[CERT-daily] Tageszusammenfassung - 17.07.2018

Daily end-of-shift report team at cert.at
Tue Jul 17 18:07:18 CEST 2018


=====================
= End-of-Day report =
=====================

Timeframe:   Montag 16-07-2018 18:00 − Dienstag 17-07-2018 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a

=====================
=       News        =
=====================


∗∗∗ Blackgear Cyberespionage Campaign Resurfaces, Abuses Social Media for C&C Communication ∗∗∗
---------------------------------------------
Blackgear (also known as Topgear and Comnie) is a cyberespionage campaign dating back to 2008, at least based on the Protux backdoor used by its operators. It targets organizations in Japan, South Korea, and Taiwan, leveling its attacks on public sector agencies and telecommunications and other high-technology industries. In 2016, for instance, we ..
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/6Rxca1hyaeA/


∗∗∗ Sicherheitsupdates: Angreifer könnte Passwörter in Typo3 überschreiben ∗∗∗
---------------------------------------------
Im freien Content Management System Typo3 klaffen mitunter kritische Sicherheitslücken. Patches schließen mehrere Schwachstellen.
---------------------------------------------
http://heise.de/-4111640


∗∗∗ 007: Schutzsoftware mit der Lizenz zum Töten von Spectre-Code ∗∗∗
---------------------------------------------
Eine neue, nach James Bond benannte Schutztechnik, soll Spectre-Schwachstellen mit nur 2 Prozent Performance-Einbußen in Programmcode erkennen und eliminieren.
---------------------------------------------
http://heise.de/-4112150


∗∗∗ A deep dive down the Vermin RAThole ∗∗∗
---------------------------------------------
ESET researchers have analyzed remote access tools cybercriminals have been using in an ongoing espionage campaign to systematically spy on Ukrainian government institutions ..
---------------------------------------------
https://www.welivesecurity.com/2018/07/17/deep-dive-vermin-rathole/


=====================
=  Vulnerabilities  =
=====================


∗∗∗ DSA-4247 ruby-rack-protection - security update ∗∗∗
---------------------------------------------
A timing attack was discovered in the function for CSRF token validationof the Ruby rack protection framework.
---------------------------------------------
https://www.debian.org/security/2018/dsa-4247

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list