[CERT-daily] Tageszusammenfassung - 27.08.2019

Tue Aug 27 18:07:48 CEST 2019

=====================
= End-of-Day report =
=====================

Timeframe:   Montag 26-08-2019 18:00 − Dienstag 27-08-2019 18:00
Handler:     Dimitri Robl
Co-Handler:  Robert Waldner

=====================
=       News        =
=====================

∗∗∗ macOS: Zurückgelassene Helper-Tools als Sicherheitsproblem ∗∗∗
---------------------------------------------
"Privileged Helper Tools" können es Mac-Malware erlauben, Root-Rechte zu erlangen, warnt ein Entwickler. Nutzer sollten zum Schutz selbst aktiv werden.
---------------------------------------------
https://heise.de/-4507656


∗∗∗ Mobile Menace Monday: Android Trojan raises xHelper ∗∗∗
---------------------------------------------
Since its introduction in May 2019, the xHelper dropper, an Android Trojan, has climbed to our top 10 list of most detected mobile malware.
---------------------------------------------
https://blog.malwarebytes.com/android/2019/08/mobile-menace-monday-android-trojan-raises-xhelper/


∗∗∗ New 4CAN tool helps identify vulnerabilities in on-board car computers ∗∗∗
---------------------------------------------
Modern automobiles contain hundreds of sensors and mechanics that communicate via computers to understand their surrounding environment. Those components provide real-time information to drivers, connect the vehicle to a global network, and in some cases use that telemetry to automatically drive the vehicle. Like any computer, those in vehicles are susceptible to threats, such as vulnerabilities in software ...
---------------------------------------------
https://blog.talosintelligence.com/2019/08/new-4can-tool-helps-identify.html


∗∗∗ Free Decryption Tool Released for Syrk Ransomware ∗∗∗
---------------------------------------------
Security researchers have released a decryption tool which victims of Syrk ransomware can use to recover their files for free. Emsisoft found that Syrk arrived with its own decryptor, but the security firm decided to release its own utility for three reasons. 
---------------------------------------------
https://www.tripwire.com/state-of-security/security-data-protection/free-decryption-tool-released-for-syrk-ransomware/


∗∗∗ Lojack’d: Pwning Smart vehicle trackers ∗∗∗
---------------------------------------------
This research is by @evstykas with help from @Yekki_1 and @TheKenMunroShow. Many car insurers insist that smart trackers are fitted to high end vehicles. In the event of theft, the car can be tracked and recovered. Probably the most well-known is LoJack, also known as Tracker in Europe.
---------------------------------------------
https://www.pentestpartners.com/security-blog/lojackd-pwning-smart-vehicle-trackers/


∗∗∗ Aufgepasst: Es kursieren gefährliche Raiffeisen-Phishing-Mails ∗∗∗
---------------------------------------------
Aktuell sind wieder Phishing-Mails im Namen der Raiffeisen Bank unterwegs. Angeblich ist eine Nachricht für Sie eingegangen. Um diese zu lesen, werden Sie aufgefordert, einem Link zu folgen. Sie landen auf einem Nachbau der Raiffeisen-Login-Seite. Kriminelle versuchen so, an Ihre Zugangsdaten zu kommen.
---------------------------------------------
https://www.watchlist-internet.at/news/aufgepasst-es-kursieren-gefaehrliche-raiffeisen-phishing-mails/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Betriebssystem: Apple patcht WatchOS und iOS ∗∗∗
---------------------------------------------
Nutzer von Apples mobilen Betriebssystemen haben gegebenenfalls eine Update-Benachrichtigung auf ihren Geräten. Apple hat sowohl für die Apple Watch als auch für iPhone, iPod Touch und iPad ein neues Betriebssystem freigegeben. Unter iOS wird dabei auch eine Sicherheitslücke geschlossen. 
---------------------------------------------
https://www.golem.de/news/betriebssystem-apple-patcht-watchos-und-ios-1908-143448-rss.html


∗∗∗ Google Releases Security Updates for Chrome ∗∗∗
---------------------------------------------
Google has released Chrome version 76.0.3809.132 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.
---------------------------------------------
https://www.us-cert.gov/ncas/current-activity/2019/08/27/google-releases-security-updates-chrome


∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (apache2 and xymon), openSUSE (putty and vlc), Red Hat (kernel and ruby), Scientific Linux (advancecomp, bind, binutils, blktrace, compat-libtiff3, curl, dhcp, elfutils, exempi, exiv2, fence-agents, freerdp and vinagre, ghostscript, glibc, gvfs, http-parser, httpd, kde-workspace, keepalived, kernel, keycloak-httpd-client-install, libarchive, libcgroup, libguestfs-winsupport, libjpeg-turbo, libmspack, libreoffice, libsolv, libssh2, libtiff, libvirt, ...
---------------------------------------------
https://lwn.net/Articles/797442/


∗∗∗ IBM Security Bulletin: Apache Tomcat as used in IBM QRadar SIEM is vulnerable to a denial of service (CVE-2019-10072) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-apache-tomcat-as-used-in-ibm-qradar-siem-is-vulnerable-to-a-denial-of-service-cve-2019-10072/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily