End-of-Day report
Timeframe: Freitag 24-01-2025 18:00 - Montag 27-01-2025 18:00
Handler: Alexander Riepl
Co-Handler: n/a
News
Eine verpasste Chance: Schwaches Passwort-Hashing in VxWorks
Die Sicherheit von eingebetteten Systemen, die Echtzeitbetriebssysteme (RTOS) wie Wind River VxWorks verwenden, ist in risikoreichen Bereichen wie OT, ..
https://sec-consult.com/de/blog/detail/eine-verpasste-chance-schwaches-passwort-hashing-in-vxworks/
Cracking the Giant: How ODAT Challenges Oracle, the King of Databases
In the past decade, Oracle Database (Oracle DB) has reigned supreme in the competitive arena of database engine popularity ranking as shown in Figure 1 and Figure 2. This pervasiveness has led Oracle Database to be trusted by Fortune 500 companies (e.g. Netflix, LinkedIn, eBay, etc.) to house, process, and safeguard their critical data. Its ..
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cracking-the-giant-how-odat-challenges-oracle-the-king-of-databases/
GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs
Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to a users Git credentials."Git implements a protocol called Git Credential Protocol to retrieve credentials from the ..
https://thehackernews.com/2025/01/github-desktop-vulnerability-risks.html
Scammers Are Creating Fake News Videos to Blackmail Victims
-Yahoo Boy- scammers are impersonating CNN and other news organizations to create videos that pressure victims into making blackmail payments.
https://www.wired.com/story/scammers-are-creating-fake-news-videos-to-blackmail-victims/
Technical Analysis of Xloader Versions 6 and 7 | Part 1
Xloader is a malware family that is the successor to Formbook with information stealing capabilities targeting web browsers, email clients, and File Transfer Protocol (FTP) applications. The malware is also able to deploy second-stage payloads to an infected system. The author of Xloader regularly adds new functionality to target more ..
https://www.zscaler.com/blogs/security-research/technical-analysis-xloader-versions-6-and-7-part-1
Nach Sicherheitslücke bei D-Trust: CCC spricht von "Cyber-Augenwischerei"
Der Chaos Computer Club fordert vom Vertrauensdiensteanbieter D-Trust Verantwortung zu tragen und die Abschaffung des Hackerparagraphen.
https://www.heise.de/news/Nach-Sicherheitsluecke-bei-D-Trust-CCC-spricht-von-Cyber-Augenwischerei-10256537.html
Palo-Alto: Sicherheitslücken in Firmware und Bootloadern von Firewalls
Die Firmware und Bootloader von einigen Palo-Alto-Firewalls weisen Sicherheitslecks auf, die Angreifern das Einnisten nach Angriffen ermöglichen.
https://www.heise.de/news/Palo-Alto-Sicherheitsluecken-in-Firmware-und-Bootloadern-von-Firewalls-10257031.html
Hacked buses blare out patriotic pro-European anthems in Tbilisi, attack government
Residents of Tbilisi, the capital city of Georgia, experienced an unexpected and unusual start to their Friday morning commute. As they boarded their public transport buses, they were greeted by a barrage of sound emanating ..
https://www.bitdefender.com/en-us/blog/hotforsecurity/hacked-buses-blare-out-patriotic-pro-european-anthems-in-tbilisi-attack-government
The 2024 Ransomware Landscape: Looking back on another painful year
In this post, we-ll examine the latest data points, discuss notable groups, and estimate the potential impact on victims - helping security teams plan their defenses for the months ahead.
https://www.rapid7.com/blog/post/2025/01/27/the-2024-ransomware-landscape-looking-back-on-another-painful-year/
Brave Desktop Browser Vulnerability Lets Malicious Sites Appear Trusted
A critical vulnerability in Brave Browser allows malicious websites to appear as trusted sources during file uploads/downloads.
https://hackread.com/brave-desktop-browser-vulnerability-malicious-sites-trusted/
Datadog threat roundup: top insights for Q4 2024
Threat insights from Datadog Security Labs for Q4 2024.
https://securitylabs.datadoghq.com/articles/2024-q4-threat-roundup/
Exploit Me, Baby, One More Time: Command Injection in Kubernetes Log Query
Kubernetes and containers in general have become a predominant force in the security world - and, as such, they-ve been a point of interest for researchers worldwide (including us). Our research journey initially led ..
https://www.akamai.com/blog/security-research/2024-january-kubernetes-log-query-rce-windows
Node.js EOL Versions CVE Dubbed the "Worst CVE of the Year" by Security Experts
On January 22, 2025, CVE-2025-23088 was published by HackerOne to inform users about the risks of continuing to use End-of-Life (EOL) versions of Node.js. This CVE has quickly sparked debate in the security community, with some experts labeling it the -worst CVE of the year- - not for its severity, but for the controversy surrounding ..
https://socket.dev/blog/node-js-eol-versions-cve-dubbed-the-worst-cve-of-the-year
Vulnerabilities
Security updates for Monday
Security updates have been issued by AlmaLinux (git-lfs, java-17-openjdk, java-21-openjdk, kernel, and python-jinja2), Debian (git and git-lfs), Fedora (buildah, chromium, containers-common, freeipa, glibc, golang, mediawiki, pam-u2f, podman, and rsync), Mageia (glibc, iperf, openssl, phpmyadmin, and poppler), Oracle (firefox, git-lfs, grafana, ..
https://lwn.net/Articles/1006261/
Wind River Software VxWorks RTOS Weak Password Hashing Algorithms
https://sec-consult.com/vulnerability-lab/advisory/wind-river-software-vxworks-rtos-weak-password-hashing-algorithms/