[CERT-daily] Tageszusammenfassung - 07.11.2018

Daily end-of-shift report team at cert.at
Wed Nov 7 18:21:04 CET 2018


=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 06-11-2018 18:00 − Mittwoch 07-11-2018 18:00
Handler:     Stephan Richter
Co-Handler:  Alexander Riepl

=====================
=       News        =
=====================


∗∗∗ Oracle: Verärgerter Forscher veröffentlicht Exploit für Virtualbox ∗∗∗
---------------------------------------------
Ein Sicherheitsforscher hat eine Zero-Day-Lücke für Virtualbox veröffentlicht, die einen Ausbruch aus dem Gastsystem auf das Host-System ermöglicht. Der Forscher sei frustriert darüber, ..
---------------------------------------------
https://www.golem.de/news/oracle-veraergerter-forscher-veroeffentlicht-exploit-fuer-virtualbox-1811-137562.html


∗∗∗ BCMPUPnP_Hunter: A 100k Botnet Turns Home Routers to Email Spammers ∗∗∗
---------------------------------------------
This article was co-authored by Hui Wang and RootKiter.Since September 2018, 360Netlab Scanmon has detected multiple scan spikes on TCP port 5431, each time the system logged more than 100k scan ..
---------------------------------------------
http://blog.netlab.360.com/bcmpupnp_hunter-a-100k-botnet-turns-home-routers-to-email-spammers-en/


∗∗∗ ADV180028 | Guidance for configuring BitLocker to enforce software encryption ∗∗∗
---------------------------------------------
Microsoft is aware of reports of vulnerabilities in the hardware encryption of certain ..
---------------------------------------------
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180028


∗∗∗ WordPress Design Flaw Leads to WooCommerce RCE ∗∗∗
---------------------------------------------
A flaw in the way WordPress handles privileges can lead to a privilege escalation in WordPress plugins. This affects for example WooCommerce, the most popular e-commerce plugin with over 4 million ..
---------------------------------------------
https://blog.ripstech.com/2018/wordpress-design-flaw-leads-to-woocommerce-rce/


∗∗∗ Vorsicht! Neue betrügerische Bewerbungsmail mit Erpressungstrojaner im Umlauf ∗∗∗
---------------------------------------------
Derzeit kursiert eine gefakte Bewerbung von "Peter Reif" im Internet. Nach dem Öffnen des Dateianhangs verschlüsselt ein Schädling Daten und fordert Lösegeld.
---------------------------------------------
http://heise.de/-4214191


∗∗∗ Attackers breached Statcounter to steal cryptocurrency from gate.io users ∗∗∗
---------------------------------------------
Web analytics company Statcounter and cryptocurrency exchange gate.io have been compromised in another supply-chain attack, which resulted in an unknown number of gate.io customers getting their money stolen,..
---------------------------------------------
https://www.helpnetsecurity.com/2018/11/07/statcounter-gate-io-compromised/


∗∗∗ Keine FLIXGLADE und FLIX FORGE LTD- Rechnungen bezahlen! ∗∗∗
---------------------------------------------
Auf der Suche nach kostenlosen Filmen im Internet stoßen Konsument/innen auf flixman.de und inflix.de. Es handelt sich um kriminelle Plattformen, die ihren Opfern keine Leistung erbringen, ..
---------------------------------------------
https://www.watchlist-internet.at/news/keine-flixglade-und-flix-forge-ltd-rechnungen-bezahlen/


=====================
=  Vulnerabilities  =
=====================


∗∗∗ Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability ∗∗∗
---------------------------------------------
A vulnerability in the Session Initiation Protocol (SIP) inspectionengine of Cisco Adaptive Security Appliance (ASA) Software and CiscoFirepower Threat Defense (FTD) Software could allow an unauthenticated, ..
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos


∗∗∗ IBM Security Bulletin:Eclipse OpenJ9 could allow a local attacker to gain elevated privileges on the system and The IBM Java Runtime Environment’s Diagnostic Tooling Framework for Java does not protect against CVE-2018-1656 and CVE-2018-12539 ∗∗∗
---------------------------------------------
The IBM Java Runtime Environment’s Diagnostic Tooling Framework for Java (DTFJ) (IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0) does not protect against path traversal attacks when extracting compressed ..
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletineclipse-openj9-could-allow-a-local-attacker-to-gain-elevated-privileges-on-the-system-and-the-ibm-java-runtime-environments-diagnostic-tooling-framework-for-java-does-not-prote/


∗∗∗ IBM Security Bulletin: Vulnerability in Apache Cassandra affects IBM Operations Analytics Predictive Insights (CVE-2018-8016) ∗∗∗
---------------------------------------------
Apache Cassandra is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVE. Note that the usage of Apache Cassandra within IBM Operations ..
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-apache-cassandra-affects-ibm-operations-analytics-predictive-insights-cve-2018-8016/


∗∗∗ IBM Security Bulletin: Vulnerabilities in Python affect IBM Operations Analytics Predictive Insights (CVE-2018-1060, CVE-2018-1061) ∗∗∗
---------------------------------------------
Python is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs. Note that the usage of Python within IBM Operations Analytics ..
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabilities-in-python-affect-ibm-operations-analytics-predictive-insights-cve-2018-1060-cve-2018-1061/


∗∗∗ Roche Point of Care Handheld Medical Devices ∗∗∗
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSMA-18-310-01


∗∗∗ Cisco Integrated Management Controller Supervisor SQL Injection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-cimc-sql-inject


∗∗∗ Cisco Unity Express Arbitrary Command Execution Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-cue


∗∗∗ Xen Security Advisory 282 - guest use of HLE constructs may lock up host ∗∗∗
---------------------------------------------
https://xenbits.xen.org/xsa/advisory-282.html


∗∗∗ Red Hat JBoss EAP RichFaces Access Control Bug Lets Remote Users Execute Arbitrary Code on the Target System ∗∗∗
---------------------------------------------
http://www.securitytracker.com/id/1042037

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list