[CERT-daily] Tageszusammenfassung - 29.05.2018

Tue May 29 18:07:41 CEST 2018

=====================
= End-of-Day report =
=====================

Timeframe:   Montag 28-05-2018 18:00 − Dienstag 29-05-2018 18:00
Handler:     Alexander Riepl
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Cobalt Hacking Group Still Active Despite Leaders Arrest ∗∗∗
---------------------------------------------
Despite their leaders arrest in Spain two months ago, the Cobalt hacker group thats specialized in stealing money from banks and financial institutions has remained active, even launching a new campaign.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/cobalt-hacking-group-still-active-despite-leaders-arrest/


∗∗∗ 2018 Fraud World Cup ∗∗∗
---------------------------------------------
There are only two weeks to go before the start of the massive soccer event - FIFA World Cup. This championship has already attracted the attention of millions worldwide, including a fair few cybercriminals. Long before kick-off, email accounts began bulging with soccer-related spam, and scammers started exploiting the topic in mailings and creating World Cup-themed phishing pages.
---------------------------------------------
https://securelist.com/2018-fraud-world-cup/85878/


∗∗∗ Qihoo 360 discovers high-risk security issues in EOS, says 80% digital wallets have problems ∗∗∗
---------------------------------------------
Blockchain platform EOS is facing a series of high-risk security vulnerabilities, according to Chinese cybersecurity company Qihoo 360 which published a report on May 29. The company's Vulcan team discovered that attacks can be remotely executed on the EOS node, TechNode's Chinese sister site reports.
---------------------------------------------
https://technode.com/2018/05/29/qihoo-360-security-issues-eos/


∗∗∗ New LTS Release ∗∗∗
---------------------------------------------
Back around the end of 2014 we posted our release strategy. This was the first time we defined support timelines for our releases, and added the concept of an LTS (long-term support) release. At our OMC meeting earlier this month, we picked our next LTS release. This post walks through that announcement, and tries to explain all the implications of it.
---------------------------------------------
https://www.openssl.org/blog/blog/2018/05/18/new-lts/


∗∗∗ Kritische Lücken in IBMs Sicherheits-Lösung QRadar ∗∗∗
---------------------------------------------
Ausgerechnet in der Sicherheitslösung QRadar, die Angriffe aufdecken und verhindern soll, klafften kritische Lücken, die externen Angreifern vollen Zugriff gewährten.
---------------------------------------------
http://heise.de/-4060177


∗∗∗ Keine 359,88 Euro an MEDIA ADVICE LIMITED bezahlen! ∗∗∗
---------------------------------------------
Die betrügerische Media Advice Limited betreibt verschiedene Streaming-Plattformen, wie tutoflix.de, soloflix.de oder megaflix.de. InteressentInnen sollen sich auf den Websites registrieren, um Zugriff auf das Film-Angebot zu bekommen. Wer den Anweisungen folgt, wird böse überrascht, denn die Registrierung führt zu einer Premium-Mitgliedschaft, die Kosten von 359,88 Euro pro Jahr verursacht. Der Betrag sollte auf keinen Fall bezahlt werden, denn ein gültiger Vertrag kam
---------------------------------------------
https://www.watchlist-internet.at/news/keine-35988-euro-an-media-advice-limited-bezahlen/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ GNU Barcode 0.99 Memory Leak ∗∗∗
---------------------------------------------
GNU Barcode suffers from a memory leak vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the cmdline.c, which can be exploited to cause a memory leak via a specially crafted file. The vulnerability is confirmed in version 0.99. Other versions may also be affected.
---------------------------------------------
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5471.php


∗∗∗ GNU Barcode 0.99 Buffer Overflow ∗∗∗
---------------------------------------------
The vulnerability is caused due to a boundary error in the processing of an input file, which can be exploited to cause a buffer overflow when a user processes e.g. a specially crafted file. Successful exploitation could allow execution of arbitrary code on the affected machine.
---------------------------------------------
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5470.php


∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (wireshark), Fedora (kernel), openSUSE (enigmail), Red Hat (kernel), SUSE (cairo, java-1_7_0-ibm, libvirt, perl-DBD-mysql, and xen), and Ubuntu (batik and isc-dhcp).
---------------------------------------------
https://lwn.net/Articles/755884/


∗∗∗ WordPress plugin "Site Reviews" vulnerable to cross-site scripting ∗∗∗
---------------------------------------------
https://jvn.jp/en/jp/JVN60978548/


∗∗∗ WordPress plugin "Email Subscribers & Newsletters" vulnerable to cross-site scripting ∗∗∗
---------------------------------------------
https://jvn.jp/en/jp/JVN16471686/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for SAP Applications ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=swg22014445


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus and WebSphere Message Broker ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22016387


∗∗∗ Unprotected WiFi access & Unencrypted data transfer in Vgate iCar2 OBD2 Dongle ∗∗∗
---------------------------------------------
https://www.sec-consult.com/en/blog/advisories/unprotected-wifi-access-unencrypted-data-transfer-in-vgate-icar2-wifi-obd2-dongle/


∗∗∗ Spring Framework vulnerability CVE-2018-1258 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K18193959


∗∗∗ HPESBHF03852 rev.1 - HPE Intelligent Management Center (iMC) Wireless Service Manager (WSM) Software, Remote Code Execution ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03852en_us

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily