SANS NewsBites

US Federal Agencies Must Mitigate Log4J Vulnerability by December 24; Log4J Updates Again; CISA and White House Urge Critical Infrastructure Owners and Operators to Bolster Security

December 17, 2021  |  Volume XXIII - Issue #98

Internet Storm Center Tech Corner

Microsoft Patches

https://isc.sans.edu/forums/diary/Microsoft+December+2021+Patch+Tuesday/28132/


Log4j Updates

https://isc.sans.edu/forums/diary/Log4j+2150+and+previously+suggested+mitigations+may+not+be+enough/28134/


Log4j Scanner

https://github.com/dtact/divd-2021-00038--log4j-scanner


Log4j Updates

https://github.com/cisagov/log4j-affected-db

https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+December+2021

https://twitter.com/sans_isc/status/1471611522694717445


Undetected Powershell Backdoor

https://isc.sans.edu/forums/diary/Simple+but+Undetected+PowerShell+Backdoor/28138/


How the "Contact Forms" Campaign Tricks People

https://isc.sans.edu/forums/diary/How+the+Contact+Forms+campaign+tricks+people/28142/


Bluetooth Used to Extract WiFi Secrets

https://arxiv.org/pdf/2112.05719.pdf


Webkit Bug Exploitable in PS4

https://arstechnica.com/gaming/2021/12/new-ps4-homebrew-exploit-points-to-similar-ps5-hacks-to-come/


Lenovo Privilege Escalation Vulnerability

https://support.lenovo.com/cy/en/product_security/len-75210

https://research.nccgroup.com/2021/12/15/technical-advisory-lenovo-imcontroller-local-privilege-escalation-cve-2021-3922-cve-2021-3969/


Apple Updates

https://support.apple.com/en-us/HT201222


Adobe Security Updates

https://helpx.adobe.com/security.html


Remote Deserialization Bug in Microsoft RDP Client Through Smart Card Extension

https://thalium.github.io/blog/posts/deserialization-bug-through-rdp-smart-card-extension/