[CERT-daily] Tageszusammenfassung - 17.06.2019
Daily end-of-shift report
team at cert.at
Mon Jun 17 18:07:45 CEST 2019
=====================
= End-of-Day report =
=====================
Timeframe: Freitag 14-06-2019 18:00 − Montag 17-06-2019 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
=====================
= News =
=====================
∗∗∗ U.S. Govt Achieves BlueKeep Remote Code Execution, Issues Alert ∗∗∗
---------------------------------------------
The Cybersecurity and Infrastructure Security Agency (CISA) published an alert for Windows users to patch the critical severity Remote Desktop Services (RDS) RCE security flaw dubbed BlueKeep.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/us-govt-achieves-bluekeep-remote-code-execution-issues-alert/
∗∗∗ Ermittler entschlüsselten neue Version der GandCrab-Ransomware ∗∗∗
---------------------------------------------
Wer Opfer der Ransomware wurde, kann die Schadsoftware mit dem neuen Tool kostenfrei entfernen.
---------------------------------------------
https://futurezone.at/netzpolitik/ermittler-entschluesselten-neue-version-der-gandcrab-ransomware/400526458
∗∗∗ An infection from Rig exploit kit, (Mon, Jun 17th) ∗∗∗
---------------------------------------------
[...] Today's diary reviews a recent example of infection traffic caused by Rig EK.
---------------------------------------------
https://isc.sans.edu/diary/rss/25040
∗∗∗ Überteuertes Visum für Kanada auf kanadaeta.com und kanada-eta.de ∗∗∗
---------------------------------------------
Zahlreiche verärgerte Konsument/innen berichten uns von überteuerten ETA-Anträgen (Electronic Travel Authorization) – also Reisegenehmigungen – auf kanadaeta.com und kanada-eta.de. Statt etwa 5 Euro auf der offiziellen Website der kanadischen Regierung werden hier zwischen 50 und 80 Euro für ein Visum verrechnet. Die Watchlist Internet empfiehlt: Die offizielle Regierungswebsite nutzen!
---------------------------------------------
https://www.watchlist-internet.at/news/ueberteuertes-visum-fuer-kanada-auf-kanadaetacom-und-kanada-etade/
∗∗∗ Security researcher finds critical XSS bug in Googles Invoice Submission Portal ∗∗∗
---------------------------------------------
Security bug would have allowed hackers access to one of Googles backend apps.
---------------------------------------------
https://www.zdnet.com/article/security-researcher-finds-critical-xss-bug-in-googles-invoice-submission-portal/
=====================
= Vulnerabilities =
=====================
∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (chromium and thunderbird), Debian (php-horde-form, pyxdg, thunderbird, and znc), Fedora (containernetworking-plugins, mediawiki, and podman), openSUSE (chromium), Red Hat (bind, chromium-browser, and flash-plugin), SUSE (docker, glibc, gstreamer-0_10-plugins-base, gstreamer-plugins-base, postgresql10, sqlite3, and thunderbird), and Ubuntu (firefox).
---------------------------------------------
https://lwn.net/Articles/791277/
∗∗∗ IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Connect:Direct for UNIX ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-sterling-connectdirect-for-unix-2/
∗∗∗ IBM Security Bulletin: IBM Cloud Private Platform-UI is vulnerable to a cross-site request forgery attack (CVE-2019-4142) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-cloud-private-platform-ui-is-vulnerable-to-a-cross-site-request-forgery-attack-cve-2019-4142/
∗∗∗ IBM Security Bulletin: Vulnerability in strongswan affects QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for IBM BladeCenter ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-strongswan-affects-qlogic-8gb-intelligent-pass-thru-module-and-san-switch-module-for-ibm-bladecenter/
∗∗∗ IBM Security Bulletin: Vulnerabilities in OpenSSL and strongswan affect IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabilities-in-openssl-and-strongswan-affect-ibm-flex-system-fc3171-8gb-san-switch-san-pass-thru/
∗∗∗ IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-fabric-os-firmware-for-brocade-8gb-san-switch-module-for-bladecenter-is-affected-by-vulnerabilities-in-openssl-and-openssh/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list