===================== = End-of-Day report = =====================
Timeframe: Donnerstag 28-06-2018 18:00 − Freitag 29-06-2018 18:00 Handler: Olaf Schwarz Co-Handler: Stephan Richter
===================== = News = =====================
∗∗∗ File-Wiping Malware Placed Inside Gentoo Linux Code After GitHub Account Hack ∗∗∗ --------------------------------------------- An unknown hacker has temporarily taken control over the GitHub account of the Gentoo Linux organization and embedded malicious code inside the operating systems distributions that would delete user files. --------------------------------------------- https://www.bleepingcomputer.com/news/linux/file-wiping-malware-placed-insid...
∗∗∗ Samsung-Smartphones schicken unbemerkt Fotos an Kontakte ∗∗∗ --------------------------------------------- Ein Fehler in Samsung-Handys schickt zufällig verschiedene Fotos an im Telefonbuch gespeicherte Kontakte. --------------------------------------------- https://futurezone.at/produkte/samsung-smartphones-schicken-unbemerkt-fotos-...
∗∗∗ Überwachungskameras schickten Videos an falsche Nutzer ∗∗∗ --------------------------------------------- Bereits zum zweiten Mal wird ein Fall bekannt, in denen Kameras des Herstellers Swann Security Videobilder an die falschen Nutzer senden. --------------------------------------------- https://futurezone.at/digital-life/ueberwachungskameras-schickten-videos-an-...
∗∗∗ RIG Exploit Kit Delivering Monero Miner Via PROPagate Injection Technique ∗∗∗ --------------------------------------------- Through FireEye Dynamic Threat Intelligence (DTI), we observed RIG Exploit Kit (EK) delivering a dropper that leverages the PROPagate injection technique to inject code that downloads and executes a Monero miner (similar activity has been reported by Trend Micro). Apart from leveraging a relatively lesser known injection technique, the attack chain has some other interesting properties that we will touch on in this blog post. --------------------------------------------- http://www.fireeye.com/blog/threat-research/2018/06/rig-ek-delivering-monero...
∗∗∗ Rampage: Neuer Rowhammer-Angriff betrifft alle Android-Handys seit 2011 ∗∗∗ --------------------------------------------- Mit einer neuen Technik lässt sich der Speicher von Android-Geräten manipulieren. Der Angreifer wird so auf die harte Art zum Admin. --------------------------------------------- http://heise.de/-4094782
===================== = Vulnerabilities = =====================
∗∗∗ Medtronic MyCareLink Patient Monitor ∗∗∗ --------------------------------------------- This advisory includes mitigation recommendations for hard-coded password and exposed dangerous method or function vulnerabilities reported in Medtronics MyCareLink Patient Monitors. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSMA-18-179-01
∗∗∗ VMSA-2018-0016 ∗∗∗ --------------------------------------------- VMware ESXi, and Workstation updates address multiple out-of-bounds read vulnerabilities --------------------------------------------- https://www.vmware.com/security/advisories/VMSA-2018-0016.html
∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (firefox), Debian (firefox-esr, lava-server, libgcrypt20, mariadb-10.0, and zendframework), Fedora (firefox, podman, webkitgtk4, and xen), openSUSE (procps and unixODBC), Oracle (pki-core), Red Hat (firefox), SUSE (kernel, procps, and tomcat6), and Ubuntu (file and nasm). --------------------------------------------- https://lwn.net/Articles/758656/