[CERT-daily] Tageszusammenfassung - 08.03.2018

[Daily end-of-shift report]

=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 07-03-2018 18:00 − Donnerstag 08-03-2018 18:00
Handler:     Nina Bieringer
Co-Handler:  Alexander Riepl

=====================
=       News        =
=====================


∗∗∗ Microsoft Stops Malware Campaign That Tried to Infect 400,000 Users in 12 Hours ∗∗∗
---------------------------------------------
Microsoft revealed today that Windows Defender stopped a massive malware distribution campaign that attempted to infect over 400,000 users with a cryptocurrency miner during a 12-hour period on March 6, 2018.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/microsoft-stops-malware-campaign-that-tried-to-infect-400-000-users-in-12-hours/


∗∗∗ Memcached Amplification: Neue Hacker-Tools verursachen Rekord-DDoS-Angriffe ∗∗∗
---------------------------------------------
DDoS-Angriffe per Memcached Amplification sind erst seit etwa einer Woche bekannt, nun existieren einfach zu bedienende Werkzeuge für solche Attacken. Unter anderem wurde auf diese Art GitHub mit einem Rekord-Angriff aus dem Internet geschwemmt.
---------------------------------------------
https://www.heise.de/security/meldung/Memcached-Amplification-Neue-Hacker-Tools-verursachen-Rekord-DDoS-Angriffe-3988939.html


∗∗∗ Distrust of the Symantec PKI: Immediate action needed by site operators ∗∗∗
---------------------------------------------
We previously announced plans to deprecate Chrome’s trust in the Symantec certificate authority (including Symantec-owned brands like Thawte, VeriSign, Equifax, GeoTrust, and RapidSSL). This post outlines how site operators can determine if they’re affected by this ..
---------------------------------------------
https://security.googleblog.com/2018/03/distrust-of-symantec-pki-immediate.html



=====================
=  Vulnerabilities  =
=====================


∗∗∗ Cisco Releases Security Updates for Multiple Products ∗∗∗
---------------------------------------------
https://www.us-cert.gov/ncas/current-activity/2018/03/07/Cisco-Releases-Security-Updates-Multiple-Products


∗∗∗ DFN-CERT-2018-0455/">Red Hat JBoss Web Server: Mehrere Schwachstellen ermöglichen u.a. das Ausführen beliebigen Programmcodes ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2018-0455/


∗∗∗ rt-sa-2018-001 ∗∗∗
---------------------------------------------
https://www.redteam-pentesting.de/advisories/rt-sa-2018-001.txt

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily