[CERT-daily] Tageszusammenfassung - 03.02.2020

Mon Feb 3 18:32:55 CET 2020

=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 31-01-2020 18:00 − Montag 03-02-2020 18:00
Handler:     Thomas Pribitzer
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Devious Spamhaus Phishing Scam Warns Youre on an Email Block List ∗∗∗
---------------------------------------------
A new phishing campaign distributing malware pretends to be from the Spamhaus Project warning that the recipients email address has been added to a spam block list due to sending unsolicited email.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/devious-spamhaus-phishing-scam-warns-youre-on-an-email-block-list/


∗∗∗ Abo-Falle durch gefälschte E-Mail von „Zoll Österreich“ ∗∗∗
---------------------------------------------
Eine neue Massenmail landet momentan im Posteingang unzähliger InternetnutzerInnen. In der Nachricht von „Zoll Österreich“ heißt es, dass eine Zollgebühr nicht bezahlt wurde. Dem Inhalt der E-Mail darf kein Glauben geschenkt werden, denn sie wird von Kriminellen verschickt. Eine Dateneingabe führt hier in eine teure Abo-Falle für 90 Euro monatlich.
---------------------------------------------
https://www.watchlist-internet.at/news/abo-falle-durch-gefaelschte-e-mail-von-zoll-oesterreich/


∗∗∗ Hackers are hijacking smart building access systems to launch DDoS attacks ∗∗∗
---------------------------------------------
More than 2,300 building access systems can be hijacked due to a severe vulnerability left without a fix.
---------------------------------------------
https://www.zdnet.com/article/hackers-are-hijacking-smart-building-access-systems-to-launch-ddos-attacks/


∗∗∗ Windows 10 PCs get these new Intel chip security updates for Zombieload attacks ∗∗∗
---------------------------------------------
Microsoft helps Intel deliver its latest microcode security updates to mitigate the Zombieload threat.
---------------------------------------------
https://www.zdnet.com/article/windows-10-pcs-get-these-new-intel-chip-security-updates-for-zombieload-attacks/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Security Advisory 2020-01-31-1 - Opkg susceptible to MITM (CVE-2020-7982) ∗∗∗
---------------------------------------------
A bug in the package list parse logic of OpenWrts opkg fork caused the package manager to ignore SHA-256 checksums embedded in the signed repository index, effectively bypassing integrity checking of downloaded .ipk artifacts.
---------------------------------------------
https://lists.infradead.org/pipermail/openwrt-devel/2020-January/021544.html


∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (opensmtpd), Debian (firefox-esr, libidn2, libjackson-json-java, prosody-modules, qemu, qtbase-opensource-src, spamassassin, and sudo), Fedora (e2fsprogs, java-1.8.0-openjdk, mingw-openjpeg2, openjpeg2, samba, sox, upx, webkit2gtk3, and xar), Red Hat (git), Scientific Linux (git), Slackware (sudo), SUSE (ceph and rmt-server), and Ubuntu (sudo).
---------------------------------------------
https://lwn.net/Articles/811368/


∗∗∗ Strong Testimonials < 2.40.1 - Stored Cross Site Scripting (XSS) ∗∗∗
---------------------------------------------
https://wpvulndb.com/vulnerabilities/10056


∗∗∗ Security Bulletin: Rational Asset Analyzer is affected by a WebSphere Application Server vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-is-affected-by-a-websphere-application-server-vulnerability-2/


∗∗∗ Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Log4j ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-watson-discovery-for-ibm-cloud-pak-for-data-affected-by-vulnerability-in-apache-log4j/


∗∗∗ Security Bulletin: Vulnerabilities affect Watson Explorer Foundational Components (CVE-2019-1563, CVE-2019-1549, CVE-2019-1547) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-affect-watson-explorer-foundational-components-cve-2019-1563-cve-2019-1549-cve-2019-1547/


∗∗∗ Security Bulletin: IBM API Connect is impacted by vulnerabilities in Golang (CVE-2019-17596) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-impacted-by-vulnerabilities-in-golang-cve-2019-17596/


∗∗∗ Security Bulletin: Rational Asset Analyzer (RAA) is affected by a WebSphere Application Server vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-raa-is-affected-by-a-websphere-application-server-vulnerability-2/


∗∗∗ Security Bulletin: Rational Asset Analyzer is affected by a WebSphere Application Server vulnerability. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-is-affected-by-a-websphere-application-server-vulnerability/


∗∗∗ Security Bulletin: Information Disclosure in IBM StoredIQ (CVE-2020-4224) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-information-disclosure-in-ibm-storediq-cve-2020-4224/


∗∗∗ Security Bulletin: Rational Asset Analyzer (RAA) is affected by a WAS vulnerability. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-raa-is-affected-by-a-was-vulnerability-2/


∗∗∗ Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by multiple vulnerabilities in Java ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-watson-discovery-for-ibm-cloud-pak-for-data-affected-by-multiple-vulnerabilities-in-java/


∗∗∗ Security Bulletin: Rational Asset Analyzer (RAA) is affected by several WebSphere Application Server vulnerabilities. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-raa-is-affected-by-several-websphere-application-server-vulnerabilities/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily