[CERT-daily] Tageszusammenfassung - 08.05.2020
Daily end-of-shift report
team at cert.at
Fri May 8 18:19:20 CEST 2020
=====================
= End-of-Day report =
=====================
Timeframe: Donnerstag 07-05-2020 18:00 − Freitag 08-05-2020 18:00
Handler: Thomas Pribitzer
Co-Handler: Stephan Richter
=====================
= News =
=====================
∗∗∗ Blue Mockingbird Monero-Mining Campaign Exploits Web Apps ∗∗∗
---------------------------------------------
The cybercriminals are using a deserialization vulnerability, CVE-2019-18935, to achieve remote code execution before moving laterally through the enterprise.
---------------------------------------------
https://threatpost.com/blue-mockingbird-monero-mining/155581/
∗∗∗ Navigating the MAZE: Tactics, Techniques and Procedures Associated WithMAZE Ransomware Incidents ∗∗∗
---------------------------------------------
Targeted ransomware incidents have brought a threat of disruptive and destructive attacks to organizations across industries and geographies. FireEye Mandiant Threat Intelligence has previously documented this threat in our investigations of trends across ransomware incidents, FIN6 activity, implications for OT networks, and other aspects of post-compromise ransomware deployment.
---------------------------------------------
http://www.fireeye.com/blog/threat-research/2020/05/tactics-techniques-procedures-associated-with-maze-ransomware-incidents.html
=====================
= Vulnerabilities =
=====================
∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (firefox-esr, salt, and webkit2gtk), Fedora (firefox, mingw-gnutls, nss, and teeworlds), Mageia (firefox, libvncserver, matio, qt4, roundcubemail, samba, thunderbird, and vlc), Oracle (firefox and squid), SUSE (firefox, ghostscript, openldap2, rmt-server, syslog-ng, and webkit2gtk3), and Ubuntu (firefox).
---------------------------------------------
https://lwn.net/Articles/819969/
∗∗∗ Ruby on Rails: Schwachstelle ermöglicht Offenlegung von Informationen ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K20-0436
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-itcam-for-soa-2/
∗∗∗ Security Bulletin: Vulnerabilities exist in IBM Data Risk Manager (CVE-2020-4427, CVE-2020-4428, CVE-2020-4429, and CVE-2020-4430) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-exist-in-ibm-data-risk-manager-cve-2020-4427-cve-2020-4428-cve-2020-4429-and-cve-2020-4430/
∗∗∗ Security Bulletin: Security vulnerabilities in Dojo and jQuery might affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-in-dojo-and-jquery-might-affect-ibm-business-automation-workflow-and-ibm-business-process-manager-bpm-2/
∗∗∗ Security Bulletin: Multiple security vulnerabilities in Swagger UI affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-in-swagger-ui-affect-ibm-business-automation-workflow-and-ibm-business-process-manager-bpm-2/
∗∗∗ Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server April 2020 CPU plus deferred CVE-2019-2949 and CVE-2020-2654 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-websphere-application-server-april-2020-cpu-plus-deferred-cve-2019-2949-and-cve-2020-2654/
∗∗∗ Security Bulletin: Multiple vulnerabilities in dependent libraries affect IBM® Db2® leading to denial of service or privilege escalation. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-dependent-libraries-affect-ibm-db2-leading-to-denial-of-service-or-privilege-escalation-2/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list