[CERT-daily] Tageszusammenfassung - 19.03.2020
Daily end-of-shift report
team at cert.at
Thu Mar 19 19:00:00 CET 2020
=====================
= End-of-Day report =
=====================
Timeframe: Mittwoch 18-03-2020 18:00 − Donnerstag 19-03-2020 18:00
Handler: Thomas Pribitzer
Co-Handler: Stephan Richter
=====================
= News =
=====================
∗∗∗ Shadowserver Foundation: Gemeinnütziges IT-Security-Team benötigt Spenden ∗∗∗
---------------------------------------------
Das Shadowserver-Team unterstützt Strafverfolgungsbehörden dabei, Cybergangstern das Handwerk zu legen. Jetzt braucht es selbst zeitnah (finanzielle) Hilfe.
---------------------------------------------
https://heise.de/-4686211
∗∗∗ RedLine Info-Stealing Malware Spread by Folding at home Phishing ∗∗∗
---------------------------------------------
A new phishing email is trying to take advantage of the Coronavirus pandemic and the race to develop medications by promoting a fake Folding at home app that installs an information-stealing malware.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/redline-info-stealing-malware-spread-by-folding-home-phishing/
∗∗∗ InfoSec Conferences Canceled? We’ve Hours Of Recordings! ∗∗∗
---------------------------------------------
If you planned to attend some security conferences in the coming weeks, there are risks to have them canceled… Normally, I should be now in Germany to attend TROOPERS… Canceled! SAS2020 (“Security Analyst Summit”)… Canceled! FIRST TC Amsterdam… Canceled! And more will probably be added to the long list.
---------------------------------------------
https://blog.rootshell.be/2020/03/19/infosec-conferences-canceled-weve-hours-of-recordings/
∗∗∗ Achtung vor dem Fake-Shop hausmasters.net ∗∗∗
---------------------------------------------
Hausmasters.net bietet unzählige Haushaltswaren zu Bestpreisen mit kostenlosem Versand nach Österreich, Deutschland und in die Schweiz an. Das breite Sortiment bestehend aus Kühlschränken, Staubsaugern, Waschmaschinen und der moderne Webauftritt laden zu einem schnellen Kauf ein. Doch Vorsicht: Hier zahlen Sie per Vorkasse, erhalten dafür aber nie eine Lieferung. Es handelt sich um einen Fake-Shop.
---------------------------------------------
https://www.watchlist-internet.at/news/achtung-vor-dem-fake-shop-hausmastersnet/
∗∗∗ France warns of new ransomware gang targeting local governments ∗∗∗
---------------------------------------------
CERT France says some local governments have been infected with a new version of the Pysa (Mespinoza) ransomware.
---------------------------------------------
https://www.zdnet.com/article/france-warns-of-new-ransomware-gang-targeting-local-governments/
=====================
= Vulnerabilities =
=====================
∗∗∗ Adobe: Weitere teils kritische Updates unter anderem für Photoshop und Bridge ∗∗∗
---------------------------------------------
Nicht nur bei Acrobat und Reader hat Adobe nachgebessert, sondern auch bei Bridge, ColdFusion, Experience Manager, Photoshop und Genuine Integrity Service.
---------------------------------------------
https://heise.de/-4686418
∗∗∗ Security updates for Thursday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (gdal), Fedora (nethack), Mageia (okular, sleuthkit, and webkit2), openSUSE (salt), Oracle (icu, kernel, python-pip, python-virtualenv, and zsh), Red Hat (icu, python-imaging, thunderbird, and zsh), Scientific Linux (icu, python-imaging, and zsh), SUSE (postgresql10), and Ubuntu (apache2).
---------------------------------------------
https://lwn.net/Articles/815442/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-and-ibm-java-runtime-affect-rational-business-developer/
∗∗∗ Security Bulletin: Vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Spectrum Protect Backup-Archive Client web user interface, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-websphere-application-server-liberty-affect-ibm-spectrum-protect-backup-archive-client-web-user-interface-ibm-spectrum-protect-for-space-management-and-ibm/
∗∗∗ Security Bulletin: A vulnerability in IBM Java Runtime affect Financial Transaction Manager for Check Services (CVE-2019-4732) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-java-runtime-affect-financial-transaction-manager-for-check-services-cve-2019-4732/
∗∗∗ Security Bulletin: IBM Java Runtime Vulnerabilities affect the IBM Spectrum Protect Backup-Archive Client and web user interface, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments (CVE-2019-4732, ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-java-runtime-vulnerabilities-affect-the-ibm-spectrum-protect-backup-archive-client-and-web-user-interface-ibm-spectrum-protect-for-space-management-and-ibm-spectrum-protect-fo/
∗∗∗ Security Bulletin: IBM DataPower Gateway is potentially vulnerable to a DoS issue when processing regular expressions (CVE-2017-16231) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-datapower-gateway-is-potentially-vulnerable-to-a-dos-issue-when-processing-regular-expressions-cve-2017-16231/
∗∗∗ Security Bulletin: Vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Spectrum Protect Snapshot for VMware (CVE-2019-4304, CVE-2019-4305, CVE-2019-4441, CVE-2014-3603) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-websphere-application-server-liberty-affect-ibm-spectrum-protect-snapshot-for-vmware-cve-2019-4304-cve-2019-4305-cve-2019-4441-cve-2014-3603/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Host On-Demand ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-host-on-demand/
∗∗∗ Security Bulletin: Vulnerabilities in OpenSSL affect IBM Spectrum Protect Backup-Archive Client NetApp Services (CVE-2019-1547, CVE-2019-1549, CVE-2019-1563, CVE-2019-1552) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-openssl-affect-ibm-spectrum-protect-backup-archive-client-netapp-services-cve-2019-1547-cve-2019-1549-cve-2019-1563-cve-2019-1552/
∗∗∗ Security Bulletin: Potential exposure of sensitive data in IBM DataPower Gateway (CVE-2020-4203) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-potential-exposure-of-sensitive-data-in-ibm-datapower-gateway-cve-2020-4203/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect OS Images for Red Hat Linux Systems (Oct2019 updates) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-os-images-for-red-hat-linux-systems-oct2019-updates/
∗∗∗ Red Hat Enterprise Linux: Schwachstelle ermöglicht Codeausführung ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K20-0241
∗∗∗ Drupal: Mehrere Schwachstelle ermöglichen Cross-Site Scripting ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K20-0240
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list