[CERT-daily] Tageszusammenfassung - 01.10.2019

Tue Oct 1 18:08:40 CEST 2019

=====================
= End-of-Day report =
=====================

Timeframe:   Montag 30-09-2019 18:00 − Dienstag 01-10-2019 18:00
Handler:     Stephan Richter
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Free Ouroboros Ransomware (Zeropadypt NextGen) Decryption Available ∗∗∗
---------------------------------------------
Victims of the Ouroboros Ransomware, otherwise known as Zeropadypt NextGen, can get their files decrypted for free with the help of a security researcher and a decryptor that has been made for different variants.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/free-ouroboros-ransomware-zeropadypt-nextgen-decryption-available/


∗∗∗ Beyond the SISSDEN event horizon ∗∗∗
---------------------------------------------
Between May 2016 and April 2019, The Shadowserver Foundation participated in the SISSDEN EU Horizon 2020 project. The main goal of the project was to improve the cybersecurity posture of EU entities and end users through the development of situational awareness and sharing of actionable information. It exceeded KPIs, with 257 sensors in 59 countries, using 974 IP addresses across 119 ASNs and 383 unique /24 (Class C) networks, and collected 31TB of threat data.
---------------------------------------------
https://www.shadowserver.org/news/beyond-the-sissden-event-horizon/


∗∗∗ Decades-Old Code Is Putting Millions of Critical Devices at Risk ∗∗∗
---------------------------------------------
Nearly two decades ago, a company called Interpeak created a network protocol that became an industry standard. It also had severe bugs that are only now coming to light.
---------------------------------------------
https://www.wired.com/story/urgent-11-ipnet-vulnerable-devices


∗∗∗ Vorsicht bei zu günstigen Technik-Angeboten ∗∗∗
---------------------------------------------
sgt-sonic.store, alpha-tech.store, omega-tech.store, grand-elec.store und beta-elec.store bieten ein breites Technik-Sortiment mit unschlagbaren Angeboten. Sehen Sie jedoch von einer Bestellung ab, denn es handelt sich um Fake-Shops. Die Ware wird trotz Vorab-Zahlung nie geliefert. Sie verlieren Ihr Geld!
---------------------------------------------
https://www.watchlist-internet.at/news/vorsicht-bei-zu-guenstigen-technik-angeboten/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Noch ein Update für iOS, iPadOS und watchOS ∗∗∗
---------------------------------------------
Bei Apple kommen die Aktualisierungen Schlag auf Schlag. iOS 13.1.2, iPadOS 13.1.2 und watchOS 6.0.1 beheben erneut Fehler.
---------------------------------------------
https://heise.de/-4543459


∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (apache2, linux-4.9, netty, phpbb3, and poppler), openSUSE (chromium, djvulibre, ghostscript, python-numpy, SDL2, and varnish), Oracle (nodejs:10), Red Hat (httpd24-httpd and httpd24-nghttp2, kpatch-patch, and rh-nodejs10-nodejs), and Ubuntu (linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, and SDL 2.0).
---------------------------------------------
https://lwn.net/Articles/801010/


∗∗∗ Red Hat Produkte: Mehrere Schwachstellen ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K19-0860


∗∗∗ Foxit Reader: Mehrere Schwachstellen ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K19-0862


∗∗∗ Theme Editor <= 2.1 - Multiple Vulnerabilities ∗∗∗
---------------------------------------------
https://wpvulndb.com/vulnerabilities/9894


∗∗∗ Cisco Webex Meetings Enumeration Attack ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191001-webex-enum


∗∗∗ IBM Security Bulletin: Multiple security vulnerabilities have been addressed in IBM Security Directory Server ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-security-vulnerabilities-have-been-addressed-in-ibm-security-directory-server/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affecting Rational Functional Tester ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affecting-rational-functional-tester-4/


∗∗∗ IBM Security Bulletin: Vulnerabilities in OpenSSL affect GCM16 & GCM32 and LCM8 & LCM16 KVM Switch Firmware (CVE-2018-0732 CVE-2019-1559) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabilities-in-openssl-affect-gcm16-gcm32-and-lcm8-lcm16-kvm-switch-firmware-cve-2018-0732-cve-2019-1559/


∗∗∗ HPESBHF03955 rev.1 - HPE Simplivity Omnistack, Local and Remote File Modification and Deletion ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03955en_us


∗∗∗ HPESBST03956 rev.1 - HPE Simplivity Omnistack, Local and Remote Arbitrary Command Execution ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03956en_us


∗∗∗ HPESBHF03954 rev.1 - HPE UioT, Remote Unauthorized Access and Access to sensitive Data ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03954en_us

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily