===================== = End-of-Day report = =====================
Timeframe: Freitag 28-02-2020 18:00 − Montag 02-03-2020 18:00 Handler: Stephan Richter Co-Handler: Thomas Pribitzer
===================== = News = =====================
∗∗∗ New Evasion Encyclopedia Shows How Malware Detects Virtual Machines ∗∗∗ --------------------------------------------- A new Malware Evasion Encyclopedia has been launched that offers insight into the various methods malware uses to detect if it is running under a virtual environment. --------------------------------------------- https://www.bleepingcomputer.com/news/security/new-evasion-encyclopedia-show...
∗∗∗ Secure vs. cleartext protocols - couple of interesting stats, (Mon, Mar 2nd) ∗∗∗ --------------------------------------------- For a very long time, there has been a strong effort aimed toward moving all potentially sensitive network-based communications from unencrypted protocols to the secure and encrypted ones. And with the recently released APWG report noting that 74% of phishing sites used HTTPS in the last quarter of 2019[1] and Apples supposed plan to start supporting only TLS certificates with no more than one year period of validity [...] --------------------------------------------- https://isc.sans.edu/diary/rss/25854
∗∗∗ Was Emotet anrichtet – und welche Lehren die Opfer daraus ziehen ∗∗∗ --------------------------------------------- Im niedersächsischen Neustadt schlug der Trojaner Emotet mit voller Wucht zu. Nun spricht die Stadtverwaltung offen über das Desaster – damit andere lernen. --------------------------------------------- https://heise.de/-4665958
∗∗∗ Large-scale phishing attack on Western Europe ∗∗∗ --------------------------------------------- Beginning in November 2019, 360 Security Center detected multiple large-scale cyber attack incidents carrying AgentTesla stealing Trojans. This cyber attack mainly targeted countries in Western Europe [...] --------------------------------------------- https://blog.360totalsecurity.com/en/large-scale-phishing-attack-on-western-...
===================== = Vulnerabilities = =====================
∗∗∗ NVIDIA schließt Lücken in GPU-Treiber und vGPU-Software ∗∗∗ --------------------------------------------- Von insgesamt fünf Lücken in NVIDIAs GPU Display-Treiber für Windows und in der vGPU-Software geht ein teils hohes Sicherheitsrisiko aus. Es gibt Updates. --------------------------------------------- https://heise.de/-4672318
∗∗∗ Security Bulletin: Multiple vulnerabilities of Mozzila Firefox (less than Firefox 68.3 ESR) have affected Synthetic Playback Agent 8.1.4.0 – 8.1.4 IF10 + ICAM 3.0 – 4.0 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-o...
∗∗∗ Security Bulletin: IBM Aspera Shares Web Application is affected by NGINX Vulnerabilities (CVE-2019-13067) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-aspera-shares-web-appl...
∗∗∗ Security Bulletin: IBM Security Information Queue has overly permissive CORS policy (CVE-2020-4292) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-information-q...
∗∗∗ Security Bulletin: IBM RackSwitch firmware products are affected by the following OpenSLL vulnerability ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rackswitch-firmware-pr...
∗∗∗ Security Bulletin: Addressing the Sqlite Vulnerability CVE-2019-16168, CVE-2019-19242 and CVE-2019-19244 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-addressing-the-sqlite-vuln...
∗∗∗ Security Bulletin: Aspera Web Shares application is affected by NGINX Vulnerabilities (CVE-2019-12208, CVE-2019-12207) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-aspera-web-shares-applicat...
∗∗∗ Security Bulletin: WebSphere Application Server is vulnerable to a denial of service shipped with Jazz for Service Management (CVE-2019-4720) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-websphere-application-serv...
∗∗∗ Security Bulletin: A vulnerability in Python affects IBM Operations Analytics Predictive Insights (CVE-2019-10160) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-python-...
∗∗∗ Security Bulletin: A vulnerability in Python affects IBM Operations Analytics Predictive Insights (CVE-2018-14647) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-python-...
∗∗∗ Security Bulletin: Vulnerabilities in Python affect IBM Operations Analytics Predictive Insights (CVE-2019-9948, CVE-2019-9947) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-python-...
∗∗∗ Security Bulletin: A security vulnerability has been identified in SQLite shipped with PowerAI. ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-h...
∗∗∗ Security Bulletin: A security vulnerability has been identified in SQLite shipped with PowerAI. ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-h...
∗∗∗ Security Bulletin: A security vulnerability has been identified in SQLite shipped with PowerAI. ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-h...
∗∗∗ Security Bulletin: A security vulnerability has been identified in TensorFlow shipped with PowerAI. ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-h...