[CERT-daily] Tageszusammenfassung - 26.06.2019
Daily end-of-shift report
team at cert.at
Wed Jun 26 18:04:29 CEST 2019
=====================
= End-of-Day report =
=====================
Timeframe: Dienstag 25-06-2019 18:00 − Mittwoch 26-06-2019 18:00
Handler: Robert Waldner
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ YouTube Bitcoin Scams Pushing the njRAT Backdoor InfoStealer ∗∗∗
---------------------------------------------
YouTube scams are promoting software that pretends to allow users to get free Bitcoins, but instead installs the njRAT remote access Trojan and password stealer.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/youtube-bitcoin-scams-pushing-the-njrat-backdoor-infostealer/
∗∗∗ Brickerbot 2.0: Neue Schadsoftware möchte IoT-Geräte zerstören ∗∗∗
---------------------------------------------
Wie das Vorbild Brickerbot möchte die Schadsoftware Silex unsichere IoT-Geräte zerstören. Auch ungeschützte Linux-Server könnten ihr Opfer werden. Der Entwickler der Schadsoftware arbeitet an weiteren Funktionen.
---------------------------------------------
https://www.golem.de/news/brickerbot-2-0-neue-schadsoftware-moechte-iot-geraete-zerstoeren-1906-142153-rss.html
∗∗∗ Subdomain Takeover: Sicherheitsfirmen übernehmen Subdomain von EA ∗∗∗
---------------------------------------------
Die Subdomain eaplayinvite.ea.com des Spieleherstellers Electronic Arts ist von Sicherheitsfirmen übernommen worden. Über einen weiteren Angriff konnten die Firmen auch an Nutzerdaten gelangen.
---------------------------------------------
https://www.golem.de/news/subdomain-takeover-sicherheitsfirmen-uebernehmen-subdomain-von-ea-1906-142166-rss.html
∗∗∗ Achtung vor Scamming im Internet ∗∗∗
---------------------------------------------
Scamming (dt. Vorschussbetrug) beschreibt eine beliebte Betrugsform im Internet, die Kriminelle nutzen, um an schnelles Geld zu gelangen. Sie versprechen ihren Opfern Erbschaften, Millionengewinne, günstige Kredite oder spielen ihnen eine Notlage vor und drängen sie zu hohen Vorschusszahlungen. Es handelt sich ausnahmslos um leere Versprechen und Geld landet ausschließlich in den Taschen der Betrüger/innen.
---------------------------------------------
https://www.watchlist-internet.at/news/achtung-vor-scamming-im-internet/
=====================
= Vulnerabilities =
=====================
∗∗∗ Vuln: Nessus CVE-2019-3961 Cross Site Scripting Vulnerability ∗∗∗
---------------------------------------------
Nessus is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Nessus 8.4.0 and prior versions are vulnerable.
---------------------------------------------
http://www.securityfocus.com/bid/108892
∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (python3.4), Oracle (firefox), Red Hat (firefox and kernel-alt), SUSE (ImageMagick and SUSE Manager Server 3.2), and Ubuntu (bzip2).
---------------------------------------------
https://lwn.net/Articles/792111/
∗∗∗ Security Advisory - FRP Bypass Vulnerability on Several Smartphones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190626-01-frp-en
∗∗∗ IBM Security Bulletin: Java Vulnerability Affects IBM Connect:Direct Web Services (CVE-2018-1890) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-java-vulnerability-affects-ibm-connectdirect-web-services-cve-2018-1890/
∗∗∗ IBM Security Bulletin: WebSphere App Server – Out of Memory Exception can cause DOS ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-websphere-app-server-out-of-memory-exception-can-cause-dos/
∗∗∗ IBM Security Bulletin: Vulnerability in IBM Java SDK affect IBM Tivoli System Automation Application Manager April 2019 CPU (CVE-2019-2684) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-ibm-java-sdk-affect-ibm-tivoli-system-automation-application-manager-april-2019-cpu-cve-2019-2684/
∗∗∗ IBM Security Bulletin: A security vulnerability in OpenSSL affects IBM Rational ClearQuest (CVE-2019-1559) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-security-vulnerability-in-openssl-affects-ibm-rational-clearquest-cve-2019-1559/
∗∗∗ IBM Security Bulletin: Vulnerabilities exist in Watson Explorer Analytical Components and Watson Content Analytics (CVE-2018-1901) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabilities-exist-in-watson-explorer-analytical-components-and-watson-content-analytics-cve-2018-1901/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list