[CERT-daily] Tageszusammenfassung - 11.12.2020

Daily end-of-shift report team at cert.at
Fri Dec 11 18:12:53 CET 2020


=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 10-12-2020 18:00 − Freitag 11-12-2020 18:00
Handler:     Stephan Richter
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Widespread malware campaign seeks to silently inject ads into search results, affects multiple browsers ∗∗∗
---------------------------------------------
A persistent malware campaign has been actively distributing Adrozek, an evolved browser modifier malware at scale since at least May 2020. At its peak in August, the threat was observed on over 30,000 devices every day. The malware is designed to inject ads into search engine results pages and affects multiple browsers.
---------------------------------------------
https://www.microsoft.com/security/blog/2020/12/10/widespread-malware-campaign-seeks-to-silently-inject-ads-into-search-results-affects-multiple-browsers/


∗∗∗ Symantec Messaging Gateway könnte Passwörter leaken ∗∗∗
---------------------------------------------
Es ist ein wichtiges Sicherheitsupdate für Symantec Messaging Gateway erschienen.
---------------------------------------------
https://heise.de/-4986723


∗∗∗ PoC Released for Unpatched Windows Vulnerability Present Since 2006 ∗∗∗
---------------------------------------------
Details and a proof-of-concept (PoC) exploit have been released for an unpatched privilege escalation vulnerability in Windows related to the PsExec administration tool. The vulnerability was discovered by Tenable researcher David Wells and it was disclosed this week after Microsoft failed to release a patch within 90 days.
---------------------------------------------
https://www.securityweek.com/poc-released-unpatched-windows-vulnerability-present-2006


∗∗∗ myusenet.de, bigusenet.de & Co.: Neue betrügerische Streaming-Plattformen führen in Abofalle! ∗∗∗
---------------------------------------------
Immer wieder berichtet die Watchlist Internet von betrügerischen Streaming-Plattformen, die in die Abofalle führen. Derzeit gehen zahlreiche Meldungen bei uns ein, die vor myusenet.de, foxusenet.de bigusenet.de und megausenet.de warnen. Diese neuen Streaming-Plattformen sehen zwar anders aus als die üblichen Fake-Streaming-Plattformen, die Masche bleibt aber die gleiche: Nach einer Registrierung, erhalten Sie eine Zahlungsaufforderung von 384 Euro.
---------------------------------------------
https://www.watchlist-internet.at/news/myusenetde-bigusenetde-co-neue-betruegerische-streaming-plattformen-fuehren-in-abofalle/


∗∗∗ Update now: Researchers warn of security vulnerabilities in these widely used point-of-sale terminals ∗∗∗
---------------------------------------------
Security researchers disclose vulnerabilities including default passwords in two of the largest PoS manufacturers in the world.
---------------------------------------------
https://www.zdnet.com/article/update-now-researchers-warn-of-security-vulnerabilities-in-widely-used-point-of-sale-terminals/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Adobe Releases Security Updates for Acrobat and Reader ∗∗∗
---------------------------------------------
Adobe has released security updates to address a vulnerability in Acrobat and Reader. An attacker could exploit this vulnerability to obtain sensitive information.
---------------------------------------------
https://us-cert.cisa.gov/ncas/current-activity/2020/12/10/adobe-releases-security-updates-acrobat-and-reader


∗∗∗ Hotfix rüstet Firewalls und Router von Sophos gegen Attacken ∗∗∗
---------------------------------------------
Unter bestimmten Voraussetzungen könnten Angreifer das Netzwerkbetriebssystem Cyberoam attackieren.
---------------------------------------------
https://heise.de/-4986665


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (minidlna and x11vnc), Fedora (pam), openSUSE (chromium, minidlna, nsd, openssl-1_1, and pngcheck), SUSE (gcc7 and kernel), and Ubuntu (lxml and squirrelmail).
---------------------------------------------
https://lwn.net/Articles/839861/


∗∗∗ OpenSSL vulnerability CVE-2020-1968 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K92451315


∗∗∗ F5 TMM vulnerability CVE-2020-5950 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K05204103


∗∗∗ F5 TMUI XSS vulnerability CVE-2020-5948 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K42696541


∗∗∗ TMM vulnerability CVE-2020-27713 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K37960100


∗∗∗ BIG-IP LTM vulnerability CVE-2020-5949 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K20984059


∗∗∗ Security Bulletin: IBM Resilient Platform could allow formula injection in Excel (CVE-2020-4633) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-resilient-platform-could-allow-formula-injection-in-excel-cve-2020-4633/


∗∗∗ Security Bulletin: NGINX vulnerability CVE-2019-20372 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-nginx-vulnerability-cve-2019-20372-impacts-ibm-aspera-high-speed-transfer-server-and-aspera-high-speed-transfer-endpoint-versions-prior-to-v4-0/


∗∗∗ Security Bulletin: IBM® Db2® is vulnerable to a buffer overflow (CVE-2020-4701) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-is-vulnerable-to-a-buffer-overflow-cve-2020-4701-4/


∗∗∗ Security Bulletin: Fixed CP4D timeout for IBM Netezza for Cloud Pak for Data 11.1.1.0 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-fixed-cp4d-timeout-for-ibm-netezza-for-cloud-pak-for-data-11-1-1-0/


∗∗∗ Security Bulletin: OpenSSL vulnerability CVE-2020-1968 impacts IBM Aspera Streaming/IBM Aspera Streaming for Video version 3.9.6.1 and earlier ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-openssl-vulnerability-cve-2020-1968-impacts-ibm-aspera-streaming-ibm-aspera-streaming-for-video-version-3-9-6-1-and-earlier/


∗∗∗ Security Bulletin: App Connect Enterprise Certified Container is vulnerable to code injection and Denial of Service attacks ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-enterprise-certified-container-is-vulnerable-to-code-injection-and-denial-of-service-attacks/


∗∗∗ Security Bulletin: HAProxy vulnerability CVE-2019-18277 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-haproxy-vulnerability-cve-2019-18277-impacts-ibm-aspera-high-speed-transfer-server-and-aspera-high-speed-transfer-endpoint-versions-prior-to-v4-0/


∗∗∗ Security Bulletin: IBM® Db2® is vulnerable to buffer overflow leading to a privileged escalation (CVE-2020-4363) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-is-vulnerable-to-buffer-overflow-leading-to-a-privileged-escalation-cve-2020-4363-7/


∗∗∗ Security Bulletin: IBM® Db2® is vulnerable to an information disclosure. (CVE-2020-4387) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-is-vulnerable-to-an-information-disclosure-cve-2020-4387-6/


∗∗∗ Security Bulletin: App Connect Enterprise Certified Container Integration Servers could cause a Denial of Service or a buffer overflow when using MQ ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-enterprise-certified-container-integration-servers-could-cause-a-denial-of-service-or-a-buffer-overflow-when-using-mq/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list