[CERT-daily] Tageszusammenfassung - 19.07.2018

Thu Jul 19 18:07:26 CEST 2018

=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 18-07-2018 18:00 − Donnerstag 19-07-2018 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a

=====================
=       News        =
=====================


∗∗∗ Adult Site Blackmail Spammers made Over $50K in One Week ∗∗∗
---------------------------------------------
After examining 42 bitcoin addresses associated with a current extortion scam, it was discovered that over $50,000 USD in payments have been made.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/adult-site-blackmail-spammers-made-over-50k-in-one-week/


∗∗∗ Security: OpenBSD versteckt und enthüllt Dateisystemzugriffe ∗∗∗
---------------------------------------------
Zusätzlich zum Filtern von Systemaufrufen erstellt das Team von OpenBSD eine Technik, um Dateisystemzugriffe einer Anwendung weitgehend zu beschränken. Beide Techniken sollen sich ergänzen und das Ausführen von Anwendungen sicherer machen.
---------------------------------------------
https://www.golem.de/news/security-openbsd-versteckt-und-enthuellt-dateisystemzugriffe-1807-135566.html


∗∗∗ Credential Stuffing: 90 Prozent der Onlineshop-Logins kommen von Unbefugten ∗∗∗
---------------------------------------------
Obwohl es 2017 weniger Fälle geleakter Zugangsdaten gab, blüht der Handel mit E-Mail-Adressen und Passwörtern wie eh und je. Das funktioniert auch deswegen so gut, weil Nutzer noch immer ein und dasselbe Passwort für verschiedene Konten verwenden.
---------------------------------------------
https://www.golem.de/news/credential-stuffing-90-prozent-der-onlineshop-logins-kommen-von-unbefugten-1807-135574-rss.html


∗∗∗ Hiding Malware Inside Images on GoogleUserContent ∗∗∗
---------------------------------------------
If you have been following our blog for a long time, you might remember us writing about malware that used EXIF data to hide its code. This technique is still in use. Let us show you a recent example. Contaminated Pac-Man This code was found at the beginning of a malicious script that steals PayPal security tokens. As you ..
---------------------------------------------
https://blog.sucuri.net/2018/07/hiding-malware-inside-images-on-googleusercontent.html


=====================
=  Vulnerabilities  =
=====================


∗∗∗ Cisco Webex Teams Remote Code Execution Vulnerability ∗∗∗
---------------------------------------------
A vulnerability in Cisco Webex Teams could allow an unauthenticated, remote attacker to execute arbitrary code on the user’s device, possibly with elevated privileges.The vulnerability occurs ..
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-teams-rce


∗∗∗ Cisco Webex Network Recording Players Remote Code Execution Vulnerabilities ∗∗∗
---------------------------------------------
Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by ..
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-rce


∗∗∗ Cisco Unified Communications Manager IM And Presence Service Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
A vulnerability in the web framework of the Cisco Unified Communications Manager IM and Presence Service software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack ..
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-ucmim-ps-xss


∗∗∗ Multiple Vulnerabilities in Cisco Unified Contact Center Express ∗∗∗
---------------------------------------------
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting ..
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-uccx


∗∗∗ DSA-4250 wordpress - security update ∗∗∗
---------------------------------------------
https://www.debian.org/security/2018/dsa-4250


∗∗∗ DSA-4251 vlc - security update ∗∗∗
---------------------------------------------
https://www.debian.org/security/2018/dsa-4251

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily