[CERT-daily] Tageszusammenfassung - 17.10.2019
Daily end-of-shift report
team at cert.at
Thu Oct 17 18:15:49 CEST 2019
=====================
= End-of-Day report =
=====================
Timeframe: Mittwoch 16-10-2019 18:00 − Donnerstag 17-10-2019 18:00
Handler: Stephan Richter
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ 10 Steps for Ransomware Protection ∗∗∗
---------------------------------------------
Here are things you can do right now to shore up your defenses and help your recovery when you get hit.
---------------------------------------------
https://threatpost.com/10-steps-ransomware-protection/149259/
∗∗∗ Betrüger übernehmen alte E-Mail-Adressen ∗∗∗
---------------------------------------------
Das Bundeskriminalamt (BKA) warnt vor missbräuchlicher Verwendung alter E-Mail-Adressen. Betrüger würden sich länger nicht genutzte E-Mail-Adressen aneignen, um damit Zugang zu persönlichen Nutzerkonten zu erlangen, so das BKA. Gaming Accounts und Nutzerkonten in Sozialen Medien seien besonders betroffen.
---------------------------------------------
https://help.orf.at/stories/2993027/
∗∗∗ l+f: Leise rieselt der Crypto-Miner ∗∗∗
---------------------------------------------
Forscher entdecken Crypto-Miner und Backdoors, die sich in WAV-Dateien verstecken.
---------------------------------------------
https://heise.de/-4558856
∗∗∗ Cisco fixes serious flaws in enterprise-grade Catalyst and Aironet access points ∗∗∗
---------------------------------------------
Cisco has released another batch of security updates, the most critical of which fixes a vulnerability that could allow unauthenticated, remote attackers to gain access to vulnerable Cisco Aironet wireless access points. Cisco Aironet APs are enterprise-grade access points used for branch offices, campuses, organizations of all sizes, enterprise and carrier-operator Wi-Fi deployments, and so on.
---------------------------------------------
https://www.helpnetsecurity.com/2019/10/17/cisco-aironet-vulnerabilities/
∗∗∗ KRACK‑Sicherheitslücke in Alexa Smart Home Geräten ∗∗∗
---------------------------------------------
Das ESET Smart Home Research Team entdeckte KRACK-Sicherheitslücken in einigen Amazon Echo- und Kindle-Geräten.
---------------------------------------------
https://www.welivesecurity.com/deutsch/2019/10/17/krack-sicherheitsluecke-alexa/
∗∗∗ Werbung für betrügerische Elektriker auf Google ∗∗∗
---------------------------------------------
Wenn zu Hause der Strom ausfällt, verschafft oft nur eine Fachkraft Abhilfe. Die Suche über Google am Smartphone liegt dabei natürlich nahe. Doch Vorsicht: Die Gefahr, über die Anzeigen auf unseriöse Angebote zu stoßen, ist hoch! Opfer landen beispielsweise auf elektriker-mg.at, elektriker-dienst.at oder elektriker.24std.expert, wo die großen Versprechen in schlechter Arbeit zu horrenden Preisen münden.
---------------------------------------------
https://www.watchlist-internet.at/news/werbung-fuer-betruegerische-elektriker-auf-google/
=====================
= Vulnerabilities =
=====================
∗∗∗ Dangerous Kubernetes Bugs Allow Authentication Bypass, DoS ∗∗∗
---------------------------------------------
The flaws in the container technology, CVE-2019-16276 and CVE-2019-11253, are simple to exploit.
---------------------------------------------
https://threatpost.com/kubernetes-bugs-authentication-bypass-dos/149265/
∗∗∗ Security updates available in Foxit Reader 9.7, Foxit PhantomPDF 9.7 and Foxit PhantomPDF Mac 3.4 ∗∗∗
---------------------------------------------
Foxit has released Foxit Reader 9.7 and Foxit PhantomPDF 9.7, which addresses potential security and stability issues.
Foxit has released Foxit PhantomPDF Mac 3.4, which addresses potential security and stability issues.
---------------------------------------------
https://www.foxitsoftware.com/support/security-bulletins.php
∗∗∗ VMSA-2019-0017 ∗∗∗
---------------------------------------------
VMware ESXi, Workstation, Fusion, VMRC and Horizon Client updates address use-after-free and denial of service vulnerabilities. (CVE-2019-5527, CVE-2019-5535)
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2019-0017.html
∗∗∗ Security updates for Thursday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (sudo), Debian (libsdl1.2 and libsdl2), Mageia (e2fsprogs, kernel, libpcap and tcpdump, nmap, and sudo), openSUSE (GraphicsMagick and sudo), Oracle (java-1.8.0-openjdk, java-11-openjdk, jss, and kernel), Red Hat (java-1.8.0-openjdk and java-11-openjdk), Scientific Linux (jss), SUSE (gcc7 and libreoffice), and Ubuntu (leading to a double-free, libsdl1.2, and tiff).
---------------------------------------------
https://lwn.net/Articles/802537/
∗∗∗ D-LINK Router: Mehrere Schwachstellen ∗∗∗
---------------------------------------------
https://www.bsi-fuer-buerger.de/SharedDocs/Warnmeldungen/DE/TW/2019/10/warnmeldung_tw-t19-0148.html
∗∗∗ CyberArk Password Vault 10.6 Authentication Bypass ∗∗∗
---------------------------------------------
https://cxsecurity.com/issue/WLB-2019100114
∗∗∗ Booking and Availability Management Tools for Drupal - Moderately critical - Access Bypass - SA-CONTRIB-2019-074 ∗∗∗
---------------------------------------------
https://www.drupal.org/sa-contrib-2019-074
∗∗∗ Cisco Security Advisories ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/publicationListing.x
∗∗∗ Vim/Neovim vulnerability CVE-2019-12735 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K93144355?utm_source=f5support&utm_medium=RSS
∗∗∗ Internet Systems Consortium BIND: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K19-0924
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list