[CERT-daily] Tageszusammenfassung - 13.02.2019

[Daily end-of-shift report]

=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 12-02-2019 18:00 − Mittwoch 13-02-2019 18:00
Handler:     Stephan Richter
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ 13 Popular Wireless Hacking Tools [Updated for 2019] ∗∗∗
---------------------------------------------
Introduction to 13 Popular Wireless Hacking Tools Internet is now the basic need of our daily life. With the increasing use of smartphones, most of the things are now online. Every time we have to do something, we just use our smartphone or desktop. This is the reason wi-fi hotspots can be found everywhere. People also [...]
---------------------------------------------
https://resources.infosecinstitute.com/13-popular-wireless-hacking-tools/


∗∗∗ Siemens Warns of Critical Remote-Code Execution ICS Flaw ∗∗∗
---------------------------------------------
The affected SICAM 230 process control system is used as an integrated energy system for utility companies, and as a monitoring system for smart-grid applications.
---------------------------------------------
https://threatpost.com/siemens-critical-remote-code-execution/141768/


∗∗∗ Fake Updates campaign still active in 2019 ∗∗∗
---------------------------------------------
Last week on 2019-02-06, @baberpervez2 tweeted about a compromised website used by the Fake Updates campaign (link to tweet). The Fake Updates campaign uses compromised websites that generate traffic to a fake update page. The type of fake update page depends on your web browser. Victims would see a fake Flash update page when using Internet Explorer, a fake Chrome update page when using Google Chrome, or a fake Firefox update page when using Firefox.
---------------------------------------------
https://isc.sans.edu/forums/diary/Fake+Updates+campaign+still+active+in+2019/24640/


∗∗∗ Patchday: Attacken gegen Internet Explorer ∗∗∗
---------------------------------------------
Microsoft hat wichtige Sicherheitsupdates für Office, Windows & Co. veröffentlicht. Mehre Schwachstellen gelten als kritisch.
---------------------------------------------
http://heise.de/-4307548


∗∗∗ Patchday: Adobe schützt ColdFusion und Reader vor Schadcode ∗∗∗
---------------------------------------------
Adobe Acrobat, ColdFusion und Reader sind über kritische Sicherheitslücken angreifbar. Updates schaffen Abhilfe.
---------------------------------------------
http://heise.de/-4307619


∗∗∗ Patchday: SAP stopft kritische Lücken im Software-Portfolio ∗∗∗
---------------------------------------------
Der deutsche Softwarehersteller SAP hat wichtige Sicherheitsupdates für zum Beispiel Commerce und BW/4HANA veröffentlicht.
---------------------------------------------
http://heise.de/-4308113


∗∗∗ Xiaomi-Scooter lässt sich über Bluetooth kapern ∗∗∗
---------------------------------------------
Unbefugte können den Xiaomi M365 stoppen oder beschleunigen, was für den Fahrer lebensgefährlich ist. Auch andere Marken könnten betroffen sein.
---------------------------------------------
http://heise.de/-4307588


∗∗∗ Phishing-Welle: Warnung vor falschen Microsoft-Mails und Telekom-Rechnungen ∗∗∗
---------------------------------------------
Gefälschte Microsoft-E-Mails, die den Trojaner Emotet verbreiten, sowie vermeintliche Telekom-Rechnungen sind im Umlauf.
---------------------------------------------
http://heise.de/-4308122


∗∗∗ Kein Geld an vermeintliche Airbnb-Agent/innen ins Ausland zahlen! ∗∗∗
---------------------------------------------
Wohnungssuchende stoßen bei Immobilienplattformen auf unglaublich günstige Inserate. Konsument/innen, die Kontakt aufnehmen, erhalten von Vermieter/innen schnell positive Rückmeldung. Da diese sich im Ausland befinden, soll Airbnb für Schlüsselübergabe und Besichtigungstermin als Treuhand fungieren. Konsument/innen dürfen nichts überweisen! Die Inserate sind gefälscht und das Geld ist verloren.
---------------------------------------------
https://www.watchlist-internet.at/news/kein-geld-an-vermeintliche-airbnb-agentinnen-ins-ausland-zahlen/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ OSIsoft PI Vision ∗∗∗
---------------------------------------------
This advisory includes mitigations for a cross-site scripting vulnerability in OSIsofts PI Vision web page application.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-043-01


∗∗∗ Security Advisory for Malware on QTS ∗∗∗
---------------------------------------------
A recently reported malware is known to affect QNAP NAS devices. We are currently analyzing the malware and will provide the solution as soon as possible.
---------------------------------------------
https://www.qnap.com/en/security-advisory/nas-201902-13


*** Security updates for Wednesday ***
---------------------------------------------
Security updates have been issued by Arch Linux (aubio, curl, lib32-curl, lib32-libcurl-compat, lib32-libcurl-gnutls, libcurl-gnutls, libu2f-host, python-django, python2-django, rdesktop, and runc), Debian (flatpak), Fedora (flatpak, pdns-recursor, rdesktop, tomcat, and xerces-c27), Mageia (cinnamon, docker, dovecot, golang, java-1.8.0-openjdk, jruby, libarchive, libgd, libtiff, libvncserver, opencontainers-runc, openssh, python-marshmallow, thunderbird, and transfig), openSUSE (python-slixmpp), Oracle (kernel), Red Hat (redhat-virtualization-host), Slackware (lxc), SUSE (curl, firefox, LibVNCServer, nginx, php7, python-numpy, runc, SMS3.2, and thunderbird), and Ubuntu (gvfs, python-django, snapd, and webkit2gtk).
---------------------------------------------
https://lwn.net/Articles/779719/


∗∗∗ D-LINK Router: Schwachstelle ermöglicht Erlangen von Administratorrechten ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K19-0140


∗∗∗ IBM Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private – fluentd ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-security-vulnerabilities-affect-ibm-cloud-private-fluentd/


∗∗∗ IBM Security Bulletin: IBM Rational ClearCase GIT connector password exposure (CVE-2019-4059) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-rational-clearcase-git-connector-password-exposure-cve-2019-4059/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Agile Service Manager ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-agile-service-manager/


∗∗∗ IBM Security Bulletin: Enterprise Content Management System Monitor is affected by a vulnerability in IBM® SDK Java™ Technology Edition ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-enterprise-content-management-system-monitor-is-affected-by-a-vulnerability-in-ibm-sdk-java-technology-edition/


∗∗∗ IBM Security Bulletin: IBM PureApplication Service is affected by a GPFS vulnerability (CVE-2018-1783) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-pureapplication-service-is-affected-by-a-gpfs-vulnerability-cve-2018-1783/


∗∗∗ IBM Security Bulletin: IBM PureApplication System is affected by a GPFS vulnerability (CVE-2018-1783) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-pureapplication-system-is-affected-by-a-gpfs-vulnerability-cve-2018-1783/


∗∗∗ IBM Security Bulletin: A security vulnerability has been identified in Ansible shipped with Data Science Experience Local ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-security-vulnerability-has-been-identified-in-ansible-shipped-with-data-science-experience-local/


∗∗∗ IBM Security Bulletin: IBM Data Science Experience Local is affected by continuous traffic to a US Softlayer server ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-data-science-experience-local-is-affected-by-continuous-traffic-to-a-us-softlayer-server/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily