[CERT-daily] Tageszusammenfassung - 29.06.2020
Daily end-of-shift report
team at cert.at
Mon Jun 29 18:12:13 CEST 2020
=====================
= End-of-Day report =
=====================
Timeframe: Freitag 26-06-2020 18:00 − Montag 29-06-2020 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
=====================
= News =
=====================
∗∗∗ Laravel/Telescope: Die Sicherheitslücke bei einer Bank, die es nicht gibt ∗∗∗
---------------------------------------------
Ein Leser hat uns auf eine Sicherheitslücke auf der Webseite einer Onlinebank hingewiesen. Die Lücke war echt und betrifft auch andere Seiten - die Bank jedoch scheint es nie gegeben zu haben.
---------------------------------------------
https://www.golem.de/news/laravel-telescope-die-sicherheitsluecke-bei-einer-bank-die-es-nicht-gibt-2006-149251-rss.html
∗∗∗ Active Directory series: Unconstrained delegation ∗∗∗
---------------------------------------------
In this article series, we will look into the most famous ways that can be used to attack Active Directory and achieve persistence. Note: Attacks discussed in this series have already been publicly disclosed on different forums. This series is for educational purposes only.
---------------------------------------------
https://resources.infosecinstitute.com/active-directory-series-unconstrained-delegation/
∗∗∗ Beware "secure DNS" scam targeting website owners and bloggers ∗∗∗
---------------------------------------------
If you run a website or a blog, watch out for emails promising "DNSSEC upgrades" - these scammers are after your whole site.
---------------------------------------------
https://nakedsecurity.sophos.com/2020/06/29/beware-secure-dns-scam-targeting-website-owners-and-bloggers/
∗∗∗ The face of tomorrow's cybercrime: Deepfake ransomware explained ∗∗∗
---------------------------------------------
Deepfake ransomware is a mighty combination that several security experts fear would happen soon. But what is it exactly? Is it deepfake with a ransomware twist? Or ransomware with a sprinkling of deepfake tech?
---------------------------------------------
https://blog.malwarebytes.com/ransomware/2020/06/the-face-of-tomorrows-cybercrime-deepfake-ransomware-explained/
∗∗∗ Passwort‑Manager: nützliches Alltags‑Tool ∗∗∗
---------------------------------------------
In diesem Artikel erklären wir, was einen Passwort-Manager ausmacht und warum dieser als nützliches Tool in den Alltag integriert werden sollte.
---------------------------------------------
https://www.welivesecurity.com/deutsch/2020/06/26/passwort-manager-im-alltag/
∗∗∗ ebay-HändlerInnen aufgepasst: gezielte Phishing-Attacken ∗∗∗
---------------------------------------------
Wenn Sie Waren auf ebay verkaufen, dann nehmen Sie sich vor betrügerischen Nachrichten in Acht, in denen man Ihnen vorspielt, dass Kundschaft von einem Kauf zurücktreten möchte. Die Nachrichten werden im ebay-Design verschickt und fordern zur Antwort auf die entsprechende Anfrage auf. Der Link führt Sie auf eine gefälschte ebay-Website, auf der Ihre Daten direkt in den Händen Krimineller landen.
---------------------------------------------
https://www.watchlist-internet.at/news/ebay-haendlerinnen-aufgepasst-gezielte-phishing-attacken/
∗∗∗ Adobe, Mastercard, Visa warn online store owners of Magento 1.x EOL ∗∗∗
---------------------------------------------
Almost 110,000 online stores are still running the soon-to-be-outdated Magento 1.x CMS.
---------------------------------------------
https://www.zdnet.com/article/adobe-mastercard-visa-warn-online-store-owners-of-magento-1-x-eol/
=====================
= Vulnerabilities =
=====================
∗∗∗ Keine Überraschung nach Fraunhofer-Test: Viele Home-Router unsicher ∗∗∗
---------------------------------------------
Sicherheitsforscher des FKIE haben 127 verschiedene Home-Router untersucht und vermuten gravierende Sicherheitsmängel. Überraschen kann das niemanden mehr.
---------------------------------------------
https://heise.de/-4798342
∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (libtasn1-6, libtirpc, mcabber, picocom, pngquant, trafficserver, and zziplib), Fedora (curl and xen), openSUSE (bluez, ceph, chromium, curl, grafana, grafana-piechart-panel,, graphviz, mariadb, and mercurial), Oracle (nghttp2), Red Hat (microcode_ctl), SUSE (mutt, python3-requests, and tomcat), and Ubuntu (glib-networking and mailman).
---------------------------------------------
https://lwn.net/Articles/824717/
∗∗∗ Security Advisory - Denial of Service Vulnerability in Several Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200624-01-dos-en
∗∗∗ Security Advisory - Information Disclosure Vulnerability in Several Smartphones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200624-01-smartphone-en
∗∗∗ Security Bulletin: IBM TNPM for Wireline is vulnarable to Cross Site Request Forgery(CSRF) and Cross Site Scripting(CSS) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-tnpm-for-wireline-is-vulnarable-to-cross-site-request-forgerycsrf-and-cross-site-scriptingcss/
∗∗∗ Security Bulletin: Speech to Text, Text to Speech ICP, WebSphere Application Server Liberty Fix ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-speech-to-text-text-to-speech-icp-websphere-application-server-liberty-fix-5/
∗∗∗ Security Bulletin: IBM API Connect is vulnerable to cross-site scripting (XSS) in Drupal (sa-contrib-2020-025) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-vulnerable-to-cross-site-scripting-xss-in-drupal-sa-contrib-2020-025/
∗∗∗ Security Bulletin: IBM MQ is vulnerable to a denial of service attack due to an error within the Data Conversion logic. (CVE-2020-4310) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-is-vulnerable-to-a-denial-of-service-attack-due-to-an-error-within-the-data-conversion-logic-cve-2020-4310-2/
∗∗∗ Security Bulletin: IBM API Connect V 2018 (ova) is impacted by weak cryptographic algorithms (CVE-2020-4452) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-v-2018-ova-is-impacted-by-weak-cryptographic-algorithms-cve-2020-4452/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Content Classification ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-content-classification-2/
∗∗∗ Security Bulletin: IBM Integration Bus affected by multiple Apache Tomcat vulnerabilities. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-integration-bus-affected-by-multiple-apache-tomcat-vulnerabilities/
∗∗∗ Security Bulletin: IBM API Connect is vulnerable to arbitrary code execution and security bypass in Drupal (CVE-2020-13664, CVE-2020-13665) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-vulnerable-to-arbitrary-code-execution-and-security-bypass-in-drupal-cve-2020-13664-cve-2020-13665/
∗∗∗ Security Bulletin: A security vulnerability in Node.js affects IBM Integration Bus & IBM App Connect Enterprise V11 (CVE-2019-17592) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-node-js-affects-ibm-integration-bus-ibm-app-connect-enterprise-v11-cve-2019-17592/
∗∗∗ Security Bulletin: IBM API Connect is vulnerable to cross-site request forgery (CSRF) (CVE-2020-13663) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-vulnerable-to-cross-site-request-forgery-csrf-cve-2020-13663/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list