[CERT-daily] Tageszusammenfassung - 22.11.2018

Thu Nov 22 18:10:48 CET 2018

=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 21-11-2018 18:00 − Donnerstag 22-11-2018 18:00
Handler:     Stephan Richter
Co-Handler:  Alexander Riepl

=====================
=       News        =
=====================


∗∗∗ New mining Trojan for Linux removes anti-viruses ∗∗∗
---------------------------------------------
November 20, 2018 One of today’s most common ways of obtaining illegal earnings is to mine cryptocurrency covertly, using the resources of a computer without the owner’s consent. Doctor Web recently discovered a ..
---------------------------------------------
https://news.drweb.com/show/?i=12942&lng=en&c=9


∗∗∗ ECCploit: Rowhammer-Angriff funktioniert auch mit ECC ∗∗∗
---------------------------------------------
Ein Forscherteam konnte zeigen, dass Angriffe mit Bitflips im Arbeitsspeicher auch dann möglich sind, wenn man Speichermodule mit Fehlerkorrektur verwendet.
---------------------------------------------
https://www.golem.de/news/eccploit-rowhammer-angriff-funktioniert-auch-mit-ecc-1811-137863.html


∗∗∗ Malware scum want to build a Linux botnet using Mirai ∗∗∗
---------------------------------------------
Hadoop YARN is the attack vector, so lock it away Diligent hackers ..
---------------------------------------------
www.theregister.co.uk/2018/11/22/mirai_for_linux_on_x86/


∗∗∗ Markenfälschungen auf rmc-bad-grosspertholz.at ∗∗∗
---------------------------------------------
Bei rmc-bad-grosspertholz.at finden Sie Markenkleidung, Schuhe und Accessoires zu sagenhaften Preisen. Erwarten Sie sich jedoch nicht viel von Ihrer Bestellung, Sie werden – falls überhaupt – minderwertige Waren ..
---------------------------------------------
https://www.watchlist-internet.at/news/markenfaelschungen-auf-rmc-bad-grosspertholzat/


∗∗∗ Achtung: Betrug über den Amazon Marketplace ∗∗∗
---------------------------------------------
Kriminelle übernehmen Amazon-Händlerkonten und bieten günstige Waren an. Ihre Bestellung wird zunächst angenommen, dann aber grundlos storniert. Kontaktieren Sie die Anbieter per E-Mail, erhalten Sie ..
---------------------------------------------
https://www.watchlist-internet.at/news/achtung-betrug-ueber-den-amazon-marketplace/


=====================
=  Vulnerabilities  =
=====================


∗∗∗ IBM Security Bulletin: Java Vulnerability Affects IBM Sterling Connect:Direct Browser User Interface (CVE-2018-1656) ∗∗∗
---------------------------------------------
There is a vulnerability in IBM® Runtime Environment Java Technology Edition, Version 8 that is used by IBM Sterling Connect:Direct Browser User Interface. These issues were disclosed as part of the ..
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-java-vulnerability-affects-ibm-sterling-connectdirect-browser-user-interface-cve-2018-1656/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in Apache Tomcat, Open SSL, and Apache HTTPD affects Rational Build Forge ∗∗∗
---------------------------------------------
Apache Tomcat, Open SSL, and Apache Tomcat have multiple security vulnerabilities that could allow a remote attacker to exploit the Rational Build Forge application. Respective security vulnerabilities are discussed in ..
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-apache-tomcat-open-ssl-and-apache-httpd-affects-rational-build-forge/


∗∗∗ IBM Security Bulletin: WebSphere MQ V5.3 for HP NonStop Server (MIPS and Itanium) is affected by OpenSSL vulnerability CVE-2018-0732 ∗∗∗
---------------------------------------------
Security Bulletin: WebSphere MQ V5.3 for HP NonStop Server (MIPS and Itanium) is affected by OpenSSL vulnerability CVE-2018-0732CVE(s): CVE-2018-0732Affected product(s) and affected version(s):WebSphere ..
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-websphere-mq-v5-3-for-hp-nonstop-server-mips-and-itanium-is-affected-by-openssl-vulnerability-cve-2018-0732/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus, IBM App Connect Enterpise v11 and WebSphere Message Broker ∗∗∗
---------------------------------------------
Summary There are multiple vulnerabilities in IBM® SDK Java Technology Edition, Version 8.0.5.5 & 8.0.5.15 and IBM® Runtime Environment Java Versions 7.0.10.15 & 7.0.10.25 used by IBM Integration ..
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-integration-bus-ibm-app-connect-enterpise-v11-and-websphere-message-broker/


∗∗∗ IBM Security Bulletin: WebSphere MQ V5.3 for HP NonStop Server (MIPS and Itanium) is affected by OpenSSL vulnerability CVE-2018-0737 ∗∗∗
---------------------------------------------
WebSphere MQ V5.3 for HP NonStop Server (MIPS and Itanium) has addressed the following vulnerability: CVE-2018-0737 CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)CVE(s): CVE-2018-0737Affected ..
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-websphere-mq-v5-3-for-hp-nonstop-server-mips-and-itanium-is-affected-by-openssl-vulnerability-cve-2018-0737/

∗∗∗ Download WP-DBManager <= 2.79.1 - Arbitrary File Delete ∗∗∗
---------------------------------------------
https://wpvulndb.com/vulnerabilities/9151


∗∗∗ Security Advisory - Smart SMS Verification Code Vulnerability in Some Huawei Smart Phones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2018/huawei-sa-20181121-02-smartphone-en


∗∗∗ Moodle Login Access Control Flaw Lets Remote Users Conduct Cross-Site Request Forgery Attacks ∗∗∗
---------------------------------------------
http://www.securitytracker.com/id/1042154


∗∗∗ WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0008 ∗∗∗
---------------------------------------------
https://webkitgtk.org/security/WSA-2018-0008.html

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily