Tageszusammenfassung - 22.08.2024

End-of-Day report

Timeframe: Mittwoch 21-08-2024 18:00 - Donnerstag 22-08-2024 18:00 Handler: Alexander Riepl Co-Handler: n/a

News

Google fixes ninth Chrome zero-day exploited in attacks this year

--Today, Google released a new Chrome emergency security update to patch a zero-day vulnerability, the ninth one tagged as exploited this year.

https://www.bleepingcomputer.com/news/security/google-fixes-tenth-actively-exploited-chrome-zero-day-in-2024/

U.S. charges Karakurt extortion gang-s -cold case- negotiator

A member of the Russian Karakurt ransomware group has been charged in the U.S. for money laundering, wire fraud, and extortion crimes.

https://www.bleepingcomputer.com/news/legal/us-charges-karakurt-extortion-gangs-cold-case-negotiator/

Löschpflicht und Sicherheitslücken: Bußgelder wegen Datenschutzverstößen häufen sich

In Hamburg wurden bereits jetzt mehr Bußgeldverfahren wegen Datenschutzverstößen abgeschlossen als im Kalenderjahr 2023. Die Strafen sind mitunter hoch.

https://www.golem.de/news/loeschpflicht-und-sicherheitsluecken-bussgelder-wegen-datenschutzverstoessen-haeufen-sich-2408-188288.html

Memory corruption vulnerabilities in Suricata and FreeRDP

While pentesting KasperskyOS-based Thin Client and IoT Secure Gateway, we found several vulnerabilities in the Suricata and FreeRDP open-source projects. We shared details on these vulnerabilities with the community along with our fuzzer.

https://securelist.com/suricata-freerdp-memory-corruption/113489/

Windows Security best practices for integrating and managing security tools

We examine the recent CrowdStrike outage and provide a technical overview of the root cause.

https://www.microsoft.com/en-us/security/blog/2024/07/27/windows-security-best-practices-for-integrating-and-managing-security-tools/

Understanding the -Morphology- of Ransomware: A Deeper Dive

Ransomware isnt just about malware. Its about brands, trust, and the shifting allegiances of cybercriminals.

https://www.securityweek.com/understanding-the-morphology-of-ransomware-a-deeper-dive/

Recall: Microsofts umstrittenes "Überwachungs"-Feature kommt zurück

Nach heftigen Sicherheitsbedenken will das Unternehmen bei der neuen KI-Funktion nachgebessert haben

https://www.derstandard.at/story/3000000233374/recall-microsofts-umstrittenes-ueberwachungs-feature-kommt-zurueck

BLUUID: Firewallas, Diabetics, And- Bluetooth

Dive into the fascinating and overlooked realm of Bluetooth Low Energy (BTLE) security in GreyNoise Labs latest blog post. Learn techniques for remote device identification, uncover vulnerabilities, and explore the broader implications for IoT and healthcare.

https://www.greynoise.io/blog/bluuid-firewallas-diabetics-and-bluetooth

PEAKLIGHT: Decoding the Stealthy Memory-Only Malware

Mandiant identified a new memory-only dropper using a complex, multi-stage infection process. This memory-only dropper decrypts and executes a PowerShell-based downloader. This PowerShell-based downloader is being tracked as PEAKLIGHT.OverviewMandiant Managed Defense identified a memory-only dropper and downloader delivering ..

https://cloud.google.com/blog/topics/threat-intelligence/peaklight-decoding-stealthy-memory-only-malware/

Angreifer können Ciscos VoIP-System Unified Communications Manager lahmlegen

Aufgrund von Sicherheitslücken sind Attacken auf mehrere Cisco-Produkte möglich. Updates sind verfügbar.

https://heise.de/-9843447

Vulnerabilities