===================== = End-of-Day report = =====================
Timeframe: Freitag 31-01-2020 18:00 − Montag 03-02-2020 18:00 Handler: Thomas Pribitzer Co-Handler: n/a
===================== = News = =====================
∗∗∗ Devious Spamhaus Phishing Scam Warns Youre on an Email Block List ∗∗∗ --------------------------------------------- A new phishing campaign distributing malware pretends to be from the Spamhaus Project warning that the recipients email address has been added to a spam block list due to sending unsolicited email. --------------------------------------------- https://www.bleepingcomputer.com/news/security/devious-spamhaus-phishing-sca...
∗∗∗ Abo-Falle durch gefälschte E-Mail von „Zoll Österreich“ ∗∗∗ --------------------------------------------- Eine neue Massenmail landet momentan im Posteingang unzähliger InternetnutzerInnen. In der Nachricht von „Zoll Österreich“ heißt es, dass eine Zollgebühr nicht bezahlt wurde. Dem Inhalt der E-Mail darf kein Glauben geschenkt werden, denn sie wird von Kriminellen verschickt. Eine Dateneingabe führt hier in eine teure Abo-Falle für 90 Euro monatlich. --------------------------------------------- https://www.watchlist-internet.at/news/abo-falle-durch-gefaelschte-e-mail-vo...
∗∗∗ Hackers are hijacking smart building access systems to launch DDoS attacks ∗∗∗ --------------------------------------------- More than 2,300 building access systems can be hijacked due to a severe vulnerability left without a fix. --------------------------------------------- https://www.zdnet.com/article/hackers-are-hijacking-smart-building-access-sy...
∗∗∗ Windows 10 PCs get these new Intel chip security updates for Zombieload attacks ∗∗∗ --------------------------------------------- Microsoft helps Intel deliver its latest microcode security updates to mitigate the Zombieload threat. --------------------------------------------- https://www.zdnet.com/article/windows-10-pcs-get-these-new-intel-chip-securi...
===================== = Vulnerabilities = =====================
∗∗∗ Security Advisory 2020-01-31-1 - Opkg susceptible to MITM (CVE-2020-7982) ∗∗∗ --------------------------------------------- A bug in the package list parse logic of OpenWrts opkg fork caused the package manager to ignore SHA-256 checksums embedded in the signed repository index, effectively bypassing integrity checking of downloaded .ipk artifacts. --------------------------------------------- https://lists.infradead.org/pipermail/openwrt-devel/2020-January/021544.html
∗∗∗ Security updates for Monday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (opensmtpd), Debian (firefox-esr, libidn2, libjackson-json-java, prosody-modules, qemu, qtbase-opensource-src, spamassassin, and sudo), Fedora (e2fsprogs, java-1.8.0-openjdk, mingw-openjpeg2, openjpeg2, samba, sox, upx, webkit2gtk3, and xar), Red Hat (git), Scientific Linux (git), Slackware (sudo), SUSE (ceph and rmt-server), and Ubuntu (sudo). --------------------------------------------- https://lwn.net/Articles/811368/
∗∗∗ Strong Testimonials < 2.40.1 - Stored Cross Site Scripting (XSS) ∗∗∗ --------------------------------------------- https://wpvulndb.com/vulnerabilities/10056
∗∗∗ Security Bulletin: Rational Asset Analyzer is affected by a WebSphere Application Server vulnerability ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-is...
∗∗∗ Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Log4j ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-watson-discovery-for-i...
∗∗∗ Security Bulletin: Vulnerabilities affect Watson Explorer Foundational Components (CVE-2019-1563, CVE-2019-1549, CVE-2019-1547) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-affect-wat...
∗∗∗ Security Bulletin: IBM API Connect is impacted by vulnerabilities in Golang (CVE-2019-17596) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-impacte...
∗∗∗ Security Bulletin: Rational Asset Analyzer (RAA) is affected by a WebSphere Application Server vulnerability ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-ra...
∗∗∗ Security Bulletin: Rational Asset Analyzer is affected by a WebSphere Application Server vulnerability. ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-is...
∗∗∗ Security Bulletin: Information Disclosure in IBM StoredIQ (CVE-2020-4224) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-information-disclosure-in-...
∗∗∗ Security Bulletin: Rational Asset Analyzer (RAA) is affected by a WAS vulnerability. ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-ra...
∗∗∗ Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by multiple vulnerabilities in Java ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-watson-discovery-for-i...
∗∗∗ Security Bulletin: Rational Asset Analyzer (RAA) is affected by several WebSphere Application Server vulnerabilities. ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-ra...