===================== = End-of-Day report = =====================
Timeframe: Dienstag 03-03-2020 18:00 − Mittwoch 04-03-2020 18:00 Handler: Thomas Pribitzer Co-Handler: Stephan Richter
===================== = News = =====================
∗∗∗ Achtung: Lets Encrypt macht Mittwochnacht 3 Millionen Zertifikate ungültig ∗∗∗ --------------------------------------------- Webadmins aufgepasst: Wer jetzt seine Lets-Encrypt-Zertifikate nicht erneuert, könnte Donnerstag früh verunsicherte Nutzer auf der Matte stehen haben. --------------------------------------------- https://heise.de/-4676017
∗∗∗ Ransomware Attackers Use Your Cloud Backups Against You ∗∗∗ --------------------------------------------- Backups are one the most, if not the most, important defense against ransomware, but if not configured properly, attackers will use it against you. --------------------------------------------- https://www.bleepingcomputer.com/news/security/ransomware-attackers-use-your...
∗∗∗ ACSC Releases Securing Content Management Systems Guide ∗∗∗ --------------------------------------------- The Australian Cyber Security Centre (ACSC) has released a cybersecurity guide outlining strategies for identifying and minimizing risks to web servers from installed content management systems (CMS). --------------------------------------------- https://www.us-cert.gov/ncas/current-activity/2020/03/04/acsc-releases-secur...
∗∗∗ A Zero-Day Homograph Domain Name Attack ∗∗∗ --------------------------------------------- What started as almost casual research in November 2019 and disclosed to various vendors as a vulnerability in November and December 2019 and January 2020 was abruptly reclassified and treated as a zero-day vulnerability on February 13, 2020. --------------------------------------------- https://www.securityweek.com/zero-day-homograph-domain-name-attack
∗∗∗ Academics find 30 file upload vulnerabilities in 23 web apps, CMSes, and forums ∗∗∗ --------------------------------------------- Impacted projects include WordPress, Concrete5, Composr, SilverStripe, ZenCart, and others. --------------------------------------------- https://www.zdnet.com/article/academics-find-30-file-upload-vulnerabilities-...
∗∗∗ Voice assistants can be hacked with ultrasonic waves ∗∗∗ --------------------------------------------- With access to text messages and the ability to make fraudulent phone calls, attackers could wreak more damage than youd think --------------------------------------------- https://www.welivesecurity.com/2020/03/04/voice-assistants-hacked-ultrasonic...
===================== = Vulnerabilities = =====================
∗∗∗ Emerson ValveLink ∗∗∗ --------------------------------------------- This advisory contains mitigations for an improper access control vulnerability in Emersons ValveLink digital valve controllers. --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsa-20-063-01
∗∗∗ PHOENIX CONTACT Emalytics Controller ILC ∗∗∗ --------------------------------------------- This advisory contains mitigations for an incorrect permission assignment for critical resource vulnerability in Phoenix Contacts Emalytics Controller modular inline devices. --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsa-20-063-02
∗∗∗ Omron PLC CJ Series ∗∗∗ --------------------------------------------- This advisory contains mitigations for an uncontrolled resource consumption vulnerability in Omrons PLC CJ Series programmable logic controllers. --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsa-20-063-03
∗∗∗ Moxa AWK-3131A Series Industrial AP/Bridge/Client ∗∗∗ --------------------------------------------- This advisory contains mitigations for several vulnerabilities in Moxas AWK-3131A wireless networking appliance. --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsa-20-063-04
∗∗∗ Security updates for Wednesday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (libzypp), Fedora (opensmtpd and thunderbird), openSUSE (nodejs8), Red Hat (http-parser, kpatch-patch, and xerces-c), SUSE (cloud-init, compat-openssl098, kernel, postgresql96, python, and yast2-rmt), and Ubuntu (python-django and rake). --------------------------------------------- https://lwn.net/Articles/813797/
∗∗∗ Cisco Security Advisories ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/publicationListing.x
∗∗∗ Security Bulletin: WebSphere Liberty susceptible to HTTP2 implementation vulnerabilities ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-websphere-liberty-suscepti...
∗∗∗ Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by a vulnerability in libssh2 (CVE-2016-0787) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-integrated-management-...
∗∗∗ Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (February 2020v3) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-a...
∗∗∗ Security Bulletin: Vulnerability in Apache Commons Beanutils library affect IBM Cúram Social Program Management (CVE-2019-10086) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-co...
∗∗∗ Security Bulletin: A security vulnerability has been addressed in IBM Security Privileged Identity Manager ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-h...
∗∗∗ Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by vulnerability in OpenSSL (CVE-2012-4929) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-integrated-management-...
∗∗∗ Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by a vulnerability with the IPv6 networking support (CVE-2015-2922) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-integrated-management-...
∗∗∗ Security Bulletin: IBM Security Privileged Identity Manager is affected by a security vulnerability ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-privileged-id...
∗∗∗ Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU – Oct 2019 – Includes Oracle Oct 2019 CPU minus CVE-2019-2949 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-sdk-java-technology-ed...
∗∗∗ HPESBHF03987 rev.1 - HPE OneView Global Dashboard (OVGD), Remote Information Disclosure ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=em...
∗∗∗ Red Hat OpenShift Container Platform: Mehrere Schwachstellen ermöglichen Privilegieneskalation ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K20-0189