Daily

daily@lists.cert.at

1 participants
3153 discussions

Tageszusammenfassung - 03.09.2019
by Daily end-of-shift report 03 Sep '19

03 Sep '19

===================== = End-of-Day report = ===================== Timeframe: Montag 02-09-2019 18:00 − Dienstag 03-09-2019 18:00 Handler: Robert Waldner Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ Nemty Ransomware Gets Distribution from RIG Exploit Kit ∗∗∗ --------------------------------------------- The operators of Nemty ransomware appear to have struck a distribution deal to target systems with outdated technology that can still be infected by exploit kits. --------------------------------------------- https://www.bleepingcomputer.com/news/security/nemty-ransomware-gets-distri… ∗∗∗ Fake BleachBit Website Built to Distribute AZORult Info Stealer ∗∗∗ --------------------------------------------- Cybercriminals are taking advantage of the popularity of the BleachBit disk cleaning tool to spread Azorult information stealer. For this purpose, they created a static web page that purports to be the official website for the utility. --------------------------------------------- https://www.bleepingcomputer.com/news/security/fake-bleachbit-website-built… ∗∗∗ Credential Management and Enforcement for ICS/SCADA environments ∗∗∗ --------------------------------------------- In the world of Operational Technology (OT), Industrial Control Systems (ICS) comprise the majority of the segment. Where ICS assets are dispersed and require centralized data acquisition and control, Supervisory Control and Data Acquisition (SCADA) systems are used. --------------------------------------------- https://resources.infosecinstitute.com/credential-management-and-enforcemen… ∗∗∗ Ratgeber vom Hersteller: So erkennt man gehackte Cisco-Geräte ∗∗∗ --------------------------------------------- Der Netzwerkausrüster Cisco hat vier Guides für verschiedene Software veröffentlicht, die helfen sollen, Hinweise auf mögliche Kompromittierungen zu finden. --------------------------------------------- https://heise.de/-4512704 ∗∗∗ Meet Domen, a New and Sophisticated Social Engineering Toolkit ∗∗∗ --------------------------------------------- A new social engineering toolkit has been discovered. The operational premise has been used many times, but the execution of that premise is new and described by security researchers "a beautiful piece of work". --------------------------------------------- https://www.securityweek.com/meet-domen-new-and-sophisticated-social-engine… https://blog.malwarebytes.com/cybercrime/social-engineering-cybercrime/2019… ∗∗∗ Diese Kleinanzeigen-Betrugsmasche sollten Sie kennen ∗∗∗ --------------------------------------------- BetrügerInnen versuchen auf Online-Marktplätzen wie willhaben, shpock und Co, ohne Bezahlung an Ihre Ware zu kommen. Sie geben sich als vermeintliche Zahlungsdienstleister und Zwischenvermittler aus und senden Ihnen eine gefälschte Zahlungsbestätigung. Das Geld wird angeblich erst für Sie freigegeben, wenn Sie den zu viel überwiesenen Betrag für das Speditionsunternehmen oder eine Versandbestätigung des Paketes übermitteln. --------------------------------------------- https://www.watchlist-internet.at/news/diese-kleinanzeigen-betrugsmasche-so… ===================== = Vulnerabilities = ===================== ∗∗∗ 'USBAnywhere' Bugs Open Supermicro Servers to Remote Attackers ∗∗∗ --------------------------------------------- Trivial-to-exploit authentication flaws can give an unsophisticated remote attacker omnipotent control over a server and its contents. --------------------------------------------- https://threatpost.com/usbanywhere-bugs-supermicro-remote-attack/147899/ ∗∗∗ Security updates for Tuesday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (qemu), Fedora (ansible and wavpack), openSUSE (apache-commons-beanutils, apache2, go1.12, httpie, libreoffice, qemu, and slurm), Oracle (ghostscript), Scientific Linux (ghostscript), SUSE (ardana-ansible, ardana-barbican, ardana-cinder, ardana-cluster, ardana-cobbler, ardana-db, ardana-designate, ardana-extensions-nsx, ardana-glance, ardana-heat, ardana-horizon, ardana-input-model, ardana-installer-ui, ardana-ironic, ardana-keystone, ardana-logging, [...] --------------------------------------------- https://lwn.net/Articles/798225/ -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 02.09.2019
by Daily end-of-shift report 02 Sep '19

02 Sep '19

===================== = End-of-Day report = ===================== Timeframe: Freitag 30-08-2019 18:00 − Montag 02-09-2019 18:00 Handler: Robert Waldner Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ Sodinokibi Ransomware Spreads via Fake Forums on Hacked Sites ∗∗∗ --------------------------------------------- A distributor for the Sodinokibi Ransomware is hacking into WordPress sites and injecting JavaScript that displays a fake Q & A forum post over the content of the original site. This fake post contains an "answer" from the sites "admin" that contains a link to the ransomware installer. --------------------------------------------- https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-spread… ∗∗∗ Oh there it is, Facebook shrugs as Free Basics private key found to be signing unrelated apps ∗∗∗ --------------------------------------------- Walled-garden Android platform security easily copied Facebook has insisted that losing control of the private key used to sign its Facebook Basics app is no biggie despite totally unrelated apps from other vendors, signed with the same key, popping up in unofficial repositories. --------------------------------------------- http://go.theregister.com/feed/www.theregister.co.uk/2019/09/02/facebook_ba… ∗∗∗ Analyse: Was bedeutet der iPhone-Massen-Hack? ∗∗∗ --------------------------------------------- Tausende iPhones wurden beim Besuch scheinbar harmloser Web-Sites gehackt. Wer steckt dahinter und wie schütze ich mich? --------------------------------------------- https://heise.de/-4511921 ∗∗∗ TrickBot Tricks U.S. Users into Sharing their PIN Codes ∗∗∗ --------------------------------------------- The threat actor behind the infamous TrickBot botnet has added new functionality to their malware to request PIN codes from mobile users, Secureworks reports. --------------------------------------------- https://www.securityweek.com/trickbot-tricks-us-users-sharing-their-pin-cod… ∗∗∗ WordPress sites under attack as hacker group tries to create rogue admin accounts ∗∗∗ --------------------------------------------- Hackers exploit vulnerabilities in more than ten WordPress plugins to plant backdoor accounts on unpatched sites. --------------------------------------------- https://www.zdnet.com/article/wordpress-sites-under-attack-as-hacker-group-… ===================== = Vulnerabilities = ===================== ∗∗∗ Security updates for Monday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (gosa, libav, libextractor, nghttp2, pump, and python2.7), Fedora (dovecot, mod_http2, and pango), Gentoo (dovecot, gnome-desktop, libofx, and nautilus), Mageia (ansible, ghostscript, graphicsmagick, memcached, mpg123, pango, vlc, wavpack, webmin, wireshark, and wpa_supplicant, hostapd), openSUSE (flatpak, libmirage, podman, slirp4netns and libcontainers-common, python-SQLAlchemy, and qemu), Red Hat (ghostscript, java-1.8.0-ibm, and squid:4), and SUSE [...] --------------------------------------------- https://lwn.net/Articles/798143/ ∗∗∗ Panasonic Video Insight VMS vulnerable to SQL injection ∗∗∗ --------------------------------------------- https://jvn.jp/en/jp/JVN93833849/ ∗∗∗ [webapps] Alkacon OpenCMS 10.5.x - Local File inclusion ∗∗∗ --------------------------------------------- https://www.exploit-db.com/exploits/47340 ∗∗∗ [webapps] Alkacon OpenCMS 10.5.x - Cross-Site Scripting (2) ∗∗∗ --------------------------------------------- https://www.exploit-db.com/exploits/47339 ∗∗∗ [webapps] Alkacon OpenCMS 10.5.x - Cross-Site Scripting ∗∗∗ --------------------------------------------- https://www.exploit-db.com/exploits/47338 ∗∗∗ IBM Security Bulletin: Password vulnerability in IBM® Intelligent Operations Center (CVE-2019-4321) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-password-vulnerabilit… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 30.08.2019
by Daily end-of-shift report 30 Aug '19

30 Aug '19

===================== = End-of-Day report = ===================== Timeframe: Donnerstag 29-08-2019 18:00 − Freitag 30-08-2019 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ Windows 7: Update-Blockade für Symantec-Nutzer aufgehoben ∗∗∗ --------------------------------------------- Microsoft hat Windows-Updates wieder für Nutzer von Symantec Endpoint Protection freigegeben. --------------------------------------------- https://heise.de/-4509981 ∗∗∗ CERT-Bund warnt vor offenen Smarthome-Systemen ∗∗∗ --------------------------------------------- Fast 3000 Homematic-Systeme sind offenbar aus dem Internet erreichbar -- die meisten davon lassen sich beliebig fernsteuern. --------------------------------------------- https://heise.de/-4509977 ∗∗∗ It Saved Our Community: 16 Realistic Ransomware Defenses for Cities ∗∗∗ --------------------------------------------- Practical steps municipal governments can take to better prevent and respond to ransomware infections. --------------------------------------------- https://www.darkreading.com/edge/theedge/it-saved-our-community-16-realisti… ∗∗∗ A very deep dive into iOS Exploit chains found in the wild ∗∗∗ --------------------------------------------- Posted by Ian Beer, Project ZeroProject Zero’s mission is to make 0-day hard. We often work with other companies to find and report security vulnerabilities, with the ultimate goal of advocating for structural security improvements in popular systems to help protect people everywhere. Earlier this year Googles Threat Analysis Group (TAG) discovered a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using [...] --------------------------------------------- https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-ex… ∗∗∗ Scalable infrastructure for investigations and incident response ∗∗∗ --------------------------------------------- Traditional computer forensics and cyber investigations are as relevant in the cloud as they are in on-premise environments, but the methods in which to access and perform such investigations differ. This post will describe some of the challenges of bringing on-premises forensics techniques to the cloud and show one solution to overcome these challenges, using [...] --------------------------------------------- https://msrc-blog.microsoft.com:443/2019/08/30/scalable-infrastructure-for-… ∗∗∗ [SANS ISC] Malware Dropping a Local Node.js Instance ∗∗∗ --------------------------------------------- I published the following diary on isc.sans.edu: “Malware Dropping a Local Node.js Instance“: Yesterday, I wrote a diary about misused Microsoft tools[1]. I just found another interesting piece of code. This time the malware is using Node.js[2]. --------------------------------------------- https://blog.rootshell.be/2019/08/30/sans-isc-malware-dropping-a-local-node… ∗∗∗ Definitive Dossier of Devilish Debug Details – Part One: PDB Paths and Malware ∗∗∗ --------------------------------------------- Have you ever wondered what goes through the mind of a malware author? How they build their tools? How they organize their development projects? What kind of computers and software they use? We took a stab and answering some of those questions by exploring malware debug information. We find that malware developers give descriptive names to their folders and code projects, often describing the capabilities of the malware in development. --------------------------------------------- http://www.fireeye.com/blog/threat-research/2019/08/definitive-dossier-of-d… ===================== = Vulnerabilities = ===================== ∗∗∗ Change Healthcare McKesson and Horizon Cardiology ∗∗∗ --------------------------------------------- This advisory contains mitigations for an incorrect default permissions vulnerability in Change Healthcares cardiology devices. --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsma-19-241-01 ∗∗∗ Philips HDI 4000 Ultrasound ∗∗∗ --------------------------------------------- This advisory contains mitigations for a use of obsolete function vulnerability in Philips HDI 4000 Ultrasound Systems diagnostic tool. --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsma-19-241-02 ∗∗∗ Cisco Firepower 4100 and 9300 Security Appliance Local Management Filtering Bypass Vulnerability ∗∗∗ --------------------------------------------- A vulnerability in the process for creating default IP blocks during device initialization for Cisco Firepower 4100 Series and Firepower 9300 Security Appliances running Cisco FXOS Software could allow an unauthenticated, remote attacker to send traffic to the local IP address of the device, bypassing any filters that are configured to deny local IP management traffic. --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (dovecot, gettext, go, go-pie, libnghttp2, and pigeonhole), Debian (djvulibre, dovecot, and subversion), Fedora (sleuthkit and wireshark), openSUSE (containerd, docker, docker-runc, and qbittorrent), Oracle (pango), SUSE (kernel, nodejs10, and python-SQLAlchemy), and Ubuntu (apache2). --------------------------------------------- https://lwn.net/Articles/797938/ ∗∗∗ Linux kernel vulnerability CVE-2019-10639 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K32804955 ∗∗∗ Avira Optimizer Local Privilege Escalation ∗∗∗ --------------------------------------------- https://posts.specterops.io/avira-optimizer-local-privilege-escalation-af10… ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Collaboration and Deployment Services ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilit… ∗∗∗ IBM Security Bulletin: Vyatta 5600 vRouter Software Patches – Release 1801-za ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vyatta-5600-vrouter-s… ∗∗∗ IBM Security Bulletin: Vyatta 5600 vRouter Software Patches – Release 1801-z ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vyatta-5600-vrouter-s… ∗∗∗ IBM Security Bulletin: IBM WebSphere Cast Iron Solution & App Connect Professional is affected by Apache Tomcat vulnerabilities. ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-websphere-cast-ir… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 29.08.2019
by Daily end-of-shift report 29 Aug '19

29 Aug '19

===================== = End-of-Day report = ===================== Timeframe: Mittwoch 28-08-2019 18:00 − Donnerstag 29-08-2019 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ Malware Samples Compiling Their Next Stage on Premise, (Wed, Aug 28th) ∗∗∗ --------------------------------------------- I would like to cover today two different malware samples I spotted two days ago. They have one interesting behaviour in common: they compile their next stage on the fly directly on the victim's computer. At a first point, it seems weird but, after all, its an interesting approach to bypass low-level detection mechanisms that look for PE files. --------------------------------------------- https://isc.sans.edu/diary/rss/25278 ∗∗∗ ‘Heatstroke’ Campaign Uses Multistage Phishing Attack to Steal PayPal and Credit Card Information ∗∗∗ --------------------------------------------- Despite having an apparent lull in the first half of 2019, phishing will remain a staple in a cybercriminal’s arsenal, and theyre not going to stop using it. The latest example is a phishing campaign dubbed Heatstroke, based on a variable found in their phishing kit code. --------------------------------------------- http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/9hQZwZfgZ7U/ ===================== = Vulnerabilities = ===================== ∗∗∗ Sicherheitslücke: Buffer Overflow in Dovecot-Mailserver ∗∗∗ --------------------------------------------- Eine Sicherheitslücke im Dovecot-Mailserver könnte es Angreifern erlauben, Code auszuführen. Updates stehen bereit. --------------------------------------------- https://www.golem.de/news/sicherheitsluecke-buffer-overflow-in-dovecot-mail… ∗∗∗ Kritische Lücke mit Höchstwertung in Ciscos Betriebssystem ISO EX ∗∗∗ --------------------------------------------- Es gibt Sicherheitsupdates für verschiedene Betriebssystem-Versionen für Netzwerkgeräte von Cisco. --------------------------------------------- https://heise.de/-4509454 ∗∗∗ Security updates for Thursday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (apache2 and faad2), openSUSE (schismtracker), Red Hat (ceph and pango), Scientific Linux (pango), SUSE (apache-commons-beanutils, ceph, php7, and qemu), and Ubuntu (ceph, dovecot, and ghostscript). --------------------------------------------- https://lwn.net/Articles/797775/ ∗∗∗ Nextgen Gallery < 3.2.11 - SQL Injection ∗∗∗ --------------------------------------------- https://wpvulndb.com/vulnerabilities/9816 ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM ILOG CPLEX Optimization Studio and IBM CPLEX Enterprise Server ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilit… ∗∗∗ IBM Security Bulletin: Vulnerability CVE-2019-1543 in OpenSSL affects IBM i ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-cve-201… ∗∗∗ IBM Security Bulletin: IBM InfoSphere Master Data Management Standard and Advanced Editions are affected by vulnerabilities in OpenSSL (CVE-2019-1559) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-infosphere-master… ∗∗∗ External DNS Requests in Zyxel USG/UAG/ATP/VPN/NXC series ∗∗∗ --------------------------------------------- https://sec-consult.com/en/blog/advisories/external-dns-requests-in-zyxel-u… ∗∗∗ Hardcoded FTP Credentials in Zyxel NWA/NAP/WAC wireless access point series ∗∗∗ --------------------------------------------- https://sec-consult.com/en/blog/advisories/hardcoded-ftp-credentials-in-zyx… ∗∗∗ A specifically crafted HTTP request may lead the BIG-IP system to pass malformed HTTP requests to a target pool member webserver (HTTP Desync Attack) ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K50375550 ∗∗∗ WebKitGTK and WPE WebKit Security Advisory WSA-2019-0004 ∗∗∗ --------------------------------------------- https://webkitgtk.org/security/WSA-2019-0004.html ∗∗∗ Atlassian Confluence: Schwachstelle ermöglicht Offenlegung von Informationen ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K19-0768 ∗∗∗ Kubernetes: Schwachstelle ermöglicht Offenlegung von Informationen ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K19-0769 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 28.08.2019
by Daily end-of-shift report 28 Aug '19

28 Aug '19

===================== = End-of-Day report = ===================== Timeframe: Dienstag 27-08-2019 18:00 − Mittwoch 28-08-2019 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ Dangerous Cryptomining Worm Racks Up 850K Infections, Self-Destructs ∗∗∗ --------------------------------------------- Law enforcement takedown causes Retadup malware to eat itself. --------------------------------------------- https://threatpost.com/cryptomining-worm-infections-self-destructs/147767/ ∗∗∗ [Guest Diary] Open Redirect: A Small But Very Common Vulnerability, (Wed, Aug 28th) ∗∗∗ --------------------------------------------- This is a guest diary submitted by Jan Kopriva. Jan is working for Alef Nula (http://www.alef.com) and you can follow him on Twitter at @jk0pr --------------------------------------------- https://isc.sans.edu/diary/rss/25276 ∗∗∗ Extracting Certificates From the Windows Registry ∗∗∗ --------------------------------------------- I helped a colleague with a forensic analysis by extracting certificates from the Windows registry. In this blog post, we explain how to do this. --------------------------------------------- https://blog.nviso.be/2019/08/28/extracting-certificates-from-the-windows-r… ∗∗∗ RAT Ratatouille: Backdooring PCs with leaked RATs ∗∗∗ --------------------------------------------- Orcus RAT and RevengeRAT are two of the most popular remote access trojans (RATs) in use across the threat landscape. Since its emergence in 2016, various adversaries used RevengeRAT to attack organizations and individuals around the world. The source code associated with RevengeRAT was previously released to the public, allowing attackers to leverage it for their own malicious purposes. --------------------------------------------- https://blog.talosintelligence.com/2019/08/rat-ratatouille-revrat-orcus.html ∗∗∗ Identitätsdiebstahl mit gefälschten Airbnb-Mails ∗∗∗ --------------------------------------------- Achtung: Kriminelle versenden erfundene Mails im Namen von Airbnb an zahlreiche Kundinnen und Kunden. Darin behaupten sie, dass das Konto gesperrt wurde und nun Kopien des Personalausweises, Selfies mit dem Ausweis neben dem Gesicht sowie eine handschriftliche Notiz zur Freischaltung notwendig wären. Die Nachricht muss ignoriert werden, andernfalls kommt es zu Identitätsmissbrauch! --------------------------------------------- https://www.watchlist-internet.at/news/identitaetsdiebstahl-mit-gefaelschte… ===================== = Vulnerabilities = ===================== ∗∗∗ Delta Controls enteliBUS Controllers ∗∗∗ --------------------------------------------- This advisory contains mitigations for a buffer overflow vulnerability in Delta Controllers enteliBUS Controllers industrial control systems. --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsa-19-239-01 ∗∗∗ Datalogic AV7000 Linear Barcode Scanner ∗∗∗ --------------------------------------------- This advisory contains mitigations for an authentication bypass using an alternate path vulnerability in Datalogics AV7000 Linear Barcode Scanners. --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsa-19-239-02 ∗∗∗ Security updates for Wednesday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (dovecot), Fedora (docker and nghttp2), Oracle (pango), SUSE (apache2, fontforge, ghostscript-library, libreoffice, libvirt, podman, slirp4netns and libcontainers-common, postgresql10, and slurm), and Ubuntu (dovecot). --------------------------------------------- https://lwn.net/Articles/797579/ ∗∗∗ DLL Hijacking Flaw Patched in Check Point Endpoint Security ∗∗∗ --------------------------------------------- Researchers at SafeBreach discovered that Check Point’s Endpoint Security product is affected by a DLL hijacking vulnerability that can be exploited for privilege escalation and other purposes. read more --------------------------------------------- https://www.securityweek.com/dll-hijacking-flaw-patched-check-point-endpoin… ∗∗∗ CVE-2019-13609 - CRLF Vulnerability in Citrix License Server for Windows and VPX ∗∗∗ --------------------------------------------- A Carriage Return Line Feed (CRLF) injection vulnerability has been identified in Citrix License Server for Windows and VPX that could allow an unauthenticated attacker to bypass authentication and allow a malicious website to read or modify license server [...] --------------------------------------------- https://support.citrix.com/article/CTX257644 ∗∗∗ Realtek Managed Switch Controller RTL83xx Stack Overflow ∗∗∗ --------------------------------------------- https://cxsecurity.com/issue/WLB-2019080138 ∗∗∗ Security Advisory - Key Negotiation of Bluetooth (KNOB) Vulnerability ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190828-… ∗∗∗ IBM Security Bulletin: IBM Cloud Automation Manager is affected by a insecure Content-Security-Policy header vulnerability CVE-2019-4133 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-cloud-automation-… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 27.08.2019
by Daily end-of-shift report 27 Aug '19

