[CERT-daily] Tageszusammenfassung - 19.06.2020

Daily end-of-shift report team at cert.at
Fri Jun 19 18:08:51 CEST 2020


=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 18-06-2020 18:00 − Freitag 19-06-2020 18:00
Handler:     Dimitri Robl
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Hackers use fake Windows error logs to hide malicious payload ∗∗∗
---------------------------------------------
Hackers have been using fake error logs to store ASCII characters disguised as hexadecimal values that decode to a malicious payload designed to prepare the ground for script-based attacks.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/hackers-use-fake-windows-error-logs-to-hide-malicious-payload/


∗∗∗ IBM Maximo Asset Management servers patched against attacks ∗∗∗
---------------------------------------------
Details are hazy but the overall story is clear: if you use IBM’s Maximo Asset Management, make sure you’re patched.
---------------------------------------------
https://nakedsecurity.sophos.com/2020/06/19/ibm-maximo-asset-management-servers-patched-against-attacks/


∗∗∗ Sicherheitsupdate für CMS: Drupal anfällig für Remote Code Execution ∗∗∗
---------------------------------------------
Die Drupal-Entwickler haben zwei Sicherheitslücken in mehreren Versionen des Content Management Systems geschlossen.
---------------------------------------------
https://heise.de/-4789539


∗∗∗ Security: Four zero-days spotted in attacks on honeypot systems ∗∗∗
---------------------------------------------
Previously unknown attacks used against fake systems show big problems remain with industrial systems security.
---------------------------------------------
https://www.zdnet.com/article/security-four-zero-day-attacks-spotted-in-attacks-against-honeypot-systems/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ BlackBerry Powered by Android Security Bulletin - June 2020 ∗∗∗
---------------------------------------------
BlackBerry has released a security update to address multiple vulnerabilities in BlackBerry powered by Android smartphones. We recommend users update to the latest available software build.
---------------------------------------------
https://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000064303


∗∗∗ Kritische 0day-Lücke in 79 Netgear-Router-Modellen ∗∗∗
---------------------------------------------
Über einen Fehler im eingebauten Webserver lassen sich die Geräte kapern – unter Umständen schon beim Besuch einer Webseite mit dem Exploit.
---------------------------------------------
https://heise.de/-4789814


∗∗∗ VMSA-2020-0014 ∗∗∗
---------------------------------------------
VMware Tools for macOS update addresses a denial-of-service vulnerability (CVE-2020-3972)
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2020-0014.html


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (drupal7), Fedora (dbus, kernel, microcode_ctl, mingw-glib-networking, moby-engine, and roundcubemail), Mageia (libjpeg), openSUSE (chromium and rmt-server), Oracle (kernel and microcode_ctl), Red Hat (rh-nodejs8-nodejs and thunderbird), Slackware (bind), and SUSE (adns, containerd, docker, docker-runc, golang-github-docker-libnetwork, dbus-1, fwupd, gegl, gnuplot, guile, java-1_7_1-ibm, java-1_8_0-ibm, kernel, mozilla-nspr, mozilla-nss, perl, and [...]
---------------------------------------------
https://lwn.net/Articles/823736/


∗∗∗ Security Bulletin: Multiple DB2 Database Server Security Vulnerabilities Affect IBM Emptoris Contract Management ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-db2-database-server-security-vulnerabilities-affect-ibm-emptoris-contract-management/


∗∗∗ Security Bulletin: Multiple vulnerabilities affects IBM Engineering Requirements Management DOORS Next ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affects-ibm-engineering-requirements-management-doors-next/


∗∗∗ Security Bulletin: Vulnerability identified in Apache ActiveMQ used in Cloud Pak System (CVE-2020-1941) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-identified-in-apache-activemq-used-in-cloud-pak-system-cve-2020-1941/


∗∗∗ Security Bulletin: Multiple DB2 Database Server Security Vulnerabilities Affect IBM Emptoris Sourcing ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-db2-database-server-security-vulnerabilities-affect-ibm-emptoris-sourcing/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list