===================== = End-of-Day report = =====================
Timeframe: Freitag 23-11-2018 18:00 − Montag 26-11-2018 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter
===================== = News = =====================
∗∗∗ His phone went dark, then $1m was sucked out in SIM-swap crypto-heist ∗∗∗ --------------------------------------------- A 21-year-old allegedly SIM-swapped Silicon Valley execs' phones to steal cryptocurrency, including one mans $1m tuition fund for his kids. --------------------------------------------- https://nakedsecurity.sophos.com/2018/11/26/his-phone-went-dark-then-1m-was-...
∗∗∗ Unseriöse Handwerker aus dem Internet ∗∗∗ --------------------------------------------- Konsument/innen, die in der Nacht Probleme mit ihren Heizkörpern, ihrem Schloss oder ihrer Elektronik haben, können über das Internet unseriöse Installateur/innen, Schlosser/innen oder Elektriker/innen finden. Sie werben auf Websites mit günstigen Angeboten. Vor Ort verlangen die Unternehmen jedoch ein Vielfaches des vereinbarten Preises. Nachträgliche Beanstandungen sind nicht möglich, weil sie Kund/innen erfundene Daten nennen. --------------------------------------------- https://www.watchlist-internet.at/news/unserioese-handwerker-aus-dem-interne...
===================== = Vulnerabilities = =====================
∗∗∗ Security updates for Monday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (gnuplot5, icecast2, liblivemedia, otrs2, phpbb3, roundcube, squid3, and xml-security-c), Fedora (kio-extras, tmux, and xen), Gentoo (asterisk, chromium, exiv2, ghostscript-gpl, and thunderbird), openSUSE (libwpd, openssl, openssl-1_1, postgresql10, and SDL2_image), Red Hat (chromium-browser, rh-mysql57-mysql, rh-nginx110-nginx, and rh-nginx18-nginx), SUSE (exiv2, libgcrypt, rpm, and tiff), and Ubuntu (firefox and qemu). --------------------------------------------- https://lwn.net/Articles/772954/
∗∗∗ ZDI-18-1361: (0Day) INVT Electric VT-Designer PM3 File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability ∗∗∗ --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-18-1361/
∗∗∗ ZDI-18-1360: (0Day) INVT Electric VT-Designer File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability ∗∗∗ --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-18-1360/
∗∗∗ IBM Security Bulletin: Vulnerability in IBM Java Runtime affects IBM Storwize V7000 Unified (CVE-2016-0705) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-ibm-j...
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Snapshot for VMware (CVE-2018-1656, CVE-2018-12539) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabiliti...
∗∗∗ IBM Security Bulletin: Content Collector for Email is affected by spoofing attack vulnerability in WAS Logout Form ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-content-collector-for-...
∗∗∗ IBM Security Bulletin: Content Collector for Email is affected by java deserialization vulnerability resulting in execution of untrusted data via the application server’s SOAP port ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-content-collector-for-...
∗∗∗ IBM Security Bulletin: Information Disclosure in IBM WebSphere Application Server Liberty affects IBM Spectrum Protect Snapshot for VMware (CVE-2018-1553) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-information-disclosure...
∗∗∗ git: Schwachstelle ermöglicht Privilegieneskalation ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K18-1120