27 Aug '19

===================== = End-of-Day report = ===================== Timeframe: Montag 26-08-2019 18:00 − Dienstag 27-08-2019 18:00 Handler: Dimitri Robl Co-Handler: Robert Waldner ===================== = News = ===================== ∗∗∗ macOS: Zurückgelassene Helper-Tools als Sicherheitsproblem ∗∗∗ --------------------------------------------- "Privileged Helper Tools" können es Mac-Malware erlauben, Root-Rechte zu erlangen, warnt ein Entwickler. Nutzer sollten zum Schutz selbst aktiv werden. --------------------------------------------- https://heise.de/-4507656 ∗∗∗ Mobile Menace Monday: Android Trojan raises xHelper ∗∗∗ --------------------------------------------- Since its introduction in May 2019, the xHelper dropper, an Android Trojan, has climbed to our top 10 list of most detected mobile malware. --------------------------------------------- https://blog.malwarebytes.com/android/2019/08/mobile-menace-monday-android-… ∗∗∗ New 4CAN tool helps identify vulnerabilities in on-board car computers ∗∗∗ --------------------------------------------- Modern automobiles contain hundreds of sensors and mechanics that communicate via computers to understand their surrounding environment. Those components provide real-time information to drivers, connect the vehicle to a global network, and in some cases use that telemetry to automatically drive the vehicle. Like any computer, those in vehicles are susceptible to threats, such as vulnerabilities in software ... --------------------------------------------- https://blog.talosintelligence.com/2019/08/new-4can-tool-helps-identify.html ∗∗∗ Free Decryption Tool Released for Syrk Ransomware ∗∗∗ --------------------------------------------- Security researchers have released a decryption tool which victims of Syrk ransomware can use to recover their files for free. Emsisoft found that Syrk arrived with its own decryptor, but the security firm decided to release its own utility for three reasons. --------------------------------------------- https://www.tripwire.com/state-of-security/security-data-protection/free-de… ∗∗∗ Lojack’d: Pwning Smart vehicle trackers ∗∗∗ --------------------------------------------- This research is by @evstykas with help from @Yekki_1 and @TheKenMunroShow. Many car insurers insist that smart trackers are fitted to high end vehicles. In the event of theft, the car can be tracked and recovered. Probably the most well-known is LoJack, also known as Tracker in Europe. --------------------------------------------- https://www.pentestpartners.com/security-blog/lojackd-pwning-smart-vehicle-… ∗∗∗ Aufgepasst: Es kursieren gefährliche Raiffeisen-Phishing-Mails ∗∗∗ --------------------------------------------- Aktuell sind wieder Phishing-Mails im Namen der Raiffeisen Bank unterwegs. Angeblich ist eine Nachricht für Sie eingegangen. Um diese zu lesen, werden Sie aufgefordert, einem Link zu folgen. Sie landen auf einem Nachbau der Raiffeisen-Login-Seite. Kriminelle versuchen so, an Ihre Zugangsdaten zu kommen. --------------------------------------------- https://www.watchlist-internet.at/news/aufgepasst-es-kursieren-gefaehrliche… ===================== = Vulnerabilities = ===================== ∗∗∗ Betriebssystem: Apple patcht WatchOS und iOS ∗∗∗ --------------------------------------------- Nutzer von Apples mobilen Betriebssystemen haben gegebenenfalls eine Update-Benachrichtigung auf ihren Geräten. Apple hat sowohl für die Apple Watch als auch für iPhone, iPod Touch und iPad ein neues Betriebssystem freigegeben. Unter iOS wird dabei auch eine Sicherheitslücke geschlossen. --------------------------------------------- https://www.golem.de/news/betriebssystem-apple-patcht-watchos-und-ios-1908-… ∗∗∗ Google Releases Security Updates for Chrome ∗∗∗ --------------------------------------------- Google has released Chrome version 76.0.3809.132 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. --------------------------------------------- https://www.us-cert.gov/ncas/current-activity/2019/08/27/google-releases-se… ∗∗∗ Security updates for Tuesday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (apache2 and xymon), openSUSE (putty and vlc), Red Hat (kernel and ruby), Scientific Linux (advancecomp, bind, binutils, blktrace, compat-libtiff3, curl, dhcp, elfutils, exempi, exiv2, fence-agents, freerdp and vinagre, ghostscript, glibc, gvfs, http-parser, httpd, kde-workspace, keepalived, kernel, keycloak-httpd-client-install, libarchive, libcgroup, libguestfs-winsupport, libjpeg-turbo, libmspack, libreoffice, libsolv, libssh2, libtiff, libvirt, ... --------------------------------------------- https://lwn.net/Articles/797442/ ∗∗∗ IBM Security Bulletin: Apache Tomcat as used in IBM QRadar SIEM is vulnerable to a denial of service (CVE-2019-10072) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-apache-tomcat-as-used… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 26.08.2019
by Daily end-of-shift report 26 Aug '19

26 Aug '19

===================== = End-of-Day report = ===================== Timeframe: Freitag 23-08-2019 18:00 − Montag 26-08-2019 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ Phishing-Mail: Keine 1.957,05 Euro Rückzahlung vom Finanzministerium! ∗∗∗ --------------------------------------------- Kriminelle versenden betrügerische Phishing-Mails im Namen des Bundesministeriums für Finanzen (BMF), in denen sie Konsument/innen über eine angebliche Rückzahlung über 1957 Euro informieren. Empfänger/innen dürfen den Links in der Nachricht nicht folgen und keine Daten bekanntgeben. Sie landen in den Händen Krimineller und können für weitere Verbrechen missbraucht werden. --------------------------------------------- https://www.watchlist-internet.at/news/phishing-mail-keine-195705-euro-ruec… ∗∗∗ Lenovo Crapware: Vorinstallierte Systemsoftware macht Laptops angreifbar ∗∗∗ --------------------------------------------- Wer noch das Lenovo Solution Center auf seinem System hat, sollte es schnellstmöglich deinstallieren. --------------------------------------------- https://heise.de/-4505088 ∗∗∗ Jetzt patchen! Exploit-Code für Cisco-Switches in Umlauf ∗∗∗ --------------------------------------------- Es könnten Angriffe auf Switches von Cisco bevorstehen. Sicherheitsupdates gibt es bereits seit Anfang August. --------------------------------------------- https://heise.de/-4505182 ∗∗∗ Attackers are targeting vulnerable Fortigate and Pulse Secure SSL VPNs ∗∗∗ --------------------------------------------- Attackers are taking advantage of recently released vulnerability details and PoC exploit code to extract private keys and user passwords from vulnerable Pulse Connect Secure SSL VPN and Fortigate SSL VPN installations. About the vulnerabilities Attackers have been scanning for and targeting two vulnerabilities: CVE-2019-11510, an arbitrary file reading vulnerability in Pulse Connect Secure CVE-2018-13379, a path traversal flaw in the FortiOS SSL VPN web portal. --------------------------------------------- https://www.helpnetsecurity.com/2019/08/26/vulnerable-fortigate-pulse-secur… ∗∗∗ Malicious WordPress Redirect Campaign Attacking Several Plugins ∗∗∗ --------------------------------------------- Over the past few weeks, our Threat Intelligence team has been tracking an active attack campaign targeting a selection of new and old WordPress plugin vulnerabilities. These attacks seek to maliciously redirect traffic from victims’ sites to a number of potentially harmful locations. --------------------------------------------- https://www.wordfence.com/blog/2019/08/malicious-wordpress-redirect-campaig… ===================== = Vulnerabilities = ===================== ∗∗∗ Security updates for Monday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (firefox, libreoffice-still, nginx, nginx-mainline, and subversion), Debian (commons-beanutils, h2o, libapache2-mod-auth-openidc, libmspack, qemu, squid, and tiff), Fedora (kubernetes, libmodbus, nfdump, and nodejs), openSUSE (dkgpg, libTMCG, go1.12, neovim, python, qbittorrent, schismtracker, teeworlds, thunderbird, and zstd), and SUSE (go1.11, go1.12, python-SQLAlchemy, and python-Twisted). --------------------------------------------- https://lwn.net/Articles/797286/ ∗∗∗ IBM Security Bulletin: IBM Db2 Mirror for i is affected by CVE-2019-4536 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-db2-mirror-for-i-… ∗∗∗ IBM Security Bulletin: IBM Cloud Automation Manager is affected by a forbidden resouce redirect for bad API path CVE-2019-4132 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-cloud-automation-… ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilit… ∗∗∗ IBM Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server July 2019 CPU ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilit… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 23.08.2019
by Daily end-of-shift report 23 Aug '19

