[CERT-daily] Tageszusammenfassung - 15.02.2018

Thu Feb 15 18:04:48 CET 2018

=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 14-02-2018 18:00 − Donnerstag 15-02-2018 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a

=====================
=       News        =
=====================


∗∗∗ Spam and phishing in 2017 ∗∗∗
---------------------------------------------
The share of spam in email traffic in 2017 fell by 1.68% to 56.63%. The lowest share (52.67%) was recorded in December 2017. The highest (59.56%) belonged to September. In 2017, the Anti-Phishing system was triggered 246,231,645 times on computers of Kaspersky Lab users as a result of phishing redirection attempts.
---------------------------------------------
http://securelist.com/spam-and-phishing-in-2017/83833/


∗∗∗ Inside the MSRC– The Monthly Security Update Releases ∗∗∗
---------------------------------------------
For the second in this series of blog entries we want to look into which vulnerability reports make it into the monthly release cadence. It may help to start with some history. In September 2003 we made a change from a release anytime approach to a mostly predictable, monthly release cadence. October 2003 ushered in ..
---------------------------------------------
https://blogs.technet.microsoft.com/msrc/2018/02/14/inside-the-msrc-the-monthly-security-update-releases/


∗∗∗ Multi-Stage Email Word Attack without Macros ∗∗∗
---------------------------------------------
Malware authors often distribute malware through code macros in Microsoft Office documents such as Word, Excel, or PowerPoint. Regardless of the particular Office version, macros can be executed whenever the user opens the file. By default users get warnings from ..
---------------------------------------------
https://www.trustwave.com/Resources/SpiderLabs-Blog/Multi-Stage-Email-Word-Attack-without-Macros/


∗∗∗ Besser vernetzt - besser geschützt ∗∗∗
---------------------------------------------
Zweitägiger Workshop im BRZ ermöglicht raschere Reaktion auf Malware und andere Bedrohungen. 70 Teilnehmer/innen von österreichischen und internationalen CERTs waren dabei.
---------------------------------------------
https://www.brz.gv.at/BRZ_News/besser_vernetzt_besser_geschuetzt.html


∗∗∗ MeltdownPrime & SpectrePrime: Neue Software automatisiert CPU-Angriffe ∗∗∗
---------------------------------------------
Nach Meltdown und Spectre hatten Experten prognostiziert, dass das Zuschneiden auf spezifische Chips eine Weile dauern würde. Dieser Prozess lässt sich nun durch Automatisierung beschleunigen. Dabei wurden auch neue Variationen der Angriffe gefunden.
---------------------------------------------
https://www.heise.de/meldung/MeltdownPrime-SpectrePrime-Neue-Software-automatisiert-CPU-Angriffe-3970686.html


∗∗∗ Cryptojacking: Hacker infiltrieren 5.000 Websites, verdienen nur 23 Euro ∗∗∗
---------------------------------------------
Laut Angaben von Skript-Entwickler Coinhive – Angreifer schleusten Code in Vorlese-Plugin ..
---------------------------------------------
http://derstandard.at/2000074318850


∗∗∗ COINHOARDER: Tracking a Ukrainian Bitcoin Phishing Ring DNS Style ∗∗∗
---------------------------------------------
This post is authored by Jeremiah OConnor and Dave Maynor with contributions from Artsiom Holub and Austin McBride. Executive SummaryCisco has been tracking a bitcoin theft campaign for over 6 months. The campaign was discovered internally and researched with the aid of an intelligence sharing partnership with Ukraine Cyberpolice. The campaign ..
---------------------------------------------
http://blog.talosintelligence.com/2018/02/coinhoarder.html


=====================
=  Vulnerabilities  =
=====================


∗∗∗ DSA-4112 xen - security update ∗∗∗
---------------------------------------------
https://www.debian.org/security/2018/dsa-4112


∗∗∗ Entity API - Moderately critical - Information Disclosure - SA-CONTRIB-2018-013 ∗∗∗
---------------------------------------------
https://www.drupal.org/sa-contrib-2018-013


∗∗∗ Entity Backup - Critical - Module Unsupported - SA-CONTRIB-2018-012 ∗∗∗
---------------------------------------------
https://www.drupal.org/sa-contrib-2018-012

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily