[CERT-daily] Tageszusammenfassung - 15.05.2019

Wed May 15 18:10:12 CEST 2019

=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 14-05-2019 18:00 − Mittwoch 15-05-2019 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a

=====================
=       News        =
=====================


∗∗∗ Sicherheitslücken: Adobe patcht PDF-Werkzeuge und den Flash Player ∗∗∗
---------------------------------------------
Adobe hat turnusmäßig neue Sicherheitsupdates veröffentlicht. Im Mai 2019 sollten vor allem der Adobe Reader und Adobe Acrobat abgesichert werden. Auch für den Flash Player gibt es eine Warnung ..
---------------------------------------------
https://www.golem.de/news/sicherheitsluecken-adobe-patcht-pdf-werkzeuge-und-den-flash-player-1905-141259.html


∗∗∗ Best of the Web: Trust-Siegel verteilt Keylogger ∗∗∗
---------------------------------------------
Eigentlich soll das Best-of-the-Web-Siegel die Sicherheit von Webseiten zertifizieren, stattdessen wurden über ein gehacktes Script Keylogger ..
---------------------------------------------
https://www.golem.de/news/best-of-the-web-trust-siegel-verteilt-keylogger-1905-141275.html


∗∗∗ May 2019 Security Update Release ∗∗∗
---------------------------------------------
Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information ..
---------------------------------------------
https://blogs.technet.microsoft.com/msrc/2019/05/14/may-2019-security-update-release/


∗∗∗ Prevent a worm by updating Remote Desktop Services (CVE-2019-0708) ∗∗∗
---------------------------------------------
Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user ..
---------------------------------------------
https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/


∗∗∗ Three New Masque Attacks against iOS: Demolishing, Breaking and Hijacking ∗∗∗
---------------------------------------------
In the recent release of iOS 8.4, Apple fixed several vulnerabilities including vulnerabilities that allow attackers to deploy two new kinds of Masque Attack (CVE-2015-3722/3725, and CVE-2015-3725). We call these exploits Manifest Masque and Extension Masque, which can be used to demolish apps, including system apps (e.g., Apple Watch, ..
---------------------------------------------
http://www.fireeye.com/blog/threat-research/2015/06/three_new_masqueatt.html


∗∗∗ array_diff_ukey Usage in Malware Obfuscation ∗∗∗
---------------------------------------------
We discovered a PHP backdoor on a WordPress installation that contained some interesting obfuscation ..
---------------------------------------------
http://labs.sucuri.net/?note=2019-05-14


∗∗∗ IT-Security - Grazer Forscher entdeckten neue Lücken bei Intel-Prozessoren ∗∗∗
---------------------------------------------
Prozessoren der Jahre 2012 bis 2018 betroffen – Neue Updates werden notwendig
---------------------------------------------
https://derstandard.at/2000103122472/Grazer-Forscher-entdeckten-neue-Sicherheitsluecke-bei-Intel-Prozessoren


=====================
=  Vulnerabilities  =
=====================


∗∗∗ Vuln: SAP BusinessObjects Business Intelligence CVE-2019-0289 Information Disclosure Vulnerability ∗∗∗
---------------------------------------------
SAP BusinessObjects Business Intelligence CVE-2019-0289 Information Disclosure Vulnerability
---------------------------------------------
http://www.securityfocus.com/bid/108311


∗∗∗ Synology-SA-19:23 Samba AD DC ∗∗∗
---------------------------------------------
CVE-2018-16860 allows man-in-the-middle attackers to bypass security constraints via a susceptible version of Directory Server for Windows Domain.
---------------------------------------------
https://www.synology.com/en-global/support/security/Synology_SA_19_23


∗∗∗ DSA-4443 samba - security update ∗∗∗
---------------------------------------------
https://www.debian.org/security/2019/dsa-4443


∗∗∗ Cisco Releases Security Updates ∗∗∗
---------------------------------------------
https://www.us-cert.gov/ncas/current-activity/2019/05/13/Cisco-Releases-Security-Updates


∗∗∗ Authorization Bypass Vulnerability in RSA NetWitness (CVE-2019-3724) ∗∗∗
---------------------------------------------
https://sec-consult.com/en/blog/advisories/authorization-bypass-vulnerability-in-rsa-netwitness-cve-2019-3724/


∗∗∗ VMSA-2019-0007 ∗∗∗
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2019-0007.html

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily