[CERT-daily] Tageszusammenfassung - 08.08.2019

Thu Aug 8 18:22:42 CEST 2019

=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 07-08-2019 18:00 − Donnerstag 08-08-2019 18:00
Handler:     Dimitri Robl
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ The Fully Remote Attack Surface of the iPhone ∗∗∗
---------------------------------------------
While there have been several rumours and reports of fully remote vulnerabilities affecting the iPhone being used by attackers in the last couple of years, limited information is available about the technical details of these vulnerabilities, as well as the underlying attack surface they occur in. I investigated the remote, interaction-less attack surface of the iPhone, and found several serious vulnerabilities.
---------------------------------------------
https://googleprojectzero.blogspot.com/2019/08/the-fully-remote-attack-surface-of.html


∗∗∗ [Guest Diary] The good, the bad and the non-functional, or "how not to do an attack campaign", (Thu, Aug 8th) ∗∗∗
---------------------------------------------
https://isc.sans.edu/diary/rss/25218


∗∗∗ Magento Skimmers: From Atob to Alibaba ∗∗∗
---------------------------------------------
Last year we saw a fairly massive Magento malware campaign that injected credit card stealing code similar to this: It uses the JavaScript atob function to decode base64-encoded domain names and URL patterns. In the sample above, it’s hxxps://livegetpay[.]com/pay.js?v=2.2.9 and “onepage”, respectively. The campaign used a variety of different domain names and targeted all sorts of payment processing systems, which is well described in the Group IB’s report.
---------------------------------------------
https://blog.sucuri.net/2019/08/magento-skimmers-from-atob-to-alibaba.html


∗∗∗ Reverse RDP Attack Also Enables Guest-to-Host Escape in Microsoft Hyper-V ∗∗∗
---------------------------------------------
Remember the Reverse RDP Attack? Earlier this year, researchers disclosed clipboard hijacking and path-traversal issues in Microsofts Windows built-in RDP client that could allow a malicious RDP server to compromise a client computer, reversely.
---------------------------------------------
https://thehackernews.com/2019/08/reverse-rdp-windows-hyper-v.html


∗∗∗ ACSC Releases Advisory on Password Spraying Attacks ∗∗∗
---------------------------------------------
Original release date: August 8, 2019The Australian Cyber Security Centre (ACSC) has released an advisory on password spraying attacks. Password spraying is a type of brute-force attack in which a malicious actor uses a single password against targeted user accounts before moving on to attempt a second password, and so on. This technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts. The ACSC provides recommendations for organizations to detect and
---------------------------------------------
https://www.us-cert.gov/ncas/current-activity/2019/08/08/acsc-releases-advisory-password-spraying-attacks


∗∗∗ Erpressungsversuche mit Masturbations-Video! ∗∗∗
---------------------------------------------
Die Wahrscheinlichkeit betrügerische Erpressungs-E-Mails im eigenen Posteingang zu finden, ist momentan äußerst hoch. Kriminelle behaupten, die Systeme ihrer Opfer mit Schadsoftware infiziert, Zugriff auf Webcam und Kontakte erhalten zu haben und nun in Besitz eines Masturbations-Videos zu sein. Betroffene dürfen nichts bezahlen. Die Nachrichten von „Anonymer Hacker“ sind erfunden!
---------------------------------------------
https://www.watchlist-internet.at/news/erpressungsversuche-mit-masturbations-video/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Fortinet FortiRecorder 2.7.3 Hardcoded Password ∗∗∗
---------------------------------------------
https://cxsecurity.com/issue/WLB-2019080028


∗∗∗ Security updates for Thursday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (exim, python-django, python2-django, and sdl2), Debian (proftpd-dfsg), Fedora (php and sqlite), openSUSE (proftpd), Red Hat (kernel), Slackware (kdelibs), SUSE (nodejs10, squid, and tcpdump), and Ubuntu (php5 and ruby-rack).
---------------------------------------------
https://lwn.net/Articles/795725/


∗∗∗ Synology-SA-19:32 SWAPGS Spectre Side-Channel Attack ∗∗∗
---------------------------------------------
The vulnerability allows local users to obtain sensitive information via a susceptible version of Synology DiskStation Manager (DSM) running on an Intel CPU or even if in Virtual Machine Manager.
---------------------------------------------
https://www.synology.com/en-global/support/security/Synology_SA_19_32


∗∗∗ Cisco Adaptive Security Appliance Smart Tunnel Vulnerabilities ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-asa-multi


∗∗∗ Cisco Webex Meetings Server Open Redirection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-wms-oredirect


∗∗∗ Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-webex-player


∗∗∗ Cisco SPA112 2-Port Phone Adapter Stored Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-spa112-xss


∗∗∗ Cisco SD-WAN Solution Packet Filtering Bypass Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-sd-wan-bypass


∗∗∗ Cisco Enterprise NFV Infrastructure Software VNC Authentication Bypass Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-nfvis-vnc-authbypass


∗∗∗ Cisco Enterprise NFV Infrastructure Software Web-Based Management Interface Authentication Bypass Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-nfvis-authbypass


∗∗∗ Cisco Enterprise NFV Infrastructure Software Cross-site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-nfv-xss


∗∗∗ Cisco Enterprise NFV Infrastructure Software Arbitrary File Read Vulnerabilities ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-nfv-read


∗∗∗ Cisco Enterprise NFV Infrastructure Software Password Recovery Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-nfv-pwrecov


∗∗∗ Cisco Enterprise NFV Infrastructure Software Privilege Escalation Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-nfv-privescal


∗∗∗ Cisco Enterprise NFV Infrastructure Software Web Portal Arbitrary File Read Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-nfv-fileread


∗∗∗ Cisco Enterprise NFV Infrastructure Software Command Injection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-nfv-commandinj


∗∗∗ Cisco Enterprise NFV Infrastructure Software Path Traversal Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-nfv-cli-path


∗∗∗ Cisco IOS XR Software Intermediate System–to–Intermediate System Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-iosxr-isis-dos-1918


∗∗∗ Cisco IOS XR Software Intermediate System–to–Intermediate System Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-iosxr-isis-dos-1910


∗∗∗ Cisco HyperFlex Software Cross-Site Request Forgery Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-hypflex-csrf


∗∗∗ Cisco Firepower Threat Defense Software File Policy Bypass Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-ftd-bypass


∗∗∗ Cisco IoT Field Network Director TLS Renegotiation Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-fnd-dos


∗∗∗ Cisco Firepower Management Center Persistent Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-fmc-xss


∗∗∗ Cisco Email Security Appliance Header Injection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-esm-inject


∗∗∗ Cisco Adaptive Security Appliance Software Web-Based Management Interface Privilege Escalation Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-asa-privescala

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily