[CERT-daily] Tageszusammenfassung - 05.11.2019
Daily end-of-shift report
team at cert.at
Tue Nov 5 19:39:15 CET 2019
=====================
= End-of-Day report =
=====================
Timeframe: Montag 04-11-2019 18:00 − Dienstag 05-11-2019 18:00
Handler: Stephan Richter
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ Alexa und Siri: Sprachbefehle unhörbar per Laser übertragen ∗∗∗
---------------------------------------------
Sprachbefehle müssen nicht unbedingt per Sprache übertragen werden: Forschern ist es gelungen, smarte Lautsprecher wie Amazon Echo oder Google Home mit einem Laser aus bis zu 110 Metern Entfernung zu steuern - und so beispielsweise ein Garagentor zu öffnen.
---------------------------------------------
https://www.golem.de/news/alexa-und-siri-sprachbefehle-unhoerbar-per-laser-uebertragen-1911-144805-rss.html
∗∗∗ Magecart Groups Attack Simultaneous Sites in Card-Theft Frenzy ∗∗∗
---------------------------------------------
Stealing payment-card data and PII from e-commerce sites has become so lucrative that some are being targeted by multiple groups at the same time.
---------------------------------------------
https://threatpost.com/magecart-groups-attack-simultaneous-sites-in-card-theft-frenzy/149872/
∗∗∗ Bluekeep exploitation causing Bluekeep vulnerability scan to fail, (Tue, Nov 5th) ∗∗∗
---------------------------------------------
I woke up this morning to the long anticipated news that Bluekeep exploitation is happening in the wild. As some of you may recall, back in August I wrote a diary demonstrating a way to scan for Bluekeep vulnerable devices. So the next thing I did was check my Bluekeep scan results and was presented with this graph.
---------------------------------------------
https://isc.sans.edu/diary/rss/25488
∗∗∗ Pwning a Smart Car Charger, Building a Bot-Net ∗∗∗
---------------------------------------------
...or Why We Don’t Build Commercial IoT on a Raspberry Pi. A positive story of disclosure and remediation. We’re quite in to our electric vehicles at PTP, so we started hunting for a smart car charger. There are plenty of industrial chargers out there and some research has been done in the past. We got [...]
---------------------------------------------
https://www.pentestpartners.com/security-blog/pwning-a-smart-car-charger-building-a-bot-net/
∗∗∗ Bestellen Sie nicht bei kafrosa.de ∗∗∗
---------------------------------------------
kafrosa.de vertreibt Kaffeemaschinen, Kaffeevollautomaten und sogar Kaffee zu günstigen Preisen. Der Aufbau von kafrosa.de wirkt seriös, verpflichtende Angaben über das Unternehmen werden angeführt und die Auszeichnungen des Shops stiften Vertrauen. Doch Vorsicht: Der Schein trügt. Es handelt sich um einen Fake-Shop, der keine Ware liefert!
---------------------------------------------
https://www.watchlist-internet.at/news/bestellen-sie-nicht-bei-kafrosade/
∗∗∗ A look at WP-VCD, todays largest WordPress hacking operation ∗∗∗
---------------------------------------------
Exclusive look into the WP-VCD gang operations!
---------------------------------------------
https://www.zdnet.com/article/a-look-at-wp-vcd-todays-largest-wordpress-hacking-operation/
=====================
= Vulnerabilities =
=====================
∗∗∗ Windows-Kernel-Lücke in Netzwerküberwachsungssoftware PRTG geschlossen ∗∗∗
---------------------------------------------
Die in Paessler PRTG integrierte Paket-Sniffer-Bibliothek Npcap ist verwundbar. Das haben die Entwickler nun repariert.
---------------------------------------------
https://heise.de/-4577699
∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (electron, ghostscript, glibc, python2, and samba), Debian (webkit2gtk), Slackware (libtiff), SUSE (ImageMagick, python-ecdsa, and samba), and Ubuntu (apport, haproxy, ruby-nokogiri, and whoopsie).
---------------------------------------------
https://lwn.net/Articles/803885/
∗∗∗ Synology-SA-19:37 DSM ∗∗∗
---------------------------------------------
Multiple vulnerabilities allow remote authenticated users to execute arbitrary commands or conduct denial-of-service attacks, or allow remote attackers to delete arbitrary files via a susceptible version of DiskStation Manager (DSM).
---------------------------------------------
https://www.synology.com/en-global/support/security/Synology_SA_19_37
∗∗∗ Microsoft Office365 Integrity Validation / Remote Code Execution ∗∗∗
---------------------------------------------
https://cxsecurity.com/issue/WLB-2019110022
∗∗∗ [20191002] - Core - Path Disclosure in phpuft8 mapping files ∗∗∗
---------------------------------------------
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/Zi-lVuM4KoY/795-20191002-core-path-disclosure-in-phpuft8-mapping-files.html
∗∗∗ [20191001] - Core - CSRF in com_template overrides view ∗∗∗
---------------------------------------------
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/LaIC5kOPGB0/794-20191001-core-csrf-in-com-template-overrides-view.html
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MessageGateway ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-messagegateway/
∗∗∗ Security Bulletin: IBM QRadar Advisor With Watson is vulnerable to Hazardous Input Validation in some cases ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-advisor-with-watson-is-vulnerable-to-hazardous-input-validation-in-some-cases/
∗∗∗ November 4, 2019 TNS-2019-07 [R1] PHP Stand-alone Patch Available for Tenable.sc versions 5.7.x to 5.11.x ∗∗∗
---------------------------------------------
http://www.tenable.com/security/tns-2019-07
∗∗∗ FRF.16 parser vulnerability CVE-2018-14468 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K04367730
∗∗∗ Dell integrated Dell Remote Access Controller: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K19-0957
∗∗∗ Google Android: Mehrere Schwachstellen ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K19-0958
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list