[CERT-daily] Tageszusammenfassung - 03.08.2018

Daily end-of-shift report team at cert.at
Fri Aug 3 18:12:46 CEST 2018 

=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 02-08-2018 18:00 − Freitag 03-08-2018 18:00
Handler:     Robert Waldner
Co-Handler:  Alexander Riepl

=====================
=       News        =
=====================


∗∗∗ Cryptominers: Binary-Process-Cron Variants and Methods of Removal ∗∗∗
---------------------------------------------
This post provides a brief overview of how to manually remove server-side cryptominers and other types of Binary-Process-Cron malware from a server. Unlike browser-based JavaScript cryptominers that have been injected into a web page, a binary server-level cryptominer abuses server resources without affecting the computers or mobile devices of site ..
---------------------------------------------
https://blog.sucuri.net/2018/08/cryptominer-variants-removal.html


=====================
=  Vulnerabilities  =
=====================


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (busybox, graphicsmagick, and libmspack), Fedora (pam_yubico), Scientific Linux (openslp), Slackware (lftp), SUSE (cups, libtirpc, and thunderbird), and Ubuntu (clamav).
---------------------------------------------
https://lwn.net/Articles/761752/


∗∗∗ IBM Security Bulletin: IBM Maximo Asset Management could allow an authenticated user to obtain sensitive information from the WhoAmI API (CVE-2018-1528) ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=swg22017450


∗∗∗ IBM Security Bulletin: Invalid user group vulnerability in IBM MQ on Unix platform(CVE-2018-1551) ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10716113


∗∗∗ IBM Security Bulletin: Vulnerabilities in Rational DOORS Next Generation with potential for Cross-Site Scripting attack (CVE-2018-1422) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10719817


∗∗∗ IBM Security Bulletin:A vulnerability in GSKit and GSKit-Crypto affects IBM Performance Management products (CVE-2018-1447) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22015283


∗∗∗ HPESBHF03872 rev.1 - HPE Intelligent Management Center Platform (IMC PLAT), Remote Directory Traversal ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03872en_us


∗∗∗ HPESBHF03841 rev.2 - Certain HPE Servers with AMD-based Processors, Multiple Vulnerabilities (Fallout/Masterkey) ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03841en_us


∗∗∗ HPSBGN02298 SSRT071502 rev.3 - HP Notebook PC Quick Launch Button (QLB) Software Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c01300486

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

More information about the Daily mailing list