[CERT-daily] Tageszusammenfassung - 27.02.2020
Daily end-of-shift report
team at cert.at
Thu Feb 27 18:10:39 CET 2020
=====================
= End-of-Day report =
=====================
Timeframe: Mittwoch 26-02-2020 18:00 − Donnerstag 27-02-2020 18:00
Handler: Thomas Pribitzer
Co-Handler: Robert Waldner
=====================
= News =
=====================
∗∗∗ Norton LifeLock Phishing Scam Installs Remote Access Trojan ∗∗∗
---------------------------------------------
Cybercriminals behind a recently observed phishing campaign used a clever ruse in the form of a bogus NortonLifelock document to fool victims into installing a remote access tool (RAT) that is typically used for legitimate purposes.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/norton-lifelock-phishing-scam-installs-remote-access-trojan/
∗∗∗ RSAC 2020: Smart Baby Monitor Vulnerable to Remote Hackers ∗∗∗
---------------------------------------------
A popular baby monitor has been found riddled with vulnerabilities that give attackers full access to personal information and sensitive video footage.
---------------------------------------------
https://threatpost.com/rsac-2020-another-smart-baby-monitor-vulnerable-to-remote-hackers/153272/
∗∗∗ Android malware can steal Google Authenticator 2FA codes ∗∗∗
---------------------------------------------
A new version of the "Cerberus" Android banking trojan will be able to steal one-time codes generated by the Google Authenticator app and bypass 2FA-protected accounts.
---------------------------------------------
https://www.zdnet.com/article/android-malware-can-steal-google-authenticator-2fa-codes/
=====================
= Vulnerabilities =
=====================
∗∗∗ Security updates for Thursday ∗∗∗
---------------------------------------------
Security updates have been issued by CentOS (kernel, ksh, python-pillow, and thunderbird), Debian (opensmtpd, proftpd-dfsg, and rake), Fedora (NetworkManager-ssh), openSUSE (chromium), and SUSE (libexif, mariadb, ovmf, python3, and squid).
---------------------------------------------
https://lwn.net/Articles/813431/
∗∗∗ Wireshark: Mehrere Schwachstellen ermöglichen Denial of Service ∗∗∗
---------------------------------------------
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Wireshark ausnutzen, um einen Denial of Service Angriff durchzuführen.
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K20-0177
∗∗∗ Wi-Fi Protected Network and Wi-Fi Protected Network 2 Information Disclosure Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure
∗∗∗ Security Bulletin: SQL injection vulnerability in IBM Business Automation Workflow and IBM Business Process Manager (BPM) (CVE-2019-4479) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-sql-injection-vulnerability-in-ibm-business-automation-workflow-and-ibm-business-process-manager-bpm-cve-2019-4479/
∗∗∗ Security Bulletin: IBM MQ certified container is vulnerable to multiple vulnerabilities within IBM MQ.(CVE-2019-4655, CVE-2019-4560, CVE-2019-4614, CVE-2019-4620) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-certified-container-is-vulnerable-to-multiple-vulnerabilities-within-ibm-mq-cve-2019-4655-cve-2019-4560-cve-2019-4614-cve-2019-4620/
∗∗∗ Security Bulletin: Vulnerability in OpenSLP affects Power Hardware Management Console (CVE-2019-5544) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-openslp-affects-power-hardware-management-console-cve-2019-5544/
∗∗∗ Security Bulletin: IBM MQ certified container is vulnerable to a denial of service vulnerability in golang (CVE-2019-17596) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-certified-container-is-vulnerable-to-a-denial-of-service-vulnerability-in-golang-cve-2019-17596/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager Oct 2019 CPU (CVE-2019-2964,CVE-2019-2978,CVE-2019-2983,CVE-2019-2989) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-system-automation-application-manager-oct-2019-cpu-cve-2019-2964cve-2019-2978cve-2019-2983cve-2019-2989/
∗∗∗ Security Bulletin: Bypass security restrictions in WAS Liberty ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-bypass-security-restrictions-in-was-liberty/
∗∗∗ Security Bulletin: Vulnerabilities have been identified in OpenSSL and the Kernel shipped with the DS8000 Hardware Management Console (HMC) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-have-been-identified-in-openssl-and-the-kernel-shipped-with-the-ds8000-hardware-management-console-hmc/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list