Deutsch | English

[CERT-daily] Tageszusammenfassung - 01.06.2018

Daily end-of-shift report team at cert.at
Fri Jun 1 18:05:55 CEST 2018


=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 30-05-2018 18:00 − Freitag 01-06-2018 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a

=====================
=       News        =
=====================


∗∗∗ May 2018 mobile malware review from Doctor Web ∗∗∗
---------------------------------------------
May 31, 2018 In May 2018 Doctor Web specialists found several Google Play applications containing the Trojan Android.Click.248.origin. It loaded fraudulent websites on which users subscribed to expensive mobile services. Also ..
---------------------------------------------
https://news.drweb.com/show/?i=12618&lng=en&c=9


∗∗∗ Shell Logins as a Magento Reinfection Vector ∗∗∗
---------------------------------------------
Recently, we have come across a number of websites that were facing reinfection of a credit card information stealer malware within the following files:  app/Mage.php; lib/Varien/Autoload.php; index.php; app/code/core/Mage/Core/functions.php;  These are ..
---------------------------------------------
https://blog.sucuri.net/2018/05/shell-logins-as-a-magento-reinfection-vector.html

∗∗∗ Rig Exploit Kit Now Using CVE-2018-8174 to Deliver Monero Miner ∗∗∗
---------------------------------------------
An exploit kit such as Rig usually starts off with a threat actor compromising a website to inject a malicious script/code that eventually redirects would-be victims to the exploit kit’s landing page. Sometime around ..
---------------------------------------------
https://blog.trendmicro.com/trendlabs-security-intelligence/rig-exploit-kit-now-using-cve-2018-8174-to-deliver-monero-miner/

∗∗∗ Expired domain led to SpamCannibals blacklist eating the whole world ∗∗∗
---------------------------------------------
The domain of the little-used SpamCannibal DNS blacklist had expired, resulting in it ..
---------------------------------------------
https://www.virusbulletin.com:443/blog/2018/05/expired-domain-led-spamcannibal-blacklisting-whole-world/


∗∗∗ Sicherheitslücke gefährdete zehn Jahre lang Millionen Steam-Client-Nutzer ∗∗∗
---------------------------------------------
Der Steam-Client war verwundbar und Angreifer hätten mit vergleichsweise wenig Aufwand Schadcode auf Computer schmuggeln können.
---------------------------------------------
http://heise.de/-4061777


∗∗∗ Browser - WebAuthn: Bei Chrome kann man sich vielerorts nun ohne Passwort anmelden ∗∗∗
---------------------------------------------
Fingerabdruckscanner oder spezielle USB-Sticks können stattdessen verwendet werden
---------------------------------------------
https://derstandard.at/2000080745632/WebAuthn-Bei-Chrome-kann-man-sich-vielerorts-nun-ohne-Passwort



=====================
=  Vulnerabilities  =
=====================


∗∗∗ Cisco TelePresence TX9000 Series Cross-Frame Scripting Vulnerability ∗∗∗
---------------------------------------------
A vulnerability in the web UI of Cisco TelePresence TX9000 Series Software could allow an unauthenticated, remote attacker to conduct a cross-frame scripting (XFS) attack against a user of the web UI of the ..
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-telepres-xfs


∗∗∗ Synology-SA-18:30 SSL VPN Client ∗∗∗
---------------------------------------------
A vulnerability allows remote attackers to conduct man-in-the-middle attacks via a susceptible version of SSL VPN Client.
---------------------------------------------
https://www.synology.com/en-global/support/security/Synology_SA_18_30


∗∗∗ HPESBUX03818 rev.1 - HP-UX Secure Shell, Multiple Remote Vulnerabilities ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily





More information about the Daily mailing list
Kontakt
Email: reports@cert.at
Tel.: +43 1 5056416 78
mehr ...
Warnungen
mehr ...
Blog
mehr ...
Jahresbericht 2017
Ein Resumee zur digitalen Sicherheitslage in Österreich

(HTML, PDF).
Letzte Änderung: 2018/5/28 - 15:00:00
Haftungsausschluss / Datenschutzerklärung