===================== = End-of-Day report = =====================
Timeframe: Mittwoch 21-11-2018 18:00 − Donnerstag 22-11-2018 18:00 Handler: Stephan Richter Co-Handler: Alexander Riepl
===================== = News = =====================
∗∗∗ New mining Trojan for Linux removes anti-viruses ∗∗∗ --------------------------------------------- November 20, 2018 One of today’s most common ways of obtaining illegal earnings is to mine cryptocurrency covertly, using the resources of a computer without the owner’s consent. Doctor Web recently discovered a .. --------------------------------------------- https://news.drweb.com/show/?i=12942&lng=en&c=9
∗∗∗ ECCploit: Rowhammer-Angriff funktioniert auch mit ECC ∗∗∗ --------------------------------------------- Ein Forscherteam konnte zeigen, dass Angriffe mit Bitflips im Arbeitsspeicher auch dann möglich sind, wenn man Speichermodule mit Fehlerkorrektur verwendet. --------------------------------------------- https://www.golem.de/news/eccploit-rowhammer-angriff-funktioniert-auch-mit-e...
∗∗∗ Malware scum want to build a Linux botnet using Mirai ∗∗∗ --------------------------------------------- Hadoop YARN is the attack vector, so lock it away Diligent hackers .. --------------------------------------------- www.theregister.co.uk/2018/11/22/mirai_for_linux_on_x86/
∗∗∗ Markenfälschungen auf rmc-bad-grosspertholz.at ∗∗∗ --------------------------------------------- Bei rmc-bad-grosspertholz.at finden Sie Markenkleidung, Schuhe und Accessoires zu sagenhaften Preisen. Erwarten Sie sich jedoch nicht viel von Ihrer Bestellung, Sie werden – falls überhaupt – minderwertige Waren .. --------------------------------------------- https://www.watchlist-internet.at/news/markenfaelschungen-auf-rmc-bad-grossp...
∗∗∗ Achtung: Betrug über den Amazon Marketplace ∗∗∗ --------------------------------------------- Kriminelle übernehmen Amazon-Händlerkonten und bieten günstige Waren an. Ihre Bestellung wird zunächst angenommen, dann aber grundlos storniert. Kontaktieren Sie die Anbieter per E-Mail, erhalten Sie .. --------------------------------------------- https://www.watchlist-internet.at/news/achtung-betrug-ueber-den-amazon-marke...
===================== = Vulnerabilities = =====================
∗∗∗ IBM Security Bulletin: Java Vulnerability Affects IBM Sterling Connect:Direct Browser User Interface (CVE-2018-1656) ∗∗∗ --------------------------------------------- There is a vulnerability in IBM® Runtime Environment Java Technology Edition, Version 8 that is used by IBM Sterling Connect:Direct Browser User Interface. These issues were disclosed as part of the .. --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-java-vulnerability-aff...
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in Apache Tomcat, Open SSL, and Apache HTTPD affects Rational Build Forge ∗∗∗ --------------------------------------------- Apache Tomcat, Open SSL, and Apache Tomcat have multiple security vulnerabilities that could allow a remote attacker to exploit the Rational Build Forge application. Respective security vulnerabilities are discussed in .. --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabiliti...
∗∗∗ IBM Security Bulletin: WebSphere MQ V5.3 for HP NonStop Server (MIPS and Itanium) is affected by OpenSSL vulnerability CVE-2018-0732 ∗∗∗ --------------------------------------------- Security Bulletin: WebSphere MQ V5.3 for HP NonStop Server (MIPS and Itanium) is affected by OpenSSL vulnerability CVE-2018-0732CVE(s): CVE-2018-0732Affected product(s) and affected version(s):WebSphere .. --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-websphere-mq-v5-3-for-...
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus, IBM App Connect Enterpise v11 and WebSphere Message Broker ∗∗∗ --------------------------------------------- Summary There are multiple vulnerabilities in IBM® SDK Java Technology Edition, Version 8.0.5.5 & 8.0.5.15 and IBM® Runtime Environment Java Versions 7.0.10.15 & 7.0.10.25 used by IBM Integration .. --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabiliti...
∗∗∗ IBM Security Bulletin: WebSphere MQ V5.3 for HP NonStop Server (MIPS and Itanium) is affected by OpenSSL vulnerability CVE-2018-0737 ∗∗∗ --------------------------------------------- WebSphere MQ V5.3 for HP NonStop Server (MIPS and Itanium) has addressed the following vulnerability: CVE-2018-0737 CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)CVE(s): CVE-2018-0737Affected .. --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-websphere-mq-v5-3-for-...
∗∗∗ Download WP-DBManager <= 2.79.1 - Arbitrary File Delete ∗∗∗ --------------------------------------------- https://wpvulndb.com/vulnerabilities/9151
∗∗∗ Security Advisory - Smart SMS Verification Code Vulnerability in Some Huawei Smart Phones ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2018/huawei-sa-20181121-0...
∗∗∗ Moodle Login Access Control Flaw Lets Remote Users Conduct Cross-Site Request Forgery Attacks ∗∗∗ --------------------------------------------- http://www.securitytracker.com/id/1042154
∗∗∗ WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0008 ∗∗∗ --------------------------------------------- https://webkitgtk.org/security/WSA-2018-0008.html