[CERT-daily] Tageszusammenfassung - 01.07.2019
Daily end-of-shift report
team at cert.at
Mon Jul 1 18:26:08 CEST 2019
=====================
= End-of-Day report =
=====================
Timeframe: Freitag 28-06-2019 18:00 − Montag 01-07-2019 18:00
Handler: Robert Waldner
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ Mehrere Sicherheitslücken im Datenbankmanagementsystem IBM Db2 ∗∗∗
---------------------------------------------
Es gibt wichtige Sicherheitsupdates für IBM Db2. Insgesamt gilt das Sicherheitsrisiko als "hoch".
---------------------------------------------
https://heise.de/-4457961
∗∗∗ Verschlüsselte Kommunikation: Angriff auf PGP-Keyserver demonstriert hoffnungslose Situation ∗∗∗
---------------------------------------------
Mit einem gezielten Angriff auf zwei PGP-Schlüssel demonstrieren Unbekannte, dass ein zentraler Teil der PGP-Infrastruktur wahrscheinlich unrettbar kaputt ist.
---------------------------------------------
https://heise.de/-4458354
∗∗∗ Sicherheitsupdates: BIG-IP-Appliances von F5 angreifbar ∗∗∗
---------------------------------------------
In verschiedenen Netzwerkprodukten vom Hersteller F5 findet sich eine Root-Schwachstelle.
---------------------------------------------
https://heise.de/-4457976
∗∗∗ RATs and stealers rush through “Heaven’s Gate” with new loader ∗∗∗
---------------------------------------------
By Holger Unterbrink and Edmund Brumaghin. Executive summaryMalware is constantly finding new ways to avoid detection. This doesnt mean that some will never be detected, but it does allow adversaries to increase the period of time between initial release and detection. Flying under the radar for just a few days is enough to infect sufficient machines to earn a decent amount of revenue for an attack.
---------------------------------------------
https://blog.talosintelligence.com/2019/07/rats-and-stealers-rush-through-heavens.html
∗∗∗ Achtung vor Job-Angeboten der Wentics GmbH ∗∗∗
---------------------------------------------
Arbeitssuchende, die Job-Börsen bei der Suche nach dem neuen Beruf nutzen, müssen sich vor betrügerischen Angeboten in Acht nehmen. So kontaktieren Kriminelle beispielsweise als Wentics GmbH Internetnutzer/innen und bieten verlockende Jobs im Home Office gegen hervorragende Bezahlung an. Betroffene dürfen keine Daten übermitteln, denn es handelt sich um einen Identitätsmissbrauch zum Zweck der Geldwäsche!
---------------------------------------------
https://www.watchlist-internet.at/news/achtung-vor-job-angeboten-der-wentics-gmbh/
∗∗∗ Netzpolitik - Phishing-Mails: Betrüger setzen nun auf QR-Codes ∗∗∗
---------------------------------------------
Betrüger versuchen, Sharepoint-Logindaten zu bekommen – Bildcodes gelangen durch Spamfilter
---------------------------------------------
https://derstandard.at/2000105726829/Phishing-Mails-Betrueger-setzen-nun-auf-QR-Codes
=====================
= Vulnerabilities =
=====================
∗∗∗ Sicherheitsupdates: Kritische Lücke in Firewalls und Hotspots von Zyxel ∗∗∗
---------------------------------------------
Verschiedene Netzwerkgeräte von Zyxel sind über eine kritische Schwachstelle attackierbar.
---------------------------------------------
https://heise.de/-4458725
∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (expat, golang-go.crypto, gpac, and rdesktop), Fedora (chromium, GraphicsMagick, kernel, kernel-headers, pdns, and xen), openSUSE (chromium, dbus-1, evince, libvirt, postgresql96, tomcat, and wireshark), Oracle (thunderbird and vim), Scientific Linux (thunderbird), Slackware (irssi), SUSE (gvfs), and Ubuntu (linux-lts-xenial, linux-aws, linux-azure and linux-oem, linux-oracle, linux-raspi2, linux-snapdragon).
---------------------------------------------
https://lwn.net/Articles/792463/
∗∗∗ IBM Security Bulletin: IBM API Connect Developer Portal is impacted by multiple PHP vulnerabilities(CVE-2019-11038 CVE-2019-11039 CVE-2019-11040) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-api-connect-developer-portal-is-impacted-by-multiple-php-vulnerabilitiescve-2019-11038-cve-2019-11039-cve-2019-11040/
∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by a FileServer functionality vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-guardium-is-affected-by-a-fileserver-functionality-vulnerability/
∗∗∗ IBM Security Bulletin: A vulnerability in IBM Java Runtime affect Financial Transaction Manager for Corporate Payment Services for Multi-Platform ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-ibm-java-runtime-affect-financial-transaction-manager-for-corporate-payment-services-for-multi-platform/
∗∗∗ IBM Security Bulletin: A vulnerabilityin IBM Java Runtime affect Financial Transaction Manager for Check Services for Multi-Platform ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerabilityin-ibm-java-runtime-affect-financial-transaction-manager-for-check-services-for-multi-platform/
∗∗∗ IBM Security Bulletin: Vulnerability in IBM Java Runtime affect Financial Transaction Manager for ACH Services for Multi-Platform ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-ibm-java-runtime-affect-financial-transaction-manager-for-ach-services-for-multi-platform/
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX Security Bulletin ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-aix-security-bulletin-4/
∗∗∗ IBM Security Bulletin: API Connect is impacted by an information leakage vulnerability in Oracle MySQL (CVE-2018-3123) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-api-connect-is-impacted-by-an-information-leakage-vulnerability-in-oracle-mysql-cve-2018-3123/
∗∗∗ IBM Security Bulletin: Password disclosure in IBM Spectrum Protect Server (CVE-2019-4140) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-password-disclosure-in-ibm-spectrum-protect-server-cve-2019-4140/
∗∗∗ IBM Security Bulletin: Multiple Db2 vulnerabilities affect the IBM Spectrum Protect Server (CVE-2018-1922, CVE-2018-1923, CVE-2018-1936, CVE-2018-1978, CVE-2018-1980, CVE-2019-4014, CVE-2019-4015, CVE-2019-4016, CVE-2019-4094) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-db2-vulnerabilities-affect-the-ibm-spectrum-protect-server-cve-2018-1922-cve-2018-1923-cve-2018-1936-cve-2018-1978-cve-2018-1980-cve-2019-4014-cve-2019-4015-cve/
∗∗∗ IBM Security Bulletin: IBM Planning Analytics Administration is affected by a vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-planning-analytics-administration-is-affected-by-a-vulnerability/
∗∗∗ IBM Security Bulletin: IBM Cloud Private Monitoring is vulnerable to XSS attack in Prometheus (CVE-2018-14041) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-cloud-private-monitoring-is-vulnerable-to-xss-attack-in-prometheus-cve-2018-14041/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list