[CERT-daily] Tageszusammenfassung - 11.07.2018

Daily end-of-shift report team at cert.at
Wed Jul 11 18:07:18 CEST 2018


=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 10-07-2018 18:00 − Mittwoch 11-07-2018 18:00
Handler:     Alexander Riepl
Co-Handler:  Robert Waldner

=====================
=       News        =
=====================

∗∗∗ CoinRocket GmbH sucht Finanzverwalter für strafbare Arbeit ∗∗∗
---------------------------------------------
Die CoinRocket GmbH mit Sitz in Hard in der Steiermark betreibt die Website coinrocket.at. Auf Jobportalen inseriert die angebliche Firma Stellenausschreibungen für die Position eines/r FinanzverwaltungsassistentIn in Heimarbeit. InteressentInnen müssen bei dieser Arbeit ihre Kontodaten bekannt geben und sollen eingehende Zahlungen weiterleiten. Das Geld stammt dabei von Verbrechen und die FinanzverwalterInnen machen sich durch ihr Zutun strafbar.
---------------------------------------------
https://www.watchlist-internet.at/news/coinrocket-gmbh-sucht-finanzverwalter-fuer-strafbare-arbeit/


∗∗∗ New Spectre 1.1 and Spectre 1.2 CPU Flaws Disclosed ∗∗∗
---------------------------------------------
Two security researchers have revealed details about two new Spectre-class vulnerabilities, which theyve named Spectre 1.1 and Spectre 1.2. [...]
---------------------------------------------
https://www.bleepingcomputer.com/news/security/new-spectre-11-and-spectre-12-cpu-flaws-disclosed/


∗∗∗ Internet: Viele ISPs geben BGP-Probleme einfach weiter ∗∗∗
---------------------------------------------
Immer wieder kommt es per BGP-Hijacking zum Umleiten von Internetverkehr. Ebenso werden falsche BGP-Routen auch einfach weitergeleitet. Eine Auswertung zeigt, dass die großen ISPs hier zu wenig agieren. Es gibt aber auch Abhilfe gegen besonders bösartige Akteure. (BGP, DE-CIX)
---------------------------------------------
https://www.golem.de/news/internet-viele-isps-geben-bgp-probleme-einfach-weiter-1807-135419-rss.html


∗∗∗ July 2018 Security Update Release ∗∗∗
---------------------------------------------
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide.
---------------------------------------------
https://blogs.technet.microsoft.com/msrc/2018/07/10/july-2018-security-update-release/


∗∗∗ Department of Commerce Report on the Botnet Threat ∗∗∗
---------------------------------------------
Last month, the US Department of Commerce released a report on the threat of botnets and what to do about it. I note that it explicitly said that the IoT makes the threat worse, and that the solutions are largely economic.T
---------------------------------------------
https://www.schneier.com/blog/archives/2018/07/department_of_c.html


∗∗∗ Intel, Microsoft, Adobe release a swarm of bug fixes to ruin your week ∗∗∗
---------------------------------------------
Massive patch dump with 112 fixes... and thats just for the Photoshop giant
IT admins face a busy week ahead as Microsoft, Intel, and Adobe have issued bundles of scheduled security fixes addressing more than 150 CVE-listed vulnerabilities.…
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2018/07/11/july_patch_tuesday/


∗∗∗ Spectre-NG: Intel dokumentiert "spekulativen Buffer Overflow" ∗∗∗
---------------------------------------------
Wie sich jetzt herausstellt, können Spectre-NG-Exploits nicht nur geschützten Speicher auslesen, sondern auch schreiben, wo sie wollen – vorläufig zumindest.
---------------------------------------------
http://heise.de/-4108008



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Arch Linux PDF reader package poisoned ∗∗∗
---------------------------------------------
Trust nobody: abandoned code was adopted by a miscreant Arch Linux has pulled a user-provided AUR (Arch User Repository) package, because it contained malware.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2018/07/11/someone_modified_arch_linuxs_acrobat_reader_adds_security_warning/


∗∗∗ Patchday: Kritische Lücke in SAP Bussines Client ∗∗∗
---------------------------------------------
Im Juli hat SAP 11 neue Sicherheitswarnungen veröffentlicht. Davon gilt aber nur eine als kritisch. Sicherheitsupdates sind verfügbar.
---------------------------------------------
http://heise.de/-4108062


∗∗∗ SSA-635129 (Last Update: 2018-07-11): Denial-of-Service Vulnerabilities in EN100 Ethernet Communication Module and SIPROTEC 5 relays ∗∗∗
---------------------------------------------
The EN100 Ethernet communication module and SIPROTEC 5 relays are affected by security vulnerabilities which could allow an attacker to conduct a Denial-of-Service attack over the network.Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.
---------------------------------------------
https://cert-portal.siemens.com/productcert/pdf/ssa-635129.pdf


∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (cups), Oracle (kernel and qemu-kvm), Red Hat (ansible, kernel, kernel-rt, and qemu-kvm), Scientific Linux (kernel and qemu-kvm), Slackware (thunderbird), and Ubuntu (curl, firefox, imagemagick, and xapian-core).
---------------------------------------------
https://lwn.net/Articles/759525/


∗∗∗ IBM Security Bulletin: Vulnerability in IPSec-Tools affects IBM Integrated Management Module II (IMM2) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=ibm10716865


∗∗∗ IBM Security Bulletin: IBM BladeCenter Virtual Fabric 10Gb Switch Module is affected by vulnerabilites in libxml2 ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10715837


∗∗∗ IBM Security Bulletin: Vulnerability in bind affects IBM Integrated Management Module II (IMM2) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10716769


∗∗∗ IBM Security Bulletin: FileNet Content Management Interoperability Services (CMIS), which ships with IBM Content Navigator, is affected by the ability to parse untrusted XML input containing a reference to an external entity ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22017354


∗∗∗ IBM Security Bulletin: Multiple Security Issues in IBM Tealeaf Customer Experience on Cloud Network Capture Add-On ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22016643


∗∗∗ IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22016869


∗∗∗ HPESBHF03856 rev.1 - Comware v7 and Intelligent Management Center Products, Remote Denial of Service ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list