[CERT-daily] Tageszusammenfassung - 13.07.2018

Fri Jul 13 18:11:51 CEST 2018

=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 12-07-2018 18:00 − Freitag 13-07-2018 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a

=====================
=       News        =
=====================


∗∗∗ Now Pushing Malware: NPM package dev logins slurped by hacked tool popular with coders ∗∗∗
---------------------------------------------
Tokens killed after eslint-scope JavaScript utility compromised An unfortunate chain reaction was averted today after miscreants tampered with a widely used JavaScript programming tool to steal other developers NPM login tokens.…
---------------------------------------------
www.theregister.co.uk/2018/07/12/npm_eslint/


∗∗∗ Cryptominers and stealers – malware edition ∗∗∗
---------------------------------------------
It all started in 2008 with a paper on the first decentralized digital currency, Bitcoin, created by an unknown person or persons referred to as Satoshi Nakamoto. Bitcoin is a peer-to-peer currency based on cryptography ..
---------------------------------------------
https://www.zscaler.com/blogs/research/cryptominers-and-stealers-malware-edition


∗∗∗ Patchday: Kritische Lücke in SAP Business Client ∗∗∗
---------------------------------------------
Im Juli hat SAP 11 neue Sicherheitswarnungen veröffentlicht. Davon gilt aber nur eine als kritisch. Sicherheitsupdates sind verfügbar.
---------------------------------------------
http://heise.de/-4108062


∗∗∗ Advanced Mobile Malware Campaign in India uses Malicious MDM ∗∗∗
---------------------------------------------
Cisco Talos has identified a highly targeted campaign against 13 iPhones which appears to be focused on India. The attacker deployed an open-source mobile device management (MDM) system to control enrolled devices. At this time, we dont know how the attacker ..
---------------------------------------------
https://blog.talosintelligence.com/2018/07/Mobile-Malware-Campaign-uses-Malicious-MDM.html


∗∗∗ Heres Why Your Static Website Needs HTTPS ∗∗∗
---------------------------------------------
It was Jan last year that I suggested HTTPS adoption had passed the "tipping point", that is, it had passed the moment of critical mass and as I said at the time, "will very shortly become the norm". Since that time, ..
---------------------------------------------
https://www.troyhunt.com/heres-why-your-static-website-needs-https/


∗∗∗ Gefälschte World4You-Phishingmail im Umlauf ∗∗∗
---------------------------------------------
Kriminelle versenden eine gefälschte World4You-Phishingmail. Darin fordern sie Empfänger/innen dazu auf, dass sie sich auf einer Website als echte Kontoinhaber/innen ausweisen. Geben Kund/innen ihre persönlichen Daten bekannt, übermitteln sie diese an Datendiebe. Verbrechen unter ihrem Namen sind möglich.
---------------------------------------------
https://www.watchlist-internet.at/news/gefaelschte-world4you-phishingmail-im-umlauf/


∗∗∗ IT-Security - Erpresser verschicken Drohmails mit echten Passwörtern ∗∗∗
---------------------------------------------
Wollen Nutzer beim Besuch von Pornoportalen gefilmt haben und verlangen "Schweigegeld"
---------------------------------------------
https://derstandard.at/2000083434963/Erpresser-verschicken-Drohmails-mit-echten-Passwoertern


=====================
=  Vulnerabilities  =
=====================


∗∗∗ Eaton 9000X Drive ∗∗∗
---------------------------------------------
This advisory includes mitigation recommendations for a stack-based buffer overflow vulnerability in the Eaton 9000X Drive.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-193-01


∗∗∗ JSA10864 - 2018-07 Security Bulletin: Junos OS: Junos OS: MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2), PTX3K-FPC3 and PTX1K: Line card may crash upon receipt of specific MPLS packet (CVE-2018-0030) ∗∗∗
---------------------------------------------
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10864&actp=RSS


∗∗∗ Critical Patch Update - July 2018 - Pre-Release Announcement ∗∗∗
---------------------------------------------
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily