[CERT-daily] Tageszusammenfassung - 03.08.2018
Daily end-of-shift report
team at cert.at
Fri Aug 3 18:12:46 CEST 2018
=====================
= End-of-Day report =
=====================
Timeframe: Donnerstag 02-08-2018 18:00 − Freitag 03-08-2018 18:00
Handler: Robert Waldner
Co-Handler: Alexander Riepl
=====================
= News =
=====================
∗∗∗ Cryptominers: Binary-Process-Cron Variants and Methods of Removal ∗∗∗
---------------------------------------------
This post provides a brief overview of how to manually remove server-side cryptominers and other types of Binary-Process-Cron malware from a server. Unlike browser-based JavaScript cryptominers that have been injected into a web page, a binary server-level cryptominer abuses server resources without affecting the computers or mobile devices of site ..
---------------------------------------------
https://blog.sucuri.net/2018/08/cryptominer-variants-removal.html
=====================
= Vulnerabilities =
=====================
∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (busybox, graphicsmagick, and libmspack), Fedora (pam_yubico), Scientific Linux (openslp), Slackware (lftp), SUSE (cups, libtirpc, and thunderbird), and Ubuntu (clamav).
---------------------------------------------
https://lwn.net/Articles/761752/
∗∗∗ IBM Security Bulletin: IBM Maximo Asset Management could allow an authenticated user to obtain sensitive information from the WhoAmI API (CVE-2018-1528) ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=swg22017450
∗∗∗ IBM Security Bulletin: Invalid user group vulnerability in IBM MQ on Unix platform(CVE-2018-1551) ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10716113
∗∗∗ IBM Security Bulletin: Vulnerabilities in Rational DOORS Next Generation with potential for Cross-Site Scripting attack (CVE-2018-1422) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10719817
∗∗∗ IBM Security Bulletin:A vulnerability in GSKit and GSKit-Crypto affects IBM Performance Management products (CVE-2018-1447) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22015283
∗∗∗ HPESBHF03872 rev.1 - HPE Intelligent Management Center Platform (IMC PLAT), Remote Directory Traversal ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03872en_us
∗∗∗ HPESBHF03841 rev.2 - Certain HPE Servers with AMD-based Processors, Multiple Vulnerabilities (Fallout/Masterkey) ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03841en_us
∗∗∗ HPSBGN02298 SSRT071502 rev.3 - HP Notebook PC Quick Launch Button (QLB) Software Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c01300486
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list