End-of-Day report
Timeframe: Freitag 23-08-2024 18:00 - Montag 26-08-2024 18:00
Handler: Alexander Riepl
Co-Handler: n/a
News
Stealthy sedexp Linux malware evaded detection for two years
A stealthy Linux malware named sedexp has been evading detection since 2022 by using a persistence technique not yet included in the MITRE ATT&CK framework.
https://www.bleepingcomputer.com/news/security/stealthy-sedexp-linux-malware-evaded-detection-for-two-years/
BSI: Prüfung der Sicherheit von Huawei bleibt ein Staatsgeheimnis
Da die Sicherheitsinteressen Deutschlands berührt sind, legt das BSI die technische Prüfung von Huawei nicht offen. Immerhin hat Golem.de erreicht, dass die Einstufung überprüft wurde.
https://www.golem.de/news/bsi-pruefung-der-sicherheit-von-huawei-bleibt-ein-staatsgeheimnis-2408-188365.html
DSGVO-Verstoß: Uber soll 290 Millionen Euro Geldstrafe zahlen
Dem beliebten Fahrdienst wird vorgeworfen, mehr als zwei Jahre lang sensible Fahrerdaten bei unzureichendem Schutz in die USA übermittelt zu haben.
https://www.golem.de/news/datenuebertragung-in-die-usa-uber-soll-290-millionen-euro-strafe-zahlen-2408-188404.html
From Highly Obfuscated Batch File to XWorm and Redline, (Mon, Aug 26th)
If you follow my diaries, you probably already know that one of my favorite topics around malware is obfuscation. I&#;x26;#;39;m often impressed by the crazy techniques attackers use to ..
https://isc.sans.edu/diary/From+Highly+Obfuscated+Batch+File+to+XWorm+and+Redline/31204
SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access
SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as ..
https://thehackernews.com/2024/08/sonicwall-issues-critical-patch-for.html
Cisco calls for United Nations to revisit cyber-crime convention
Echoes human rights groups concerns that it could suppress free speech and more Networking giant Cisco has suggested the United Nations first-ever convention against cyber-crime is dangerously flawed and should be revised before being put to a formal vote.
https://www.theregister.com/2024/08/22/cisco_criticizes_un_cybercrime_convention/
Post-Quantum Cryptography: Standards and Progress
The National Institute of Standards and Technology (NIST) just released three finalized standards for post-quantum cryptography (PQC) covering public key encapsulation and two forms of digital signatures. In progress since 2016, this achievement represents a major milestone towards standards development that will keep information on the Internet secure and confidential for many years to come.
http://security.googleblog.com/2024/08/post-quantum-cryptography-standards.html
Meta blockiert Whatsapp-Konten nach Hackerangriffen
Hierbei wurde die iranische Hackergruppe APT42 ins Visier genommen
https://www.derstandard.at/story/3000000233708/meta-blockiert-whatsapp-konten-nach-hackerangriffen
CISA Adds One Known Exploited Vulnerability to Catalog for Versa Networks Director
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of ..
https://www.cisa.gov/news-events/alerts/2024/08/23/cisa-adds-one-known-exploited-vulnerability-catalog-versa-networks-director
PEAKLIGHT: Decoding the Stealthy Memory-Only Malware
Mandiant identified a new memory-only dropper using a complex, multi-stage infection process. This memory-only dropper decrypts and executes a PowerShell-based downloader. This PowerShell-based downloader is being tracked as PEAKLIGHT.
https://cloud.google.com/blog/topics/threat-intelligence/peaklight-decoding-stealthy-memory-only-malware/
Vulnerabilities
Stable Channel Update for Desktop
http://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html
WPS Office Security Update Advisory
https://asec.ahnlab.com/en/82637/