit Vulnerability Exposes Users to Potential Account Takeover Risks
Cybersecurity researchers have disclosed a security flaw impacting Amazon Web Services (AWS) Cloud Development Kit (CDK) that could have resulted in an account takeover under specific circumstances. [..] Following responsible disclosure on June 27, 2024, the issue was addressed by the project maintainers in CDK version 2.149.0 released in July.
https://thehackernews.com/2024/10/aws-cloud-development-kit-vulnerability.html
NotLockBit: ransomware discovery serves as wake-up call for Mac users
Historically, Mac users havent had to worry about malware as much as their Windows-using cousins. But that doesnt mean that Mac users should be complacent. And the recent discovery of a new malware strain emphasises that the threat - even if much smaller than on Windows - remains real.
https://www.tripwire.com/state-of-security/notlockbit-rransomware-discovery-serves-wake-call-mac-users
Embargo ransomware: Rock-n-Rust
Novice ransomware group Embargo is testing and deploying a new Rust-based toolkit
https://www.welivesecurity.com/en/eset-research/embargo-ransomware-rocknrust/
From crisis to confidence: How the University of Rijeka used a network breach to reboot their cybersecurity
How would your institution respond if a seemingly ordinary system check uncovered a major security incident? That-s exactly what the University of Rijeka faced when a member of the IT team discovered an unauthorised virtual machine template during a routine check - just as a new academic year began.
https://connect.geant.org/2024/10/25/from-crisis-to-confidence-how-the-university-of-rijeka-used-a-network-breach-to-reboot-their-cybersecurity
Moderne Datenkraken: Smart-TVs tracken sogar HDMI-Inhalte
Smart-TVs werten sogar dann Bildinhalte aus, wenn ein HDMI-Zuspieler genutzt wird. Die Analysen dienen gezielter Werbung.
https://heise.de/-9994787
Vonovia in der Kritik: Smarte Rauchmelder bergen Risiko der Spionage
Die Rauchmelder erfassen allerhand Informationen über die Luftqualität und schicken sie durchs Internet - für Kriminelle ein willkommener Datenschatz. [..] Vonovia selbst verarbeitet die Daten angeblich nur in anonymisierter Form.
https://www.golem.de/news/vonovia-in-der-kritik-smarte-rauchmelder-bergen-risiko-der-spionage-2410-190178.html
Vulnerabilities
NTR