Telekom Security Updates
-
Shining some light on the DarkGate loader
Analysis and Report by Fabian Marquardt (@marqufabi)Recently, Telekom Security CTI was made aware via trust groups in which we are engaged about a new malware campaign that is distributed via phishing emails. The malspam campaign used st...
Continue Reading -
LibreOffice Calc Formula Parsing Vulnerability
A vulnerability in LibreOffice (CVE-2023-0950) allows to trigger an array index underflow that could be exploited by an attacker to execute arbitrary code. To trigger the vulnerability, a victim only needs to open a specially crafted Spr...
Continue Reading -
Mozilla Maintenance Service Write-lock bypass Vulnerability
A vulnerability in the Mozilla Maintenance Service (CVE-2023-29532) allows a local attacker to trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service to an update file on a malicious SMB serve...
Continue Reading -
USD: One File Format, Many Vulnerabilities
This post covers my project of identifying a series of vulnerabilities (CVE-2020-9878, CVE-2020-9880, CVE-2020-9881, CVE-2020-9882, CVE-2020-9940, CVE-2020-9985) in the processing of USD (Universal Scene Description) files within Apple’s...
Continue Reading -
Critical remote buffer overflow vulnerability in matrixssl TLSv1.3 server message processing
A new critical remote buffer overflow vulnerability (CVE-2022-43974) was discovered in the matrixssl library (versions 4.5.1- 4.0.0, https://github.com/matrixssl/matrixssl) by Security Evaluators of Telekom Security with modern fuzzing m...
Continue Reading -
Apple's iOS & macOS Contacts Vulnerability - Privacy Preferences Bypass
A vulnerability has been identified in iOS/iPadOS < 15.7 / < 16.0 and macOS Big Sur < 11.7 that allows an app to bypass Privacy preferences, posing a significant risk. The vulnerability, classified as Improper Input Validation a...
Continue Reading -
T-Pot Version 22.04 released
We are proud to announce the release of T-Pot 22.04 with lots of new features i.e. new honeypots, a distributed installation option, arm64 support, live attack maps, Debian 11 base, ELK 8.x, and more. If you ever wanted to get started wi...
Continue Reading -
Twitter Account of Deutsche Telekom's CERT Resumed
We are very pleased to announce that Deutsche Telekom’s CERT recently has resumed their twitter activity. Make sure to follow @DTCERT for technical tweets from CERT, CTI, and DFIR.
Continue Reading