Kategorie: IT-Security

5G-Schwachstellen: Mehr als 710 Handy-Modelle mit 5Ghoul verwundbar

heise Security  Neben Android-Smartphones sind auch Apple iPhones für Schwachstellen in 5G-Modems anfällig. IT-Forscher haben 14 DoS-Lücken entdeckt.  Read More 

Mutmaßungen über Razzia bei Ransomware-Gruppe: AlphV-Seiten im Darknet offline

heise Security  Sicherheitsforscher und kriminelle Konkurrenten spekulieren über mögliche Polizeirazzien gegen die Cyberkriminellen. AlphV selber gibt sich schmallippig.  Read More 

SpyLoan Scandal: 18 Malicious Loan Apps Defraud Millions of Android Users

The Hacker News Cybersecurity researchers have discovered 18 malicious loan apps for Android on the Google Play Store that have been collectively downloaded over 12 million times. „Despite their attractive appearance, these services are in fact designed to defraud users by offering them high-interest-rate loans endorsed with deceitful descriptions, all while collecting their victims‘ personal and Read More 

New PoolParty Process Injection Techniques Outsmart Top EDR Solutions

The Hacker News A new collection of eight process injection techniques, collectively dubbed PoolParty, could be exploited to achieve code execution in Windows systems while evading endpoint detection and response (EDR) systems. SafeBreach researcher Alon Leviev said the methods are „capable of working across all processes without any limitations, making them more flexible than existing process Read More 

Buildroot: Talos download hash verification vulnerabilities

Open Source Security  Posted by Peter Korsgaard on Dec 10 Hello, Talos recently published two vulnerability reports related to the hash verification of sources downloaded by Buildroot. These issues are fixed in Buildroot 2023.02.8 / 2023.08.4 / 2023.11. The reports are: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844 CVE-2023-45841,CVE-2023-45842,CVE-2023-45838,CVE-2023-45839,CVE-2023-45840 Multiple data integrity vulnerabilities exist in the package hash checking functionality… Read More 

USN-6543-1: GNU Tar vulnerability

Ubuntu security notices It was discovered that tar incorrectly handled extended attributes in PAX archives. An attacker could use this issue to cause tar to crash, resulting in a denial of service. Read More 

Analyzing AsyncRAT’s Code Injection into aspnet_compiler.exe Across Multiple Incident Response Cases

Trend Micro Research, News, Perspectives This blog entry delves into MxDR’s unraveling of the AsyncRAT infection chain across multiple cases, shedding light on the misuse of aspnet_compiler.exe, a legitimate Microsoft process originally designed for precompiling ASP.NET web applications. Read More 

Ransomware: Toyota informiert nach Angriff auf Finanzservice erste Kunden

heise Security  Nach dem Ransomware-Angriff der Erpressergruppe „Medusa“ auf Toyota Financial Services informiert das Unternehmen erste Kunden über den Datenschutzvorfall.  Read More 

CVE-2023-41835: Apache Struts: excessive disk usage

Open Source Security  Posted by Lukasz Lenart on Dec 09 Severity: moderate Affected versions: – Apache Struts 2.0.0 through 2.5.31 – Apache Struts through 6.3.0 Description: When a Multipart request is performed but some of the fields exceed the maxStringLength  limit, the upload files will remain in struts.multipart.saveDir  even if the request has been…

SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs

The Hacker News Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called SLAM that could be exploited to leak sensitive information from kernel memory on current and upcoming CPUs from Intel, AMD, and Arm. The attack is an end-to-end exploit for Spectre based on a new feature in Intel CPUs called Linear Address Masking (LAM) as…