===================== = End-of-Day report = =====================
Timeframe: Dienstag 20-08-2019 18:00 − Mittwoch 21-08-2019 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter
===================== = News = =====================
∗∗∗ Fortnite Ransomware Masquerades as an Aimbot Game Hack ∗∗∗ --------------------------------------------- Attackers are taking aim at Fortnites global community of 250 million gamers. --------------------------------------------- https://threatpost.com/fortnite-ransomware-masquerades-as-an-aimbot-game-hac...
∗∗∗ KAPE: Kroll Artifact Parser and Extractor, (Wed, Aug 21st) ∗∗∗ --------------------------------------------- KAPE vs Commando, another Red vs Blue vignette --------------------------------------------- https://isc.sans.edu/diary/rss/25258
∗∗∗ CERT-Bund warnt vor öffentlich erreichbaren Sphinx-Suchservern ∗∗∗ --------------------------------------------- In der Standardkonfiguration sind Sphinx-Server aus dem Internet erreichbar. Dieses Sicherheitsrisiko sollten Admins eindämmen. --------------------------------------------- https://heise.de/-4501757
===================== = Vulnerabilities = =====================
∗∗∗ Security updates for Wednesday ∗∗∗ --------------------------------------------- Security updates have been issued by Fedora (ghostscript, pango, and squirrelmail), openSUSE (libcryptopp, squid, tcpdump, and wireshark), SUSE (flatpak), and Ubuntu (giflib and NLTK). --------------------------------------------- https://lwn.net/Articles/796834/
∗∗∗ Zebra Industrial Printers ∗∗∗ --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsa-19-232-01
∗∗∗ ZDI-19-764: (0Day) WECON LeviStudioU ShortMessage_Module SMtext Stack-based Buffer Overflow Remote Code Execution Vulnerability ∗∗∗ --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-19-764/
∗∗∗ IBM Security Bulletin: A vulnerability in Open Source Libvirt affects IBM Netezza Host Management ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-ope...
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in Open Source Libreswan affect IBM Netezza Host Management ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabiliti...
∗∗∗ IBM Security Bulletin: IBM Netezza Host Management is affected by the vulnerabilities known as Intel Microarchitectural Data Sampling (MDS) and other Kernel vulnerabilities ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-netezza-host-manag...
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in Spring Framework affect IBM InfoSphere Information Server ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabiliti...
∗∗∗ IBM Security Bulletin: Enterprise Content Management System Monitor is affected by a vulnerability in IBM® SDK Java™ Technology Edition ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-enterprise-content-man...
∗∗∗ IBM Security Bulletin: A vulnerability in Open Source Bind affects IBM Netezza Host Management ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-ope...
∗∗∗ IBM Security Bulletin: Privilege escalation in IBM DB2 HPU debug binary via trusted PATH ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-privilege-escalation-i...
∗∗∗ Unauthenticated sensitive information leakage in ZOHO ServiceDesk Software ∗∗∗ --------------------------------------------- https://sec-consult.com/en/blog/advisories/unauthenticated-sensitive-informa...
∗∗∗ FreeBSD Project FreeBSD OS: Mehrere Schwachstellen ermöglichen Denial of Service ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K19-0743