[CERT-daily] Tageszusammenfassung - 30.01.2020
Daily end-of-shift report
team at cert.at
Thu Jan 30 18:22:54 CET 2020
=====================
= End-of-Day report =
=====================
Timeframe: Mittwoch 29-01-2020 18:00 − Donnerstag 30-01-2020 18:00
Handler: Thomas Pribitzer
Co-Handler: Stephan Richter
=====================
= News =
=====================
∗∗∗ Network Traffic Analysis for IR: SSH Protocol with Wireshark ∗∗∗
---------------------------------------------
Introduction to the SSH protocol The Secure Shell (SSH) is designed to allow confidential and authenticated remote access to a computer. Like the Telnet protocol, it enables a user to remotely access a command shell on a machine, run commands and access the results. However, unlike Telnet, SSH traffic is fully encrypted, making it the [...]
---------------------------------------------
https://resources.infosecinstitute.com/network-traffic-analysis-for-ir-ssh-protocol-with-wireshark/
∗∗∗ Collating Hacked Data Sets ∗∗∗
---------------------------------------------
Two Harvard undergraduates completed a project where they went out on the Dark Web and found a bunch of stolen datasets. Then they correlated all the information, and then combined it with additional, publicly available information. No surprise: the result was much more detailed and personal."What we were able to do is alarming because we can now find vulnerabilities in peoples online presence very quickly," Metropolitansky said.
---------------------------------------------
https://www.schneier.com/blog/archives/2020/01/collating_hacke.html
∗∗∗ Microsoft Azure Flaws Could Have Let Hackers Take Over Cloud Servers ∗∗∗
---------------------------------------------
Cybersecurity researchers at Check Point today disclosed details of two recently patched potentially dangerous vulnerabilities in Microsoft Azure services that, if exploited, could have allowed hackers to target several businesses that run their web and mobile apps on Azure. Azure App Service is a fully-managed integrated service that enables users to create web and mobile apps for any
---------------------------------------------
https://thehackernews.com/2020/01/microsoft-azure-vulnerabilities.html
=====================
= Vulnerabilities =
=====================
∗∗∗ Privilege escalation in Bitdefender Antivirus for Mac (VA-3499) ∗∗∗
---------------------------------------------
A privilege escalation vulnerability in BDLDaemon as used in Bitdefender Antivirus for Mac allows a local attacker to obtain authentication tokens for requests submitted to the Bitdefender Cloud.
---------------------------------------------
https://www.bitdefender.com/support/security-advisories/privilege-escalation-bitdefender-antivirus-mac-va-3499/
∗∗∗ Security updates for Thursday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (graphicsmagick, opensmtpd, webkit2gtk, wget, and zlib), openSUSE (apt-cacher-ng, GraphicsMagick, java-1_8_0-openjdk, mailman, mumble, rubygem-excon, sarg, and shadowsocks-libev), Oracle (libarchive and openjpeg2), Red Hat (firefox, fribidi, openjpeg2, SDL, and thunderbird), Scientific Linux (openjpeg2), SUSE (glibc, java-1_8_0-openjdk, and rmt-server), and Ubuntu (Apache Solr and webkit2gtk).
---------------------------------------------
https://lwn.net/Articles/811025/
∗∗∗ Elementor Page Builder < 2.7.6 - Authenticated Stored XSS ∗∗∗
---------------------------------------------
https://wpvulndb.com/vulnerabilities/10052
∗∗∗ Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2019-3815) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-has-announced-a-release-for-ibm-security-identity-governance-and-intelligence-in-response-to-security-vulnerability-cve-2019-3815/
∗∗∗ Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2018-15473) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-has-announced-a-release-for-ibm-security-identity-governance-and-intelligence-in-response-to-security-vulnerability-cve-2018-15473/
∗∗∗ Security Bulletin: A vulnerability in IBM Java Runtime affects IBM ILOG CPLEX Optimization Studio and IBM CPLEX Enterprise Server ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-java-runtime-affects-ibm-ilog-cplex-optimization-studio-and-ibm-cplex-enterprise-server/
∗∗∗ Security Bulletin: Security vulnerabilities in the jackson-databind routines fixed in IBM Security Access Manager ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-in-the-jackson-databind-routines-fixed-in-ibm-security-access-manager/
∗∗∗ Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2018-11214, CVE-2018-11213, CVE-2018-11212) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-has-announced-a-release-for-ibm-security-identity-governance-and-intelligence-in-response-to-security-vulnerability-cve-2018-11214-cve-2018-11213-cve-2018-11212/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 – July 2019 and October 2019 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-virtualization-engine-ts7700-july-2019-and-october-2019/
∗∗∗ Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2019-11479, CVE-2019-11478, CVE-2019-11477) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-has-announced-a-release-for-ibm-security-identity-governance-and-intelligence-in-response-to-security-vulnerability-cve-2019-11479-cve-2019-11478-cve-2019-11477/
∗∗∗ Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2018-12404) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-has-announced-a-release-for-ibm-security-identity-governance-and-intelligence-in-response-to-security-vulnerability-cve-2018-12404/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list