[CERT-daily] Tageszusammenfassung - 28.05.2019

Tue May 28 18:10:56 CEST 2019

=====================
= End-of-Day report =
=====================

Timeframe:   Montag 27-05-2019 18:00 − Dienstag 28-05-2019 18:00
Handler:     Dimitri Robl
Co-Handler:  Robert Waldner

=====================
=       News        =
=====================

∗∗∗ DNSSEC-Chain: DANE für Browser ist praktisch tot ∗∗∗
---------------------------------------------
Eine TLS-Erweiterung sollte die Nutzung von DANE und DNSSEC im Browser erleichtern und die Validierung beschleunigen. Der Vorschlag wird nun aber offenbar nicht weiter verfolgt.
---------------------------------------------
https://www.golem.de/news/dnssec-chain-dane-fuer-browser-ist-praktisch-tot-1905-141559-rss.html


∗∗∗ Google-protected mobile browsers were open to phishing for over a year ∗∗∗
---------------------------------------------
Researchers revealed a massive hole in Google Safe Browsings mobile browser protection that existed for over a year.
---------------------------------------------
https://nakedsecurity.sophos.com/2019/05/28/google-protected-mobile-browsers-left-open-to-phishing-attacks-for-over-a-year/


∗∗∗ Return to the City of Cron – Malware Infections on Joomla and WordPress ∗∗∗
---------------------------------------------
We recently had a client that had a persistent malware infection on their shared hosting environment that would re-infect the files quickly after we had cleaned them. The persistence was being created by a cron that was scheduled to download malware from a third party domain.
---------------------------------------------
https://blog.sucuri.net/2019/05/return-to-the-city-of-cron-malware-infections-on-joomla-and-wordpress.html


∗∗∗ W3C und WHATWG erarbeiten künftig gemeinsam die HTML-Spezifikation ∗∗∗
---------------------------------------------
Das World Wide Web Consortium und die Arbeitsgruppe WHATWG bündeln ihre Bemühungen zur Standardisierung der Webtechniken.
---------------------------------------------
https://heise.de/-4433970


∗∗∗ Bitcoin-Erpressungsversuch gegen Unternehmen und Website-Betreiber/innen ∗∗∗
---------------------------------------------
Unternehmen und Website-Betreiber/innen erhalten momentan erpresserische Nachrichten per E-Mail, in Kommentarfunktionen oder in Chats. Kriminelle drohen damit, Millionen von Spam-Nachrichten im Namen der Betroffenen zu verschicken, wenn nicht binnen kurzer Zeit ein hoher Geldbetrag in Bitcoin bezahlt wird. Wir gehen von leeren Drohungen aus, raten aber dennoch zu einer Anzeige wegen Erpressung.
---------------------------------------------
https://www.watchlist-internet.at/news/bitcoin-erpressungsversuch-gegen-unternehmen-und-website-betreiberinnen/


∗∗∗ Emissary Panda Attacks Middle East Government Sharepoint Servers ∗∗∗
---------------------------------------------
Our latest research shows attacks against Middle East government Sharepoint servers using a newly patched vulnerability.
---------------------------------------------
https://unit42.paloaltonetworks.com/emissary-panda-attacks-middle-east-government-sharepoint-servers/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ SAP UI5 1.0.0 is vulnerable to Content Spoofing in multiples parameters ∗∗∗
---------------------------------------------
https://cxsecurity.com/issue/WLB-2019050283


∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (firefox and thunderbird), Debian (sox and vcftools), Fedora (safelease and sharpziplib), openSUSE (chromium, evolution, graphviz, nmap, systemd, transfig, and ucode-intel), Red Hat (pacemaker), SUSE (curl, libvirt, openssl, php7, php72, and systemd), and Ubuntu (gnome-desktop3, keepalived, and samba).
---------------------------------------------
https://lwn.net/Articles/789595/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily