[CERT-daily] Tageszusammenfassung - 02.03.2020
Daily end-of-shift report
team at cert.at
Mon Mar 2 18:13:30 CET 2020
=====================
= End-of-Day report =
=====================
Timeframe: Freitag 28-02-2020 18:00 − Montag 02-03-2020 18:00
Handler: Stephan Richter
Co-Handler: Thomas Pribitzer
=====================
= News =
=====================
∗∗∗ New Evasion Encyclopedia Shows How Malware Detects Virtual Machines ∗∗∗
---------------------------------------------
A new Malware Evasion Encyclopedia has been launched that offers insight into the various methods malware uses to detect if it is running under a virtual environment.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/new-evasion-encyclopedia-shows-how-malware-detects-virtual-machines/
∗∗∗ Secure vs. cleartext protocols - couple of interesting stats, (Mon, Mar 2nd) ∗∗∗
---------------------------------------------
For a very long time, there has been a strong effort aimed toward moving all potentially sensitive network-based communications from unencrypted protocols to the secure and encrypted ones. And with the recently released APWG report noting that 74% of phishing sites used HTTPS in the last quarter of 2019[1] and Apples supposed plan to start supporting only TLS certificates with no more than one year period of validity [...]
---------------------------------------------
https://isc.sans.edu/diary/rss/25854
∗∗∗ Was Emotet anrichtet – und welche Lehren die Opfer daraus ziehen ∗∗∗
---------------------------------------------
Im niedersächsischen Neustadt schlug der Trojaner Emotet mit voller Wucht zu. Nun spricht die Stadtverwaltung offen über das Desaster – damit andere lernen.
---------------------------------------------
https://heise.de/-4665958
∗∗∗ Large-scale phishing attack on Western Europe ∗∗∗
---------------------------------------------
Beginning in November 2019, 360 Security Center detected multiple large-scale cyber attack incidents carrying AgentTesla stealing Trojans. This cyber attack mainly targeted countries in Western Europe [...]
---------------------------------------------
https://blog.360totalsecurity.com/en/large-scale-phishing-attack-on-western-europe/
=====================
= Vulnerabilities =
=====================
∗∗∗ NVIDIA schließt Lücken in GPU-Treiber und vGPU-Software ∗∗∗
---------------------------------------------
Von insgesamt fünf Lücken in NVIDIAs GPU Display-Treiber für Windows und in der vGPU-Software geht ein teils hohes Sicherheitsrisiko aus. Es gibt Updates.
---------------------------------------------
https://heise.de/-4672318
∗∗∗ Security Bulletin: Multiple vulnerabilities of Mozzila Firefox (less than Firefox 68.3 ESR) have affected Synthetic Playback Agent 8.1.4.0 – 8.1.4 IF10 + ICAM 3.0 – 4.0 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozzila-firefox-less-than-firefox-68-3-esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if10-icam-3-0-4-0/
∗∗∗ Security Bulletin: IBM Aspera Shares Web Application is affected by NGINX Vulnerabilities (CVE-2019-13067) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-aspera-shares-web-application-is-affected-by-nginx-vulnerabilities-cve-2019-13067/
∗∗∗ Security Bulletin: IBM Security Information Queue has overly permissive CORS policy (CVE-2020-4292) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-information-queue-has-overly-permissive-cors-policy-cve-2020-4292/
∗∗∗ Security Bulletin: IBM RackSwitch firmware products are affected by the following OpenSLL vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rackswitch-firmware-products-are-affected-by-the-following-opensll-vulnerability/
∗∗∗ Security Bulletin: Addressing the Sqlite Vulnerability CVE-2019-16168, CVE-2019-19242 and CVE-2019-19244 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-addressing-the-sqlite-vulnerability-cve-2019-16168-cve-2019-19242-and-cve-2019-19244/
∗∗∗ Security Bulletin: Aspera Web Shares application is affected by NGINX Vulnerabilities (CVE-2019-12208, CVE-2019-12207) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-aspera-web-shares-application-is-affected-by-nginx-vulnerabilities-cve-2019-12208-cve-2019-12207/
∗∗∗ Security Bulletin: WebSphere Application Server is vulnerable to a denial of service shipped with Jazz for Service Management (CVE-2019-4720) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-websphere-application-server-is-vulnerable-to-a-denial-of-service-shipped-with-jazz-for-service-management-cve-2019-4720/
∗∗∗ Security Bulletin: A vulnerability in Python affects IBM Operations Analytics Predictive Insights (CVE-2019-10160) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-python-affects-ibm-operations-analytics-predictive-insights-cve-2019-10160/
∗∗∗ Security Bulletin: A vulnerability in Python affects IBM Operations Analytics Predictive Insights (CVE-2018-14647) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-python-affects-ibm-operations-analytics-predictive-insights-cve-2018-14647/
∗∗∗ Security Bulletin: Vulnerabilities in Python affect IBM Operations Analytics Predictive Insights (CVE-2019-9948, CVE-2019-9947) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-python-affect-ibm-operations-analytics-predictive-insights-cve-2019-9948-cve-2019-9947/
∗∗∗ Security Bulletin: A security vulnerability has been identified in SQLite shipped with PowerAI. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-identified-in-sqlite-shipped-with-powerai-4/
∗∗∗ Security Bulletin: A security vulnerability has been identified in SQLite shipped with PowerAI. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-identified-in-sqlite-shipped-with-powerai-3/
∗∗∗ Security Bulletin: A security vulnerability has been identified in SQLite shipped with PowerAI. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-identified-in-sqlite-shipped-with-powerai-2/
∗∗∗ Security Bulletin: A security vulnerability has been identified in TensorFlow shipped with PowerAI. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-identified-in-tensorflow-shipped-with-powerai/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list