[CERT-daily] Tageszusammenfassung - 12.07.2018

Daily end-of-shift report team at cert.at
Thu Jul 12 18:09:57 CEST 2018


=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 11-07-2018 18:00 − Donnerstag 12-07-2018 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Hawkeye Keylogger – Reborn v8: An in-depth campaign analysis ∗∗∗
---------------------------------------------
Much of cybercrime today is fueled by underground markets where malware and cybercriminal services are available for purchase. These markets in the deep web commoditize malware operations. Even novice cybercriminals can buy malware toolkits and other services they ..
---------------------------------------------
https://cloudblogs.microsoft.com/microsoftsecure/2018/07/11/hawkeye-keylogger-reborn-v8-an-in-depth-campaign-analysis/


∗∗∗ Ransomware is so 2017, its all cryptomining now among the script kiddies ∗∗∗
---------------------------------------------
Plus: Hackers take crack at cloud, phones come pre-pwned, malwares going multi-plat The number of organisations affected by cryptomining malware in the first half of 2018 ramped up to 42 per cent, compared to 20.5 per cent ..
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2018/07/12/malware_sitrep/


∗∗∗ Mitigating Spectre with Site Isolation in Chrome ∗∗∗
---------------------------------------------
Speculative execution side-channel attacks like Spectre are a newly discovered security risk for web browsers. A website could use such attacks to steal data or login information from other websites that are open in the browser. To better mitigate these attacks, were excited to announce that Chrome 67 has enabled a security ..
---------------------------------------------
https://security.googleblog.com/2018/07/mitigating-spectre-with-site-isolation.html


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Cisco Web Security Appliance Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the ..
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-wsa-xss


∗∗∗ TYPO3-CORE-SA-2018-003: Privilege Escalation & SQL Injection in TYPO3 CMS ∗∗∗
---------------------------------------------
It has been discovered, that TYPO3 CMS is vulnerable to Privilege Escalation and SQL Injection.
---------------------------------------------
https://typo3.org/security/advisory/typo3-core-sa-2018-003/


∗∗∗ TYPO3-CORE-SA-2018-002: Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS ∗∗∗
---------------------------------------------
It has been discovered, that TYPO3 CMS is vulnerable to Insecure Deserialization & Arbitrary Code Execution.
---------------------------------------------
https://typo3.org/security/advisory/typo3-core-sa-2018-002/


∗∗∗ TYPO3-CORE-SA-2018-001: Authentication Bypass in TYPO3 CMS ∗∗∗
---------------------------------------------
It has been discovered, that TYPO3 CMS is vulnerable to Authentication Bypass.
---------------------------------------------
https://typo3.org/security/advisory/typo3-core-sa-2018-001/


∗∗∗ EU Cookie Compliance - Moderately critical - Cross Site Scripting - SA-CONTRIB-2018-047 ∗∗∗
---------------------------------------------
https://www.drupal.org/sa-contrib-2018-047


∗∗∗ Remote Code Execution and Local File Disclosure in Zeta Producer Desktop CMS ∗∗∗
---------------------------------------------
https://www.sec-consult.com/en/blog/advisories/remote-code-execution-local-file-disclosure-zeta-producer-desktop-cms/


∗∗∗ Synology-SA-18:35 File Station ∗∗∗
---------------------------------------------
https://www.synology.com/en-global/support/security/Synology_SA_18_35

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list