[CERT-daily] Tageszusammenfassung - 21.10.2019

Daily end-of-shift report team at cert.at
Mon Oct 21 18:24:08 CEST 2019


=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 18-10-2019 18:00 − Montag 21-10-2019 18:00
Handler:     Stephan Richter
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Avast Network Breached As Hackers Target CCleaner Again ∗∗∗
---------------------------------------------
Avast said it believes that threat actors are again looking to target CCleaner in a supply chain attack.
---------------------------------------------
https://threatpost.com/avast-network-breached-as-hackers-target-ccleaner-again/149358/


∗∗∗ Attention: Your blog may be used to spread the Emotet Trojan! ∗∗∗
---------------------------------------------
Emotet was originally a banking Trojan that targeted bank customers in Europe and stole relevant bank credentials. In 2017, Emotet changed its business model from [...]
---------------------------------------------
https://blog.360totalsecurity.com/en/attention-your-blog-may-be-used-to-spread-the-emotet-trojan/


∗∗∗ Winnti Group’s skip‑2.0: A Microsoft SQL Server backdoor ∗∗∗
---------------------------------------------
Notorious cyberespionage group debases MSSQL
---------------------------------------------
https://www.welivesecurity.com/2019/10/21/winnti-group-skip2-0-microsoft-sql-server-backdoor/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Linux: Kritische Zeroday-Lücke im WLAN-Treiber ∗∗∗
---------------------------------------------
Mit speziell präparierten WLAN-Paketen könnten Angreifer Linux-Systeme kapern, die Realtek-Chips einsetzen.
---------------------------------------------
https://heise.de/-4562505


∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (aspell, graphite-web, imagemagick, mediawiki, milkytracker, nfs-utils, and openjdk-11), Fedora (kernel, kernel-headers, kernel-tools, mediawiki, and radare2), openSUSE (dhcp, libpcap, lighttpd, and tcpdump), Scientific Linux (java-1.8.0-openjdk), Slackware (python), SUSE (bluez, kernel, and python-xdg), and Ubuntu (aspell).
---------------------------------------------
https://lwn.net/Articles/802776/


∗∗∗ AVM FRITZ!OS: Schwachstelle ermöglicht Offenlegung von Informationen ∗∗∗
---------------------------------------------
https://www.bsi-fuer-buerger.de/SharedDocs/Warnmeldungen/DE/TW/2019/10/warnmeldung_tw-t19-0150.html


∗∗∗ Trend Micro Anti-Threat Toolkit (ATTK) < = v1.62.0.1218 Remote Code Execution 0day ∗∗∗
---------------------------------------------
https://cxsecurity.com/issue/WLB-2019100137


∗∗∗ IBM Security Bulletin: Version 8.15.0 of Node.js included in IBM Cloud Event Management 2.3.0 has several security vulnerabilities. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-version-8-15-0-of-node-js-included-in-ibm-cloud-event-management-2-3-0-has-several-security-vulnerabilities/


∗∗∗ IBM Security Bulletin: IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise Edition is affected by HTTP Server vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-cloud-orchestrator-and-ibm-cloud-orchestrator-enterprise-edition-is-affected-by-http-server-vulnerabilities/


∗∗∗ IBM Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise (CVE-2018-1996) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-security-vulnerability-has-been-identified-in-websphere-application-server-shipped-with-ibm-cloud-orchestrator-and-ibm-cloud-orchestrator-enterprise-cve-2018-1996/


∗∗∗ Linux kernel vulnerability CVE-2019-16089 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K03814795?utm_source=f5support&utm_medium=RSS


∗∗∗ Linux kernel vulnerability CVE-2019-15666 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K53420251?utm_source=f5support&utm_medium=RSS


∗∗∗ Authentication Bypass Vulnerability in the Management Interface of Citrix Application Delivery Controller and Citrix Gateway ∗∗∗
---------------------------------------------
https://support.citrix.com/article/CTX261055

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list