[CERT-daily] Tageszusammenfassung - 02.12.2019

Mon Dec 2 18:06:41 CET 2019

=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 29-11-2019 18:00 − Montag 02-12-2019 18:00
Handler:     Robert Waldner
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Cybercrime-Bericht 2018: Kriminalität im Netz bleibt große Herausforderung ∗∗∗
---------------------------------------------
Auch im Jahr 2018 verzeichnete das Cybercrime Competence Center (C4) des Bundeskriminalamtes eine Zunahme von Cybercrime Delikten. Im Vergleich zum Vorjahr wurde ein Anstieg von 16,8 Prozent registriert, vorwiegend im Bereich Internetbetrug.
---------------------------------------------
http://www.bmi.gv.at/news.aspx?id=6D4D326A543767595673593D


∗∗∗ Analysis of Malicious ElectrumX Servers Source Code ∗∗∗
---------------------------------------------
Recently I have found some malicious ElectrumX nodes in the Electrum network that are still being connected by the Electrum software. In this post I share some information about these nodes and the ElectrumX patched code that they execute.
---------------------------------------------
http://www.peppermalware.com/2019/12/analysis-of-malicious-electrumx-servers.html


∗∗∗ Polizei warnt vor professionellen Fake-Shops im Internet ∗∗∗
---------------------------------------------
In der Weihnachtszeit wird kräftig online eingekauft. Das machen sich auch Betrüger zunutze. Experten der Polizei warnen gerade jetzt vor deren Maschen.
---------------------------------------------
https://heise.de/-4600046


∗∗∗ Insight into NIS Directive sectoral incident response capabilities ∗∗∗
---------------------------------------------
The report provides a deeper insight into NISD sectoral Incident Response capabilities, procedures, processes and tools to identify the trends and possible gaps and overlaps. 
---------------------------------------------
https://www.helpnetsecurity.com/2019/12/02/nis-directive-incident-response/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Multiple Critical Vulnerabilities in SALTO ProAccess SPACE ∗∗∗
---------------------------------------------
In the software SALTO ProAccess Space ... multiple typical web application vulnerabilities got identified. An authenticated attacker was able to exploit a path traversal vulnerability to backup arbitrary files into the web root. This allowed an attacker to export the database into the web root and download it.
Furthermore, it was possible to combine another export feature with the path traversal vulnerability to write arbitrary contents to arbitrary locations on the backend Windows server. 
---------------------------------------------
https://sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-salto-proaccess-space/


∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (389-ds-base, asterisk, file, nss, proftpd-dfsg, ssvnc, and tnef), Fedora (chromium, djvulibre, freeradius, ImageMagick, jhead, kernel, phpMyAdmin, python-pillow, and rubygem-rmagick), Mageia (bzip2, chromium-browser-stable, curl, dbus, djvulibre, glib2.0, glibc, gnupg2, httpie, libreoffice, libssh2, mosquitto, nginx, python-sqlalchemy, unbound, and zipios++), openSUSE (bluez, clamav, cpio, freerdp, openafs, phpMyAdmin, strongswan, and webkit2gtk3),
---------------------------------------------
https://lwn.net/Articles/806079/


∗∗∗ Multiple Cisco Analog Telephone Adapters Remote Code Execution Vulnerabilities ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-spa-rce


∗∗∗ Cisco Webex Teams and Cisco Webex Meetings Client DLL Hijacking Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-webex-teams-dll

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily