[CERT-daily] Tageszusammenfassung - 29.04.2019

Daily end-of-shift report team at cert.at
Mon Apr 29 18:11:35 CEST 2019


=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 26-04-2019 18:00 − Montag 29-04-2019 18:00
Handler:     Stephan Richter
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ GitHub-Hosted Magecart Card Skimmer Found on Hundreds of Stores ∗∗∗
---------------------------------------------
Malicious actors compromised the Magento installations of a few hundred e-commerce websites and injected them with Magecart skimmer scripts hosted on GitHub.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/github-hosted-magecart-card-skimmer-found-on-hundreds-of-stores/


∗∗∗ Old Vulnerabilities Are Still Good Tricks for Todays Attacks ∗∗∗
---------------------------------------------
The value of a security vulnerability drops significantly the moment it gets patched but the bad guys will keep exploiting it for as long as they can find victims that are worth the effort.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/old-vulnerabilities-are-still-good-tricks-for-todays-attacks/


∗∗∗ Typo 3 Spam Infection ∗∗∗
---------------------------------------------
Here at Sucuri most of the malware that we deal with is on CMS platforms like:  WordPress, Joomla, Drupal, Magento, and others.  But every now and then we come across something a little different. Blackhat SEO Infection in Typo3 Just recently, I discovered a website using the Typo3 CMS that had been infected with a blackhat SEO spam infection: [...]
---------------------------------------------
https://blog.sucuri.net/2019/04/typo-3-spam-infection.html


∗∗∗ Schwachstellen in P2P-Komponente: Zwei Millionen IoT-Geräte angreifbar ∗∗∗
---------------------------------------------
Angreifer könnten sich Fernzugriff auf IP-Kameras, smarte Türklingeln und Co. verschaffen. Ein Forscher rät zum Wegwerfen, nennt aber auch einen Workaround.
---------------------------------------------
https://heise.de/-4409298


∗∗∗ A Crash-Course in Card Shops ∗∗∗
---------------------------------------------
The notorious Joker's Stash is perhaps the best-known of many illicit shops in the deep & dark web (DDW) that specialize in, and serve as a primary means through which cybercriminals obtain, stolen payment card data. Commonly referred to as card shops, these shops can also be invaluable resources for those seeking to better understand and combat fraud and cybercrime. read more
---------------------------------------------
https://www.securityweek.com/crash-course-card-shops


∗∗∗ So schützen Sie sich vor Phishing-Versuchen ∗∗∗
---------------------------------------------
Beim Phishing versuchen Kriminelle mittels gefälschter E-Mails, Websites und Chat-Nachrichten, sensible Daten von Internetuser/innen abzugreifen. Durch einfach zu treffende Vorkehrungen und ein wachsames Auge kann vermieden werden, auf derartige Betrugsmaschen hereinzufallen. Dies ist wichtig, denn durch falsches Handeln können mitunter hohe finzielle Verluste entstehen.
---------------------------------------------
https://www.watchlist-internet.at/news/so-schuetzen-sie-sich-vor-phishing-versuchen/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Oracle patcht kritische Lücke in WebLogic Server außer der Reihe ∗∗∗
---------------------------------------------
Angreifer könnten WebLogic Server mit vergleichsweise wenig Aufwand attackieren und übernehmen. Nun hat Oracle Sicherheitsupdates veröffentlicht.
---------------------------------------------
https://heise.de/-4409153


∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (chromium, libpng, and openssh), Debian (checkstyle, evolution, gst-plugins-base0.10, gst-plugins-base1.0, imagemagick, libpng1.6, monit, and systemd), Fedora (aria2, php-symfony, php-symfony3, php-symfony4, and python-jinja2), openSUSE (ceph, libssh2_org, libvirt, php7, python3, samba, wget, and xerces-c), Red Hat (rh-python35-python), Slackware (bind), SUSE (libssh2_org), and Ubuntu (evince, gst-plugins-base0.10, gst-plugins-base1.0, and [...]
---------------------------------------------
https://lwn.net/Articles/787052/


∗∗∗ IBM Security Bulletin: IBM StoredIQ is affected by potential Host Header Injection (CVE-2019-4166) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-storediq-is-affected-by-potential-host-header-injection-cve-2019-4166/


∗∗∗ IBM Security Bulletin: Vulnerability in Spring Framework affects IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2018-15756) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-spring-framework-affects-ibm-tivoli-application-dependency-discovery-manager-taddm-cve-2018-15756/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affects IBM Storwize V7000 Unified ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affects-ibm-storwize-v7000-unified-3/


∗∗∗ IBM Security Bulletin : IBM Storwize V7000 Unified is affected by denial of service vulnerability in GPFS (CVE-2018-1783) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-storwize-v7000-unified-is-affected-by-denial-of-service-vulnerability-in-gpfs-cve-2018-1783/


∗∗∗ IBM Security Bulletin : IBM Storwize V7000 Unified is affected by arbitry file read vulnerability in GPFS ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-storwize-v7000-unified-is-affected-by-arbitry-file-read-vulnerability-in-gpfs/


∗∗∗ IBM Security Bulletin: Security Vulnerabilities in IBM® Java SDK affect Rational Method Composer March 2019 CPU ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-security-vulnerabilities-in-ibm-java-sdk-affect-rational-method-composer-march-2019-cpu/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoint-and-content-collector-4/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list