Aktuelle Sicherheitslücken

Jedimaster

Here to stay

Registered: Dec 2005
Location: Linz
Posts: 3805

15.11.2023 - 10:24

Falls jemand einen AMD Virtualisierungshost im Einsatz hat und 'fremde' mithostet - evtl. interessant:

https://www.heise.de/news/CacheWarp...Us-9528270.html

Viper780

Elder
Er ist tot, Jim!

Registered: Mar 2001
Location: Wien
Posts: 51042

15.11.2023 - 10:47

Allen mit Ice Lake, Rocket Lake, Tiger Lake, Raptor Lake, Alder Lake, Sapphire Rapids (und vielleicht anderen) können auch gleich mit patchen

Google researchers discover 'Reptar,’ a new CPU vulnerability | Google Cloud Blog

A new CPU vulnerability, ‘Reptar,’ found by Google researchers, has been patched by Google and Intel. Here’s what you need to know.

Link: cloud.google.com

sichNix

Here to stay

Registered: Nov 2014
Location: 1230
Posts: 1095

15.11.2023 - 12:11

Confluence backdoor ‘Effluence’ persists even after patching

Got a Confluence server? Listen up. Malware said to have wide-ranging capabilities

Link: www.theregister.com

sichNix

Here to stay

Registered: Nov 2014
Location: 1230
Posts: 1095

24.11.2023 - 08:43

Cloud-Computing-Software ownCloud und Nextcloud angreifbar

Angreifer können unbefugt auf Dateien auf Nextcloud- und ownCloud-Servern zugreifen. Sicherheitsupdates und Workarounds schaffen Abhilfe.

Link: www.heise.de

Disclosure of sensitive credentials and configuration in containerized deployments - ownCloud

Risk: critical CVSS v3 Base Score: 10 CVSS v3 Vector: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CWE ID: CWE-200 CWE Name: Exposure of Sensitive Information to an Unauthorized Actor Description The “graphapi” app relies on a third-party library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes […]

Link: owncloud.com

WebDAV Api Authentication Bypass using Pre-Signed URLs - ownCloud

Risk: high CVSS v3 Base Score: 9.8 CVSS v3 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CWE ID: CWE-665 CWE Name: Improper Initialization Description It is possible to access, modify or delete any file without authentication if the username of the victim is known and the victim has no signing-key configured (which is the default). Affected core 10.6.0 – 10.13.0 […]

Link: owncloud.com

mr.nice.

differential image maker

Registered: Jun 2004
Location: Wien
Posts: 6613

28.11.2023 - 18:46

FYI ich habe gerade eine hack notice für ebay.com erhalten, Zugangsdaten ändern kann nicht schaden.

smashIt

master of disaster

Registered: Feb 2004
Location: OÖ
Posts: 5331

28.11.2023 - 19:05

hier noch nichts.
war die mail echt?

mr.nice.

differential image maker

Registered: Jun 2004
Location: Wien
Posts: 6613

28.11.2023 - 19:15

Laut den Metadaten ist sie echt.
eBay, Inc. Data Security hack as reported to the State of New Hampshire Department of Justice, Oct 26 2023.

Fraglich warum ich sie jetzt erst erhalten habe.

smashIt

master of disaster

Registered: Feb 2004
Location: OÖ
Posts: 5331

28.11.2023 - 19:32

dann bin ich mal gespannt, wann die mail bei mir eintrudelt.

InfiX

she/her

Registered: Mar 2002
Location: Graz
Posts: 14679

28.11.2023 - 20:38

ich hab auch (noch?) nichts bekommen.

Elbart

Here to stay

Registered: Dec 2002
Location: Hobbingen
Posts: 858

06.12.2023 - 21:09

Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack

UEFIs booting Windows and Linux devices can be hacked by malicious logo images.

Link: arstechnica.com

Zitat
LogoFAIL is a newly discovered set of high-impact security vulnerabilities affecting different image parsing libraries used in the system firmware by various vendors during the device boot process. These vulnerabilities are present in most cases inside reference code, impacting not a single vendor but the entire ecosystem across this code and device vendors where it is used. This attack can give a threat actor an advantage in bypassing most endpoint security solutions and delivering a stealth firmware bootkit that will persist in a firmware capsule with a modified logo image.

that

Hoffnungsloser Optimist

Registered: Mar 2000
Location: MeidLing
Posts: 11345

06.12.2023 - 21:44

Zitat aus einem Post von Elbart
Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack

Na toll, um den Expoit zu installieren, braucht man erstmal Root/Admin-Rechte, um die EFI-Partition zu mounten und das Logo reinzukopieren.

smashIt

master of disaster

Registered: Feb 2004
Location: OÖ
Posts: 5331

24.01.2024 - 01:46

Mother of All Breaches: a Historic Data Leak Reveals 26 Billion Records | Cybernews

The supermassive leak contains data from numerous previous breaches, comprising an astounding 12 terabytes of information, spanning over a mind-boggling 26 billion records. The leak is almost certainly the largest ever discovered.

There are data leaks, and then there’s this. A supermassive Mother of all Breaches (MOAB for short) includes records from thousands of meticulously compiled and reindexed leaks, breaches, and privately sold databases. The full and searchable list is included at the end of this article.

Bob Dyachenko, cybersecurity researcher and owner at SecurityDiscovery.com, together with the Cybernews team, has discovered billions upon billions of exposed records on an open instance whose owner is unlikely ever to be identified.

Link: cybernews.com

26 milliarden einträge sind schon eine ansage

Jedimaster

Here to stay

Registered: Dec 2005
Location: Linz
Posts: 3805

06.02.2024 - 14:32

Unglaublich was heutzutags alles sicherheitsrelevant sein kann ...Wer also nicht 'gut durch' oder als 'Eisblock' aufwachen möchte und eine Wärmepumpe sein Eigen nennt sollte eventuell handeln

https://www.heise.de/news/Waermepum...rt-9618846.html

Daeda

Here to stay

Registered: Aug 2007
Location: Graz
Posts: 1633

06.02.2024 - 15:50

wenigstens wars passwort nicht "root" oder 12345

COLOSSUS

Administrator
GNUltra

Registered: Dec 2000
Location: ~
Posts: 12202

06.02.2024 - 15:54

Zitat aus einem Post von Daeda
wenigstens wars passwort nicht "root" oder 12345

Bitte in Zukunft keine vertraulichen, zum Zugriff auf den oc.at-Server notwendigen Daten im Forum posten. Vielen Dank!

Jedimaster Here to stay Registered: Dec 2005 Location: Linz Posts: 3805	15.11.2023 - 10:24 Falls jemand einen AMD Virtualisierungshost im Einsatz hat und 'fremde' mithostet - evtl. interessant: https://www.heise.de/news/CacheWarp...Us-9528270.html
Viper780 Elder Er ist tot, Jim! Registered: Mar 2001 Location: Wien Posts: 51042	15.11.2023 - 10:47 Allen mit Ice Lake, Rocket Lake, Tiger Lake, Raptor Lake, Alder Lake, Sapphire Rapids (und vielleicht anderen) können auch gleich mit patchen Google researchers discover 'Reptar,’ a new CPU vulnerability \| Google Cloud Blog A new CPU vulnerability, ‘Reptar,’ found by Google researchers, has been patched by Google and Intel. Here’s what you need to know. Link: cloud.google.com
sichNix Here to stay Registered: Nov 2014 Location: 1230 Posts: 1095	15.11.2023 - 12:11 Confluence backdoor ‘Effluence’ persists even after patching Got a Confluence server? Listen up. Malware said to have wide-ranging capabilities Link: www.theregister.com
sichNix Here to stay Registered: Nov 2014 Location: 1230 Posts: 1095	24.11.2023 - 08:43 Cloud-Computing-Software ownCloud und Nextcloud angreifbar Angreifer können unbefugt auf Dateien auf Nextcloud- und ownCloud-Servern zugreifen. Sicherheitsupdates und Workarounds schaffen Abhilfe. Link: www.heise.de Disclosure of sensitive credentials and configuration in containerized deployments - ownCloud Risk: critical CVSS v3 Base Score: 10 CVSS v3 Vector: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CWE ID: CWE-200 CWE Name: Exposure of Sensitive Information to an Unauthorized Actor Description The “graphapi” app relies on a third-party library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes […] Link: owncloud.com WebDAV Api Authentication Bypass using Pre-Signed URLs - ownCloud Risk: high CVSS v3 Base Score: 9.8 CVSS v3 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CWE ID: CWE-665 CWE Name: Improper Initialization Description It is possible to access, modify or delete any file without authentication if the username of the victim is known and the victim has no signing-key configured (which is the default). Affected core 10.6.0 – 10.13.0 […] Link: owncloud.com
mr.nice. differential image maker Registered: Jun 2004 Location: Wien Posts: 6613	28.11.2023 - 18:46 FYI ich habe gerade eine hack notice für ebay.com erhalten, Zugangsdaten ändern kann nicht schaden.
smashIt master of disaster Registered: Feb 2004 Location: OÖ Posts: 5331	28.11.2023 - 19:05 hier noch nichts. war die mail echt?
mr.nice. differential image maker Registered: Jun 2004 Location: Wien Posts: 6613	28.11.2023 - 19:15 Laut den Metadaten ist sie echt. eBay, Inc. Data Security hack as reported to the State of New Hampshire Department of Justice, Oct 26 2023. Fraglich warum ich sie jetzt erst erhalten habe.
smashIt master of disaster Registered: Feb 2004 Location: OÖ Posts: 5331	28.11.2023 - 19:32 dann bin ich mal gespannt, wann die mail bei mir eintrudelt.
InfiX she/her Registered: Mar 2002 Location: Graz Posts: 14679	28.11.2023 - 20:38 ich hab auch (noch?) nichts bekommen.
Elbart Here to stay Registered: Dec 2002 Location: Hobbingen Posts: 858	06.12.2023 - 21:09 Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack UEFIs booting Windows and Linux devices can be hacked by malicious logo images. Link: arstechnica.com Zitat LogoFAIL is a newly discovered set of high-impact security vulnerabilities affecting different image parsing libraries used in the system firmware by various vendors during the device boot process. These vulnerabilities are present in most cases inside reference code, impacting not a single vendor but the entire ecosystem across this code and device vendors where it is used. This attack can give a threat actor an advantage in bypassing most endpoint security solutions and delivering a stealth firmware bootkit that will persist in a firmware capsule with a modified logo image.
that Hoffnungsloser Optimist Registered: Mar 2000 Location: MeidLing Posts: 11345	06.12.2023 - 21:44 Zitat aus einem Post von Elbart Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack Na toll, um den Expoit zu installieren, braucht man erstmal Root/Admin-Rechte, um die EFI-Partition zu mounten und das Logo reinzukopieren.
smashIt master of disaster Registered: Feb 2004 Location: OÖ Posts: 5331	24.01.2024 - 01:46 Mother of All Breaches: a Historic Data Leak Reveals 26 Billion Records \| Cybernews The supermassive leak contains data from numerous previous breaches, comprising an astounding 12 terabytes of information, spanning over a mind-boggling 26 billion records. The leak is almost certainly the largest ever discovered. There are data leaks, and then there’s this. A supermassive Mother of all Breaches (MOAB for short) includes records from thousands of meticulously compiled and reindexed leaks, breaches, and privately sold databases. The full and searchable list is included at the end of this article. Bob Dyachenko, cybersecurity researcher and owner at SecurityDiscovery.com, together with the Cybernews team, has discovered billions upon billions of exposed records on an open instance whose owner is unlikely ever to be identified. Link: cybernews.com 26 milliarden einträge sind schon eine ansage
Jedimaster Here to stay Registered: Dec 2005 Location: Linz Posts: 3805	06.02.2024 - 14:32 Unglaublich was heutzutags alles sicherheitsrelevant sein kann ...Wer also nicht 'gut durch' oder als 'Eisblock' aufwachen möchte und eine Wärmepumpe sein Eigen nennt sollte eventuell handeln https://www.heise.de/news/Waermepum...rt-9618846.html
Daeda Here to stay Registered: Aug 2007 Location: Graz Posts: 1633	06.02.2024 - 15:50 wenigstens wars passwort nicht "root" oder 12345
COLOSSUS Administrator GNUltra Registered: Dec 2000 Location: ~ Posts: 12202	06.02.2024 - 15:54 Zitat aus einem Post von Daeda wenigstens wars passwort nicht "root" oder 12345 Bitte in Zukunft keine vertraulichen, zum Zugriff auf den oc.at-Server notwendigen Daten im Forum posten. Vielen Dank!

Aktuelle Sicherheitslücken

Forum Index > Software > Applications, Apps & Drivers

Jedimaster

Viper780

sichNix

sichNix

mr.nice.

smashIt

mr.nice.

smashIt

InfiX

Elbart

that

smashIt

Jedimaster

Daeda

COLOSSUS