[CERT-daily] Tageszusammenfassung - 19.06.2020

===================== = End-of-Day report = =====================

Timeframe: Donnerstag 18-06-2020 18:00 − Freitag 19-06-2020 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter

===================== = News = =====================

∗∗∗ Hackers use fake Windows error logs to hide malicious payload ∗∗∗ --------------------------------------------- Hackers have been using fake error logs to store ASCII characters disguised as hexadecimal values that decode to a malicious payload designed to prepare the ground for script-based attacks. --------------------------------------------- https://www.bleepingcomputer.com/news/security/hackers-use-fake-windows-erro...

∗∗∗ IBM Maximo Asset Management servers patched against attacks ∗∗∗ --------------------------------------------- Details are hazy but the overall story is clear: if you use IBM’s Maximo Asset Management, make sure you’re patched. --------------------------------------------- https://nakedsecurity.sophos.com/2020/06/19/ibm-maximo-asset-management-serv...

∗∗∗ Sicherheitsupdate für CMS: Drupal anfällig für Remote Code Execution ∗∗∗ --------------------------------------------- Die Drupal-Entwickler haben zwei Sicherheitslücken in mehreren Versionen des Content Management Systems geschlossen. --------------------------------------------- https://heise.de/-4789539

∗∗∗ Security: Four zero-days spotted in attacks on honeypot systems ∗∗∗ --------------------------------------------- Previously unknown attacks used against fake systems show big problems remain with industrial systems security. --------------------------------------------- https://www.zdnet.com/article/security-four-zero-day-attacks-spotted-in-atta...

===================== = Vulnerabilities = =====================

∗∗∗ BlackBerry Powered by Android Security Bulletin - June 2020 ∗∗∗ --------------------------------------------- BlackBerry has released a security update to address multiple vulnerabilities in BlackBerry powered by Android smartphones. We recommend users update to the latest available software build. --------------------------------------------- https://support.blackberry.com/kb/articleDetail?language=en_US&articleNu...

∗∗∗ Kritische 0day-Lücke in 79 Netgear-Router-Modellen ∗∗∗ --------------------------------------------- Über einen Fehler im eingebauten Webserver lassen sich die Geräte kapern – unter Umständen schon beim Besuch einer Webseite mit dem Exploit. --------------------------------------------- https://heise.de/-4789814

∗∗∗ VMSA-2020-0014 ∗∗∗ --------------------------------------------- VMware Tools for macOS update addresses a denial-of-service vulnerability (CVE-2020-3972) --------------------------------------------- https://www.vmware.com/security/advisories/VMSA-2020-0014.html

∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (drupal7), Fedora (dbus, kernel, microcode_ctl, mingw-glib-networking, moby-engine, and roundcubemail), Mageia (libjpeg), openSUSE (chromium and rmt-server), Oracle (kernel and microcode_ctl), Red Hat (rh-nodejs8-nodejs and thunderbird), Slackware (bind), and SUSE (adns, containerd, docker, docker-runc, golang-github-docker-libnetwork, dbus-1, fwupd, gegl, gnuplot, guile, java-1_7_1-ibm, java-1_8_0-ibm, kernel, mozilla-nspr, mozilla-nss, perl, and [...] --------------------------------------------- https://lwn.net/Articles/823736/

∗∗∗ Security Bulletin: Multiple DB2 Database Server Security Vulnerabilities Affect IBM Emptoris Contract Management ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-db2-database-serv...

∗∗∗ Security Bulletin: Multiple vulnerabilities affects IBM Engineering Requirements Management DOORS Next ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-a...

∗∗∗ Security Bulletin: Vulnerability identified in Apache ActiveMQ used in Cloud Pak System (CVE-2020-1941) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-identified-i...

∗∗∗ Security Bulletin: Multiple DB2 Database Server Security Vulnerabilities Affect IBM Emptoris Sourcing ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-db2-database-serv...