[CERT-daily] Tageszusammenfassung - 27.06.2019

Daily end-of-shift report team at cert.at
Thu Jun 27 18:09:37 CEST 2019


=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 26-06-2019 18:00 − Donnerstag 27-06-2019 18:00
Handler:     Stephan Richter
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ How Hackers Turn Microsoft Excels Own Features Against It ∗∗∗
---------------------------------------------
A pair of recent findings show how hackers can compromise Excel users without any fancy exploits.
---------------------------------------------
https://www.wired.com/story/microsoft-excel-hacking-power-query-macros


∗∗∗ Fake Instagram Verification ∗∗∗
---------------------------------------------
Across various social media platforms there are verification checkmark symbols that appear near the name of the account’s page we view. For example, this verified account indicator seen from our our Twitter page:  These verification checkmarks exist as a credibility indicator to help show authenticity and integrity to social media page visitors.
---------------------------------------------
https://blog.sucuri.net/2019/06/fake-instagram-verification.html


∗∗∗ NIST Releases Report on Managing IoT Risks ∗∗∗
---------------------------------------------
Original release date: June 26, 2019The National Institute of Standards and Technology (NIST) has released the Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks report. The publication—the first in a planned series on IoT—aims to help federal agencies and other organizations manage the cybersecurity and privacy risks associated with individual IoT devices.
---------------------------------------------
https://www.us-cert.gov/ncas/current-activity/2019/06/26/nist-releases-report-managing-iot-risks


∗∗∗ Europäischer Rechtsakt zur Cyber-Sicherheit tritt in Kraft ∗∗∗
---------------------------------------------
Der europäische Rechtsakt zur Cyber-Sicherheit ("Cybersecurity Act") ist am 27. Juni 2019 in Kraft getreten. Kernelemente des Rechtsakts sind ein neues, permanentes Mandat für die europäische Cyber-Sicherheitsagentur ENISA sowie die Einführung eines einheitlichen europäischen Zertifizierungsrahmens für IKT-Produkte, -Dienstleistungen und -Prozesse.
---------------------------------------------
https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2019/Cybersecurity_Act_270619.html


∗∗∗ GreenFlash Sundown exploit kit expands via large malvertising campaign ∗∗∗
---------------------------------------------
The GreenFlash exploit kit, which we typically saw targeting South Korean users, reaches globally with a large malvertising campaign via a popular website.Categories: Threat analysisTags: EKexploit kitGreenFlash Sundownmalvertisingseon ransomware [...]
---------------------------------------------
https://blog.malwarebytes.com/threat-analysis/2019/06/greenflash-sundown-exploit-kit-expands-via-large-malvertising-campaign/


∗∗∗ Bestellen Sie nicht bei media-blue.store ∗∗∗
---------------------------------------------
Wer bei media-blue.store glaubt, ein Schnäppchen ergattert zu haben, irrt sich, denn die Ware wird trotz Bezahlung nie geliefert. Es handelt sich um einen Fake-Shop!
---------------------------------------------
https://www.watchlist-internet.at/news/bestellen-sie-nicht-bei-media-bluestore/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Epyc crypto flaw? AMD emits firmware fix for server processors after Googler smashes RAM encryption algorithms ∗∗∗
---------------------------------------------
SEV code cracked to leak secret keys Updated Microchip slinger AMD has issued a firmware patch to fix the encryption in its Secure Encrypted Virtualization technology (SEV), used to defend the memory of Linux KVM virtual machines running on its Epyc processors.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2019/06/26/amd_epyc_key_security_flaw/


∗∗∗ Advanced Forum - Critical - Cross Site Scripting - SA-CONTRIB-2019-054 ∗∗∗
---------------------------------------------
Project: Advanced Forum
Version: 7.x-2.x-dev
Date: 2019-June-26
Security risk: Critical 16∕25 AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting
---------------------------------------------
https://www.drupal.org/sa-contrib-2019-054


∗∗∗ Kritische Lücken in Cisco Data Center Network Manager ∗∗∗
---------------------------------------------
Eine Schwachstelle gefährdet Netzwerkgeräte von Cisco. Ein Sicherheitsupdate schließt mehrere Schlupflöcher.
---------------------------------------------
https://heise.de/-4456661


∗∗∗ Security updates for Thursday ∗∗∗
---------------------------------------------
Security updates have been issued by Fedora (drupal7-uuid, php-brumann-polyfill-unserialize, and php-typo3-phar-stream-wrapper2), openSUSE (ansible, compat-openssl098, exempi, glib2, gstreamer-0_10-plugins-base, gstreamer-plugins-base, libmediainfo, libssh2_org, SDL2, sqlite3, and wireshark), Oracle (firefox), Red Hat (thunderbird and vim), Scientific Linux (firefox), SUSE (java-1_8_0-ibm), and Ubuntu (bzip2 and expat).
---------------------------------------------
https://lwn.net/Articles/792231/


∗∗∗ Kubernetes CLI tool security flaw lets attackers run code on host machine ∗∗∗
---------------------------------------------
Interesting bug can lead to total compromise of cloud production environments.
---------------------------------------------
https://www.zdnet.com/article/kubernetes-cli-tool-security-flaw-lets-attackers-run-code-on-host-machine/


∗∗∗ Vuln: GNU Binutils CVE-2019-12972 Heap Based Buffer Overflow Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/108903


∗∗∗ Vuln: Linux Kernel CVE-2019-12984 Null Pointer Dereference Remote Denial of Service Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/108905


∗∗∗ OpenJPEG: Mehrere Schwachstellen ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K19-0545


∗∗∗ ImageMagick: Mehrere Schwachstellen ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K19-0547

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list