[CERT-daily] Tageszusammenfassung - 26.07.2019

Fri Jul 26 18:06:26 CEST 2019

=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 25-07-2019 18:00 − Freitag 26-07-2019 18:00
Handler:     Robert Waldner
Co-Handler:  Dimitri Robl

=====================
=       News        =
=====================

∗∗∗ No More Ransom Success Story: Saves $108+ Million in Ransomware Payments ∗∗∗
---------------------------------------------
Today marks the third anniversary of No More Ransom and through its partners from the public and private sectors, law enforcement, academia, and researchers, the project has been able to help hundreds of thousands, if not millions, of victims get their encrypted files back for free.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/no-more-ransom-success-story-saves-108-million-in-ransomware-payments/


∗∗∗ New Loader Variant Behind Widespread Malware Attacks ∗∗∗
---------------------------------------------
Malware infection technique called TxHollower gets updated with stealthy features.
---------------------------------------------
https://threatpost.com/new-loader-variant-behind-widespread-malware-attacks/146683/


∗∗∗ MyDoom Still Active in 2019 ∗∗∗
---------------------------------------------
MyDoom is an infamous computer worm first noted in early 2004. This malware has been featured in top ten lists of the most destructive computer viruses, causing an estimated $38 billion in damage. Although now well past its heyday, MyDoom continues to be a presence in the cyber threat landscape. While not as prominent as other malware families, over the past few years MyDoom has remained relatively consistent, averaging approximately 1.1 percent of all emails we see with malware attachments.
---------------------------------------------
https://unit42.paloaltonetworks.com/mydoom-still-active-in-2019/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (libssh2 and patch), Fedora (kernel and kernel-headers), Mageia (vlc), Red Hat (rh-redis32-redis), SUSE (libgcrypt, libsolv, libzypp, zypper, and rmt-server), and Ubuntu (exim4, firefox, libebml, linux, linux-aws, linux-kvm, linux-raspi2, and vlc).
---------------------------------------------
https://lwn.net/Articles/794694/


∗∗∗ Vuln: Qualcomm Components CVE-2019-2307 Integer Underflow Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/109383


∗∗∗ Security Advisory - DoS Vulnerability in Huawei S Series Switch Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190522-01-switch-en


∗∗∗ Security Advisory - DoS Vulnerability in RTSP Module of Huawei Smart Phones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190523-01-smartphone-en


∗∗∗ IBM Security Bulletin: ViewONE is vulnerable to XXE attack via HTTP payload (CVE-2019-4456) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-viewone-is-vulnerable-to-xxe-attack-via-http-payload-cve-2019-4456/


∗∗∗ IBM Security Bulletin: Financial Transaction Manager for Digital Payments is affected by a potential SQL Injection vulnerability (CVE-2019-4032) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-financial-transaction-manager-for-digital-payments-is-affected-by-a-potential-sql-injection-vulnerability-cve-2019-4032/


∗∗∗ cURL and libcurl vulnerability CVE-2019-5436 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K55133295

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily