Juniper Networks Releases Security Updates for Multiple Products

https://www.cisa.gov/uscert/ncas/current-activity/2022/01/13/juniper-networks-releases-security-updates-multiple-products

Citrix Hypervisor Security Update

2022-01-12 Initial Publication

What Customers Should Do
Citrix has released hotfixes to address these issues. Citrix recommends that affected customers install these hotfixes as their patching schedule allows. The hotfixes can be downloaded from the following locations:
Citrix Hypervisor 8.2 CU1 LTSR: CTX338448 and CTX335882
Citrix Hypervisor 8.2: CTX338444 and CTX335880
Citrix XenServer 7.1 LTSR CU2: CTX335531 and CTX335881

https://support.citrix.com/article/CTX335432

Múltiples vulnerabilidades en IBM HTTP Server

Fecha de publicación: 13/01/2022
Importancia: 5 - Crítica

Recursos afectados:
IBM HTTP Server (utilizado por IBM WebSphere Application Server), versión 9.0

Descripción:
IBM ha publicado 2 vulnerabilidades, 1 crítica y 1 alta, que podrían permitir a un atacante enviar peticiones a un Unix Domain Socket del endpoint, la ejecución remota de código o el bloqueo de la aplicación.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-ibm-http-server

Security problem of zabbix-agent2
CVE-2022-22704
CVSS Score : 10.0

The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would (in effect) determine part of the configuration.
Publish Date : 2022-01-06
Last Update Date : 2022-01-13


https://gitlab.alpinelinux.org/alpine/aports/-/issues/13368

Vulnerabilidad crítica en Cisco Unified CCMP y CCDM

https://unaaldia.hispasec.com/2022/01/vulnerabilidad-critica-en-cisco-unified-ccmp-y-ccdm.html

Windows Update

An out-of-band update has been released to address issues related to VPN connectivity, Windows Server Domain Controllers restarting, Virtual Machine start failures, and ReFS-formatted removeable media failing.

https://twitter.com/WindowsUpdate/status/1483212333560172545?t=qdgWjT1hdxGZ332GaZQ7fw&s=19

VMSA-2022-0002
CVSSv3 Range: 4.0
Issue Date: 2022-01-18
Updated On: 2022-01-18 (Initial Advisory)
CVE(s): CVE-2022-22938

Synopsis:
VMware Workstation and Horizon Client for Windows updates address a denial-of-service vulnerability (CVE-2022-22938)

Impacted Products
VMware Workstation Pro / Player (Workstation)
VMware Horizon Client for Windows


https://www.vmware.com/security/advisories/VMSA-2022-0002.html

Oracle Releases January 2022 Critical Patch Update

https://www.cisa.gov/uscert/ncas/current-activity/2022/01/18/oracle-releases-january-2022-critical-patch-update

Emotet often uses information from emails and address books stolen from infected Windows hosts. Malicious spam (malspam) from Emotet spoofs legitimate senders to trick potential victims into running malicious files.

Additionally, Emotet uses IP address 0.0.0.0 in spambot traffic, possibly attempting to hide the actual IP address of an Emotet-infected host.


https://isc.sans.edu/diary/0.0.0.0+in+Emotet+Spambot+Traffic/28254

EU wants to build its own DNS infrastructure with built-in filtering capabilities

https://therecord.media/eu-wants-to-build-its-own-dns-infrastructure-with-built-in-filtering-capabilities/

VMSA-2021-0028.9

CVSSv3 Range:9.0-10.0
Issue Date:2021-12-10
Updated On:2022-01-19

CVE(s): CVE-2021-44228, CVE-2021-45046

Synopsis:
VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability

https://www.microsoft.com/security/blog/2021/12/11/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation/

Vulnerabilidad crítica en plugins WordPress

https://unaaldia.hispasec.com/2022/01/vulnerabilidad-critica-en-plugins-wordpress.html

Múltiples vulnerabilidades en Cisco Redundancy Configuration Manager

Fecha de publicación: 20/01/2022
Importancia: 5 - Crítica

Recursos afectados:
Cisco RCM para Cisco StarOS Software.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-cisco-redundancy-configuration-manager

Omisión de autentificación en ManageEngine Desktop Central

Fecha de publicación: 20/01/2022
Importancia: 5 - Crítica

Recursos afectados:
Desktop Central,
Desktop Central MSP.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/omision-autentificacion-manageengine-desktop-central

Múltiples vulnerabilidades en el core de Drupal

Fecha de publicación: 20/01/2022
Importancia: 3 - Media

Recursos afectados:
Drupal, versión 9.3, 9.2 y 7.

Las versiones de Drupal 8 y de Drupal 9, anteriores a la 9.2.x, se encuentran al final de su vida útil y ya no reciben cobertura de seguridad.

Descripción:
Se han publicado cinco vulnerabilidades de severidad media que podrían afectar al core de Drupal.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-el-core-drupal-2

F5 Releases January 2022 Quarterly Security Notification

https://www.cisa.gov/uscert/ncas/current-activity/2022/01/20/f5-releases-january-2022-quarterly-security-notification

McAfee Releases Security Update for McAfee Agent for Windows

McAfee has released McAfee Agent for Windows version 5.7.5, which addresses vulnerabilities CVE-2021-31854 and CVE-2022-0166. An attacker could exploit these vulnerabilities to take control of an affected system.

https://www.cisa.gov/uscert/ncas/current-activity/2022/01/21/mcafee-releases-security-update-mcafee-agent-windows

BitLocker encryption: Clear text key storage prompts security debate online.

Many are questioning why keys are saved in the clear ahead of sign-in

Microsoft’s design choices when it comes to the management of BitLocker encryption keys have been questioned online.

This month, a Twitter and StackOverflow debate has been taking place over how BitLocker encryption keys are stored before users sign in with a Microsoft account.

In a Twitter thread started by user @atomicthumbs, the question was why, when an installation of Microsoft Windows 11 with a local account takes place, the drive will still be encrypted with BitLocker – “but it keeps the key on the drive... in clear text... until you sign in with a Microsoft account”.

https://portswigger.net/daily-swig/bitlocker-encryption-clear-text-key-storage-prompts-security-debate-online

Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware.

https://www.trendmicro.com/en_us/research/22/a/emotet-spam-abuses-unconventional-ip-address-formats-spread-malware.html