[CERT-daily] Tageszusammenfassung - 06.06.2019
Daily end-of-shift report
team at cert.at
Thu Jun 6 18:24:07 CEST 2019
=====================
= End-of-Day report =
=====================
Timeframe: Mittwoch 05-06-2019 18:00 − Donnerstag 06-06-2019 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
=====================
= News =
=====================
∗∗∗ USB Killer: What it is and how to protect your devices ∗∗∗
---------------------------------------------
Introduction What’s more ubiquitous in the PC world than USB sticks? They’re easy to use, affordable and are used by millions of people on a daily basis. Everyone knows that USB sticks can house nasties, including malware, but did you know that this same little drive can completely destroy a system by simply inserting it?
---------------------------------------------
https://resources.infosecinstitute.com/usb-killer-how-to-protect-your-devices/
∗∗∗ Telecoms taken by storm: Natural phenomena dominate the outage picture ∗∗∗
---------------------------------------------
A total of 157 telecom outages were reported by the 28 EU member states and 2 EFTA countries, as part of the EU-wide telecom security breach reporting for the year 2018. Today ENISA, the EU Agency for Cybersecurity, publishes the 8th annual report on telecom security incidents, analyzing root causes, impact, and trends.
---------------------------------------------
https://www.enisa.europa.eu/news/enisa-news/telecoms-taken-by-storm-natural-phenomena-dominate-the-outage-picture
∗∗∗ Will you be Europe’s best cybersecurity talent? ∗∗∗
---------------------------------------------
European countries have started or are preparing to kick off their national cybersecurity competitions. The winners of the national contests will represent their countries in the ultimate cybersecurity competition on the continent: the European Cyber Security Challenge (ECSC) 2019.
---------------------------------------------
https://www.enisa.europa.eu/news/enisa-news/will-you-be-europe-s-best-cybersecurity-talent
∗∗∗ Emotet bei Heise – Lehren aus einem Trojaner-Angriff ∗∗∗
---------------------------------------------
Es gab einen schwerwiegenden Einbruch in das Heise-Netz. An der Beseitigung arbeiten aktuell die IT-Abteilungen der Heise Gruppe und weitere Spezialisten.
---------------------------------------------
https://heise.de/-4437807
∗∗∗ Vorsicht bei BAWAG PSK-Mails ∗∗∗
---------------------------------------------
Mit der Aufforderung Ihren "secTAN" zu aktivieren, versuchen Kriminelle derzeit an Ihre Bankzugangsdaten zu gelangen. In der vermeintlichen E-Mail der Bank werden Sie aufgefordert, einem Link zu folgen. Dieser Link führt jedoch zu einer gefälschten BAWAG PSK-Website! Wir raten dazu, derartige Mails in den Spam-Ordner zu verschieben.
---------------------------------------------
https://www.watchlist-internet.at/news/vorsicht-bei-bawag-psk-mails/
=====================
= Vulnerabilities =
=====================
∗∗∗ Sicherheitslücke: Exim-Sicherheitslücke gefährlicher als gedacht ∗∗∗
---------------------------------------------
EineSicherheitslücke im Exim-Mailserver lässt sich auch übers Netz zur Codeausführung ausnutzen, der Angriff dauert aber in der Standardkonfiguration mehrere Tage. Lokal ist er trivial und emöglicht es Nutzern, Root-Rechte zu erlangen.
---------------------------------------------
https://www.golem.de/news/sicherheitsluecke-root-zugriff-fuer-angreifer-bei-exim-mailservern-1906-141729-rss.html
∗∗∗ Angreifer könnten Kommunikationssoftware von Cisco lahmlegen ∗∗∗
---------------------------------------------
Es gibt wichtige Sicherheitsupdates für Cisco Unified Communications Manager, Webex Meetings Server & Co.
---------------------------------------------
https://heise.de/-4440986
∗∗∗ VMSA-2019-0009 ∗∗∗
---------------------------------------------
VMware Tools and Workstation updates address out of bounds read and use-after-free vulnerabilities. (CVE-2019-5522, CVE-2019-5525)
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2019-0009.html
∗∗∗ Security updates for Thursday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (binutils), Debian (exim4 and poppler), Fedora (deepin-api, kernel, kernel-headers, kernel-tools, and php), openSUSE (cronie), and Ubuntu (apparmor, exim4, mariadb-10.1, php5, and php7.0, php7.2).
---------------------------------------------
https://lwn.net/Articles/790541/
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Software Architect and Rational Software Architect for WebSphere Software ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-rational-software-architect-and-rational-software-architect-for-websphere-software-5/
∗∗∗ IBM Security Bulletin: IBM® Intelligent Operations Center does not correctly validate file types before uploading files (CVE-2019-4069) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-intelligent-operations-center-does-not-correctly-validate-file-types-before-uploading-files-cve-2019-4069/
∗∗∗ IBM Security Bulletin: IBM® Intelligent Operations Center has a weak user-creation policy (CVE-2019-4066) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-intelligent-operations-center-has-a-weak-user-creation-policy-cve-2019-4066/
∗∗∗ IBM Security Bulletin: IBM® Intelligent Operations Center is vulnerable to user enumeration (CVE-2019-4068) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-intelligent-operations-center-is-vulnerable-to-user-enumeration-cve-2019-4068/
∗∗∗ IBM Security Bulletin: User passwords might be obtained by a brute force attack on IBM® Intelligent Operations Center (CVE-2019-4067) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-user-passwords-might-be-obtained-by-a-brute-force-attack-on-ibm-intelligent-operations-center-cve-2019-4067/
∗∗∗ IBM Security Bulletin: Cross-site scripting vulnerability in IBM® Intelligent Operations Center (CVE-2019-4070) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-cross-site-scripting-vulnerability-in-ibm-intelligent-operations-center-cve-2019-4070/
∗∗∗ IBM Security Bulletin: IBM API Connect V5 is impacted by multiple vulnerabilities in IBM Java SDK (CVE-2018-3139 CVE-2018-3180) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-api-connect-v5-is-impacted-by-multiple-vulnerabilities-in-ibm-java-sdk-cve-2018-3139-cve-2018-3180/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list