[CERT-daily] Tageszusammenfassung - 09.04.2020
Daily end-of-shift report
team at cert.at
Thu Apr 9 18:15:32 CEST 2020
=====================
= End-of-Day report =
=====================
Timeframe: Mittwoch 08-04-2020 18:00 − Donnerstag 09-04-2020 18:00
Handler: Robert Waldner
Co-Handler: Dimitri Robl
=====================
= News =
=====================
∗∗∗ Visa urges merchants to migrate e-commerce sites to Magento 2.x ∗∗∗
---------------------------------------------
Payments processor Visa is urging merchants to migrate their online stores to Magento 2.x before the Magento 1.x e-commerce platform reaches end-of-life (EoL) in June 2020 to avoid exposing their stores to Magecart attacks and to remain PCI compliant.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/visa-urges-merchants-to-migrate-e-commerce-sites-to-magento-2x/
∗∗∗ Data Center Migration Deadline Extended Due To COVID-19 ∗∗∗
---------------------------------------------
The original deadline for Shadowserver to move our data center has been extended from May 26th to August 31st 2020, due to the worsening COVID-19 pandemic and Silicon Valley Shelter in Place lockdowns. This extension provides us with some much needed additional time to continue raising funding for our 2020 operations, such as the recently received donation from cryptocurrency exchange BitMEX.
---------------------------------------------
https://www.shadowserver.org/news/data-center-migration-deadline-extended-due-to-covid-19/
∗∗∗ BGP Hijacking and BGP Security ∗∗∗
---------------------------------------------
BGP Hijacking is a long-standing problem and is a constant possibility in today’s BGP environment. These news stories will continue for some time to come, but there are things the community can do to limit the impact of these events.
---------------------------------------------
https://blog.team-cymru.com/2020/04/08/bgp-hijacking-and-bgp-security/
∗∗∗ Viele Meldungen zu mimty.de und evenlife.de ∗∗∗
---------------------------------------------
Egal ob Atemschutzmasken, Desinfektionsmittel oder Schutzausrüstung - auf mimty.de und evenlife.de finden Sie Produkte, die momentan äußerst schwer zu bekommen sind. Zahlreiche InternetuserInnen melden diese Online-Shops jedoch an die Watchlist Internet und klagen über ausbleibende Lieferungen. Auch auf Bewertungsportalen wird den beiden Shops kein gutes Zeugnis ausgestellt.
---------------------------------------------
https://www.watchlist-internet.at/news/viele-meldungen-zu-mimtyde-und-evenlifede/
∗∗∗ Jahresbericht 2019 von CERT.at und GovCERT Austria veröffentlicht ∗∗∗
---------------------------------------------
Das Mandat als nationales Computer-Notfallteam nach NISG, Emotet, Ransomware, Sextortion, ein Projektabschluss und CyberExchanges – das Jahr 2019 war für CERT.at und GovCERT Austria ein ereignisreiches, das wir in Form unseres Jahresberichts Revue passieren lassen.
---------------------------------------------
https://cert.at/de/blog/2020/4/jahresbericht-2019-von-certat-und-govcert-austria-veroffentlicht
=====================
= Vulnerabilities =
=====================
∗∗∗ Juniper Networks Releases Security Updates ∗∗∗
---------------------------------------------
Original release date: April 9, 2020
Juniper Networks has released security updates to address multiple vulnerabilities in various Juniper products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Juniper Security Advisories webpage and apply the necessary updates or workarounds.
---------------------------------------------
https://www.us-cert.gov/ncas/current-activity/2020/04/09/juniper-networks-releases-security-updates
∗∗∗ Spamicide - Critical - Access bypass - SA-CONTRIB-2020-009 ∗∗∗
---------------------------------------------
Project: Spamicide
Date: 2020-April-08
Security risk: Critical 18∕25 AC:None/A:None/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Access bypass
Description: The Spamicide module protects Drupal forms with a form field that is hidden from normal users, but visible to spam bots. The module doesnt require appropriate permissions for administrative pages leading to an Access Bypass.
Solution: Install the latest version
---------------------------------------------
https://www.drupal.org/sa-contrib-2020-009
∗∗∗ Security updates for Thursday ∗∗∗
---------------------------------------------
Security updates have been issued by CentOS (firefox, ipmitool, krb5-appl, and telnet), Debian (ceph and firefox-esr), Mageia (firefox), openSUSE (bluez and exiv2), Red Hat (firefox), SUSE (ceph, libssh, mgetty, permissions, python-PyYAML, rubygem-actionview-4_2, and vino), and Ubuntu (libiberty and libssh).
---------------------------------------------
https://lwn.net/Articles/817128/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Performance Management products ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-performance-management-products-3/
∗∗∗ Security Bulletin: Resilient is vulnerable to using Python component with known vulnerabilities in RHEL 7 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-resilient-is-vulnerable-to-using-python-component-with-known-vulnerabilities-in-rhel-7-4/
∗∗∗ Security Bulletin: IBM Resilient OnPrem does not properly limit the number or frequency of pssword reset interactions ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-resilient-onprem-does-not-properly-limit-the-number-or-frequency-of-pssword-reset-interactions/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Installation Manager and IBM Packaging Utility ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-installation-manager-and-ibm-packaging-utility-3/
∗∗∗ Security Bulletin: IBM Spectrum Scale Transparent Cloud Tiering is affected by a vulnerability in IBM® Runtime Environment Java™ Version 8 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-spectrum-scale-transparent-cloud-tiering-is-affected-by-a-vulnerability-in-ibm-runtime-environment-java-version-8/
∗∗∗ Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Key Lifecycle Manager (SKLM) ( CVE-2019-4441) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-identified-in-websphere-application-server-shipped-with-ibm-security-key-lifecycle-manager-sklm-cve-2019-4441/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Installation Manager and IBM Packaging Utility ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-installation-manager-and-ibm-packaging-utility-2/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Installation Manager and IBM Packaging Utility ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-installation-manager-and-ibm-packaging-utility/
∗∗∗ Security Bulletin: Resilient is vulnerable to using Python component with known vulnerabilities in RHEL 7 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-resilient-is-vulnerable-to-using-python-component-with-known-vulnerabilities-in-rhel-7-3/
∗∗∗ Security Bulletin: Resilient is vulnerable to using Python component with known vulnerabilities in RHEL 7 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-resilient-is-vulnerable-to-using-python-component-with-known-vulnerabilities-in-rhel-7-2/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list