23 Aug '19

===================== = End-of-Day report = ===================== Timeframe: Donnerstag 22-08-2019 18:00 − Freitag 23-08-2019 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ The Many Possibilities of CVE-2019-8646 ∗∗∗ --------------------------------------------- CVE-2019-8646 is a somewhat unusual vulnerability I reported in iMessage. It has a number of consequences, including information leakage and the ability to remotely read files on a device. This blog post discusses the ways that an attacker could use this bug. --------------------------------------------- https://googleprojectzero.blogspot.com/2019/08/the-many-possibilities-of-cv… ∗∗∗ Instagram phishing uses 2FA as a lure ∗∗∗ --------------------------------------------- If the phishing page looks OK, and it has an HTTPS padlock, how are you supposed to spot phishes these days? --------------------------------------------- https://nakedsecurity.sophos.com/2019/08/23/instagram-phishing-uses-2fa-as-… ∗∗∗ Simple Mimikatz & RDPWrapper Dropper, (Thu, Aug 22nd) ∗∗∗ --------------------------------------------- Let's review a malware sample that I spotted a few days ago. I found it interesting because it's not using deep techniques to infect its victims. The initial sample is a malicious VBScript. For a few weeks, I started to hunt for more Powershell based on encoded directives. The following regular expression matched on the file: [...] --------------------------------------------- https://isc.sans.edu/diary/rss/25262 ∗∗∗ Sommerferien vorbei – Emotet ist zurück ∗∗∗ --------------------------------------------- Seit Freitag früh sind die Server der wohl gefährlichsten Cybercrime-Bande wieder aktiv. --------------------------------------------- https://heise.de/-4503467 ∗∗∗ Hackers Target Vulnerabilities in Fortinet, Pulse Secure Products ∗∗∗ --------------------------------------------- Recently disclosed vulnerabilities affecting enterprise virtual private network (VPN) products from Fortinet and Pulse Secure have been exploited in the wild, a researcher reported on Thursday. --------------------------------------------- https://www.securityweek.com/hackers-target-vulnerabilities-fortinet-pulse-… ===================== = Vulnerabilities = ===================== ∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (cups, nginx, and openjdk-7), Fedora (httpd, mod_md, nghttp2, and patch), and SUSE (rubygem-loofah). --------------------------------------------- https://lwn.net/Articles/797049/ ∗∗∗ PrivEsc in Lenovo Solution Centre, 10 minutes later ∗∗∗ --------------------------------------------- CVE-2019-6177 – Lenovo Solution Centre Privilege Escalation. Slow, but sure. TL;DR We found a privilege escalation vulnerability in the Lenovo Solution Centre (LSC) software, which came pre-installed on many Windows-based Lenovo devices. Lenovo say LSC has been shipped since 2011, but haven’t been clear about when they stopped shipping it by default with new devices. --------------------------------------------- https://www.pentestpartners.com/security-blog/privesc-in-lenovo-solution-ce… ∗∗∗ IBM Security Bulletin: Remote Execution Vulnerability Affects Red Hat Linux Used By IBM WebSphere Application Server for IBM Cloud Private VM Quickstarter (CVE-2019-12735) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-remote-execution-vuln… ∗∗∗ Spectre SWAPGS gadget vulnerability CVE-2019-1125 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K31085564 ∗∗∗ HPESBUX03950 rev.1 - HP-UX Web Server Suite running Apache on HP-UX 11iv3, Multiple Remote Vulnerabilities ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_n… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 22.08.2019
by Daily end-of-shift report 22 Aug '19

22 Aug '19

===================== = End-of-Day report = ===================== Timeframe: Mittwoch 21-08-2019 18:00 − Donnerstag 22-08-2019 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ ICS Protocols ∗∗∗ --------------------------------------------- ICS stands for Industrial Control Systems. ICS is a generic term used to describe various control systems and their instrumentation, used for controlling and monitoring industrial processes. ICS basically integrates hardware, software and their network connectivity for running and supporting critical infrastructure. ICS systems get data from remote sensors and send commands to the [...] --------------------------------------------- https://resources.infosecinstitute.com/ics-protocols/ ∗∗∗ Nach dem Datenleck: Mastercard benachrichtigt Kunden ∗∗∗ --------------------------------------------- Nachdem in den vergangenen Tagen Daten von Mastercard-Kunden im Internet auftauchten, hat das Unternehmen nun weitere Informationen per Mail verschickt. --------------------------------------------- https://heise.de/-4502408 ∗∗∗ KNOB-Attacke: Apple liefert Patch gegen Bluetooth-Schwachstelle ∗∗∗ --------------------------------------------- In der jüngsten Version der Betriebssysteme hat Apple eine grundlegende Schwachstelle ausgeräumt, die ein Knacken der Bluetooth-Verschlüsselung ermöglicht. --------------------------------------------- https://heise.de/-4503139 ∗∗∗ Android‑Spyware im Google Play Store aufgetaucht ∗∗∗ --------------------------------------------- ESET-Forscher entdeckten gleich zweimal Android-Spyware im Google Play Store. Die erste ihrer Art, die auf der Open-Source RAT-Software AhMyth aufbaut. --------------------------------------------- https://www.welivesecurity.com/deutsch/2019/08/22/android-spyware-google-pl… ∗∗∗ Hinter modellbau-billiger.de steckt Betrug ∗∗∗ --------------------------------------------- Modellbau-Fans stoßen auf der Suche nach Modelleisenbahnen, ferngesteuerten Autos, Flugzeugen oder Drohnen womöglich auf den Fake-Shop modellbau-billiger.de. Die Kriminellen nutzen dabei die Impressumsdaten eines seriösen Unternehmens, um Vertrauen zu stiften. Hier darf nichts bestellt werden. Die Zahlungen per Vorkasse sind verloren! --------------------------------------------- https://www.watchlist-internet.at/news/hinter-modellbau-billigerde-steckt-b… ===================== = Vulnerabilities = ===================== ∗∗∗ Jetzt updaten: Cisco schließt 27 Sicherheitslücken in diversen Produkten ∗∗∗ --------------------------------------------- Vor allem Nutzer von Ciscos IMC Supervisor und UCS Director sollten einen Blick auf die aktuellen Sicherheitshinweise werfen. Kritische Lücken wurden gefixt. --------------------------------------------- https://heise.de/-4502617 ∗∗∗ Security updates for Thursday ∗∗∗ --------------------------------------------- Security updates have been issued by Fedora (nginx), openSUSE (ImageMagick and putty), Red Hat (Ansible, atomic-openshift-web-console, ceph, and qemu-kvm-rhev), SUSE (kvm, libssh2_org, postgresql96, qemu, and wavpack), and Ubuntu (libzstd and openjpeg2). --------------------------------------------- https://lwn.net/Articles/796949/ ∗∗∗ IBM Security Bulletin: IBM Security Access Manager for Enterprise Single-Sign On is affected by an XML External Entity Injection (XXE) vulnerability (CVE-2019-4513) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-access-m… ∗∗∗ IBM Security Bulletin: This Power System update is being released to address CVE-2019-4169 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-this-power-system-upd… ∗∗∗ IBM Security Bulletin:IBM SDK, Java Technology Edition Quarterly CPU – Oct 2018 – Includes Oracle Oct.2018 CPU affects DB2 Recovery Expert for Linux, Unix and Windows ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletinibm-sdk-java-technolog… ∗∗∗ Multiple Vulnerabilities in OpenPGP.js ∗∗∗ --------------------------------------------- https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-open… ∗∗∗ HPESBST03951 rev.1 - HPE Command View Advanced EditionCVAE (Virtual Appliance only), Remote Denial of Service ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_n… ∗∗∗ HPESBST03952 rev.1 - HPE Command View Advanced Edition (CVAE) Products using JAVA, Multiple Vulnerabilities ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_n… ∗∗∗ HPESBST03953 rev.1 - HPE Command View Advanced Edition (CVAE), Multiple Vulnerabilities ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_n… ∗∗∗ HPESBUX03950 rev.1 - HP-UX Web Server Suite running Apache on HP-UX 11iv3, Multiple Remote Vulnerabiities ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_n… ∗∗∗ Drupal: Schwachstelle ermöglicht Offenlegung von Informationen ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K19-0746 ∗∗∗ Red Hat Ceph Storage: Mehrere Schwachstellen ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K19-0751 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 21.08.2019
by Daily end-of-shift report 21 Aug '19

