===================== = End-of-Day report = =====================
Timeframe: Freitag 27-03-2020 18:00 − Montag 30-03-2020 18:00 Handler: Thomas Pribitzer Co-Handler: Robert Waldner
===================== = News = =====================
∗∗∗ Sicherheitsupdates: BIG-IP Appliances von F5 angreifbar ∗∗∗ --------------------------------------------- Die Entwickler von F5 haben mehrere Sicherheitslücken in verschiedenen Produkten geschlossen. --------------------------------------------- https://heise.de/-4693455
∗∗∗ A mysterious hacker group is eavesdropping on corporate email and FTP traffic ∗∗∗ --------------------------------------------- Hacker group uses zero-day in DrayTek Vigor enterprise routers and VPN gateways to record network traffic. --------------------------------------------- https://www.zdnet.com/article/a-mysterious-hacker-group-is-eavesdropping-on-...
∗∗∗ Source code of Dharma ransomware pops up for sale on hacking forums ∗∗∗ --------------------------------------------- The source code of one of todays most profitable and advanced ransomware strains is up for sale on two Russian-language hacking forums. --------------------------------------------- https://www.zdnet.com/article/source-code-of-dharma-ransomware-pops-up-for-s...
===================== = Vulnerabilities = =====================
∗∗∗ Security updates for Monday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (php-horde-form and tika), Fedora (dcraw and libmodsecurity), Gentoo (libidn2 and screen), openSUSE (cloud-init, cni, cni-plugins, conmon, fuse-overlayfs, podman, opera, phpMyAdmin, python-mysql-connector-python, ruby2.5, strongswan, and tor), Oracle (ipmitool), Scientific Linux (ipmitool), SUSE (spamassassin and tomcat), and Ubuntu (twisted and webkit2gtk). --------------------------------------------- https://lwn.net/Articles/816267/
∗∗∗ Synology-SA-20:04 Drupal ∗∗∗ --------------------------------------------- A vulnerability allows remote attackers to inject arbitrary web script or HTML via a susceptible version of Drupal. --------------------------------------------- https://www.synology.com/en-global/support/security/Synology_SA_20_04_Drupal
∗∗∗ D-LINK Router: Mehrere Schwachstellen ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K20-0272