[CERT-daily] Tageszusammenfassung - 12.12.2018
Daily end-of-shift report
team at cert.at
Wed Dec 12 18:14:39 CET 2018
=====================
= End-of-Day report =
=====================
Timeframe: Dienstag 11-12-2018 18:00 − Mittwoch 12-12-2018 18:00
Handler: Dimitri Robl
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ Logitech Options: Logitech-Software ermöglicht bösartige Codeausführung ∗∗∗
---------------------------------------------
In einer Software zur Konfiguration von Logitech-Tastaturen und Mäusen klafft ein riesiges Sicherheitsloch. Nutzer von Logitech Options sollten es vorerst deinstallieren: Bisher gibt es keinen Fix. (Logitech, Eingabegerät)
---------------------------------------------
https://www.golem.de/news/logitech-options-logitech-software-ermoeglicht-boesartige-codeausfuehrung-1812-138218-rss.html
∗∗∗ Adventures in Video Conferencing Part 3: The Even Wilder World of WhatsApp ∗∗∗
---------------------------------------------
Posted by Natalie Silvanovich, Project ZeroWhatsApp is another application that supports video conferencing that does not use WebRTC as its core implementation. Instead, it uses PJSIP, which contains some WebRTC code, but also contains a substantial amount of other code, and predates the WebRTC project. I fuzzed this implementation to see if it had similar results to WebRTC and FaceTime.Fuzzing Set-upPJSIP is open source, so it was easy to identify the PJSIP code in the Android WhatsApp binary [...]
---------------------------------------------
https://googleprojectzero.blogspot.com/2018/12/adventures-in-video-conferencing-part-3.html
∗∗∗ A bug in Microsoft’s login system made it easy to hijack anyone’s Office account ∗∗∗
---------------------------------------------
A string of bugs when chained together created the perfect attack to gain access to someones Microsoft account - simply by tricking a user into clicking a link.
---------------------------------------------
https://techcrunch.com/2018/12/11/microsoft-login-bug-hijack-office-accounts/
∗∗∗ Patchday: Attacken auf Windows-Kernel-Lücke ∗∗∗
---------------------------------------------
Microsoft hat wichtige Sicherheitsupdates für Office, Windows & Co. veröffentlicht. Mehrere Schwachstellen gelten als kritisch.
---------------------------------------------
http://heise.de/-4248309
∗∗∗ Sicherheitsupdates: Angreifer könnten IP-Kameras von Bosch übernehmen ∗∗∗
---------------------------------------------
Einige IP-Kamera-Modelle von Bosch sind über eine als kritisch eingestufte Sicherheitslücke attackierbar. Updates schaffen Abhilfe.
---------------------------------------------
http://heise.de/-4248751
∗∗∗ Bitcoin Profit ist Betrug ∗∗∗
---------------------------------------------
Auf einer gefälschten orf.at-Website bewerben Kriminelle die Trading-Plattform Bitcoin Profit. In dem irreführenden Beitrag behaupten sie, dass es damit sehr einfach sei, sehr hohe Gewinne zu erzielen. Über die Werbung gelangen Leser/innen auf btcprofitnow.pro. Melden sie sich auf der Website für Bitcoin Profit an und überweisen sie ihr Geld an Kriminelle, verlieren sie es und ihre Daten an Betrüger/innen.
---------------------------------------------
https://www.watchlist-internet.at/news/bitcoin-profit-ist-betrug/
∗∗∗ Schadsoftware in gefälschter DHL-Sendungsbenachrichtigung ∗∗∗
---------------------------------------------
Zur Weihnachtszeit ist es leicht möglich, dass Sie Versandbenachrichtigungen in Ihrem E-Mail-Posteingang erwarten. Dennoch überrascht Sie dort womöglich eine gefälschte DHL-Nachricht. Die Mail gibt vor, Sie über eine anstehende Lieferung zu informieren, die gar nicht existiert. Wenn Sie auf den Link in der Nachricht klicken, wird versucht eine Datei herunterzuladen. Vorsicht! Diese vermeintliche Word-Datei enthält Schadsoftware.
---------------------------------------------
https://www.watchlist-internet.at/news/schadsoftware-in-gefaelschter-dhl-sendungsbenachrichtigung/
=====================
= Vulnerabilities =
=====================
∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (chromium, firefox, lib32-openssl, lib32-openssl-1.0, openssl, openssl-1.0, texlive-bin, and wireshark-cli), Fedora (perl), openSUSE (pdns), Oracle (kernel), Red Hat (kernel), Slackware (mozilla), SUSE (kernel, postgresql10, qemu, and xen), and Ubuntu (firefox, freerdp, freerdp2, pixman, and poppler).
---------------------------------------------
https://lwn.net/Articles/774731/
∗∗∗ Security Advisory - Cache Timing Vulnerability in OpenSSL RSA Key Generation ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2018/huawei-sa-20181212-01-cache-en
∗∗∗ IBM Security Bulletin: Denial of service vulnerability affects IBM Unified Extensible Firmware Interface (CVE-2018-9085) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-denial-of-service-vulnerability-affects-ibm-unified-extensible-firmware-interface-cve-2018-9085/
∗∗∗ IBM Security Bulletin: Vulnerabilities in OpenSSL affect AIX (CVE-2018-0734, CVE-2018-5407) Security Bulletin ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabilities-in-openssl-affect-aix-cve-2018-0734-cve-2018-5407-security-bulletin/
∗∗∗ IBM Security Bulletin: Vulnerability in Xorg affects AIX (CVE-2018-14665) Security Bulletin ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-xorg-affects-aix-cve-2018-14665-security-bulletin/
∗∗∗ IBM Security Bulletin: Vulnerabilities in IBM Java Runtime affect Rational Publishing Engine ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabilities-in-ibm-java-runtime-affect-rational-publishing-engine-2/
∗∗∗ IBM Security Bulletin: Vulnerability in Oracle Solaris affects AIX (CVE-2017-3623) Security Bulletin ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-oracle-solaris-affects-aix-cve-2017-3623-security-bulletin/
∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a Using Components with Known Vulnerabilities vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-is-affected-by-a-using-components-with-known-vulnerabilities-vulnerability-11/
∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a Using Components with Known Vulnerabilities vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-is-affected-by-a-using-components-with-known-vulnerabilities-vulnerability-10/
∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a Using Components with Known Vulnerabilities vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-is-affected-by-a-using-components-with-known-vulnerabilities-vulnerability-9/
∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a Using Components with Known Vulnerabilities vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-is-affected-by-a-using-components-with-known-vulnerabilities-vulnerability-8/
∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a Using Components with Known Vulnerabilities vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-is-affected-by-a-using-components-with-known-vulnerabilities-vulnerability-7/
∗∗∗ BIG-IP SNMP vulnerability CVE-2018-15328 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K42027747
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list