21 Aug '19

===================== = End-of-Day report = ===================== Timeframe: Dienstag 20-08-2019 18:00 − Mittwoch 21-08-2019 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ Fortnite Ransomware Masquerades as an Aimbot Game Hack ∗∗∗ --------------------------------------------- Attackers are taking aim at Fortnites global community of 250 million gamers. --------------------------------------------- https://threatpost.com/fortnite-ransomware-masquerades-as-an-aimbot-game-ha… ∗∗∗ KAPE: Kroll Artifact Parser and Extractor, (Wed, Aug 21st) ∗∗∗ --------------------------------------------- KAPE vs Commando, another Red vs Blue vignette --------------------------------------------- https://isc.sans.edu/diary/rss/25258 ∗∗∗ CERT-Bund warnt vor öffentlich erreichbaren Sphinx-Suchservern ∗∗∗ --------------------------------------------- In der Standardkonfiguration sind Sphinx-Server aus dem Internet erreichbar. Dieses Sicherheitsrisiko sollten Admins eindämmen. --------------------------------------------- https://heise.de/-4501757 ===================== = Vulnerabilities = ===================== ∗∗∗ Security updates for Wednesday ∗∗∗ --------------------------------------------- Security updates have been issued by Fedora (ghostscript, pango, and squirrelmail), openSUSE (libcryptopp, squid, tcpdump, and wireshark), SUSE (flatpak), and Ubuntu (giflib and NLTK). --------------------------------------------- https://lwn.net/Articles/796834/ ∗∗∗ Zebra Industrial Printers ∗∗∗ --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsa-19-232-01 ∗∗∗ ZDI-19-764: (0Day) WECON LeviStudioU ShortMessage_Module SMtext Stack-based Buffer Overflow Remote Code Execution Vulnerability ∗∗∗ --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-19-764/ ∗∗∗ IBM Security Bulletin: A vulnerability in Open Source Libvirt affects IBM Netezza Host Management ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-op… ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in Open Source Libreswan affect IBM Netezza Host Management ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilit… ∗∗∗ IBM Security Bulletin: IBM Netezza Host Management is affected by the vulnerabilities known as Intel Microarchitectural Data Sampling (MDS) and other Kernel vulnerabilities ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-netezza-host-mana… ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in Spring Framework affect IBM InfoSphere Information Server ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilit… ∗∗∗ IBM Security Bulletin: Enterprise Content Management System Monitor is affected by a vulnerability in IBM® SDK Java™ Technology Edition ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-enterprise-content-ma… ∗∗∗ IBM Security Bulletin: A vulnerability in Open Source Bind affects IBM Netezza Host Management ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-op… ∗∗∗ IBM Security Bulletin: Privilege escalation in IBM DB2 HPU debug binary via trusted PATH ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-privilege-escalation-… ∗∗∗ Unauthenticated sensitive information leakage in ZOHO ServiceDesk Software ∗∗∗ --------------------------------------------- https://sec-consult.com/en/blog/advisories/unauthenticated-sensitive-inform… ∗∗∗ FreeBSD Project FreeBSD OS: Mehrere Schwachstellen ermöglichen Denial of Service ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K19-0743 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Daily