[CERT-daily] Tageszusammenfassung - 13.05.2020

Wed May 13 18:24:16 CEST 2020

=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 12-05-2020 18:00 − Mittwoch 13-05-2020 18:00
Handler:     Thomas Pribitzer
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ US govt shares list of most exploited vulnerabilities since 2016 ∗∗∗
---------------------------------------------
US Government cybersecurity agencies and specialists today have released a list of the top 10 routinely exploited security vulnerabilities between 2016 and 2019.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/us-govt-shares-list-of-most-exploited-vulnerabilities-since-2016/


∗∗∗ Ramsay Malware Targets Air-Gapped Networks ∗∗∗
---------------------------------------------
The cyber-espionage toolkit is under active development.
---------------------------------------------
https://threatpost.com/ramsay-malware-air-gapped-networks/155695/


∗∗∗ Angreifer könnten Symantec Endpoint Protection als Sprungbrett nutzen ∗∗∗
---------------------------------------------
Symantecs Entwickler haben mehrere Sicherheitslücken in Endpoint Protection und Endpoint Protection Manager geschlossen.
---------------------------------------------
https://heise.de/-4720697


∗∗∗ Tinder-Bots betrügen mit scheinbarer Verifizierung ∗∗∗
---------------------------------------------
Internet-BetrügerInnen treiben auch auf Dating-Plattform ihr Unwesen und versuchen den Menschen durch Flirten Geld aus der Tasche zu ziehen. Bei einer dieser Betrugsmaschen geben Fake-Profile auf Tinder vor, dass sie sich sicherer fühlen würden, wenn sich das Tinder-Match verifizieren lässt. Das Opfer dieser Masche erhält einen Link dafür. Doch tatsächlich geht es dabei nicht darum, Vertrauen und Sicherheit vor einem Date herzustellen, [...]
---------------------------------------------
https://www.watchlist-internet.at/news/tinder-bots-betruegen-mit-scheinbarer-verifizierung/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Unmittelbar Patchen: Kritische Schwachstelle in SAP® ABAP Systemen (CVE-2020-6262) ∗∗∗
---------------------------------------------
Das SEC Consult Vulnerability Lab hat eine kritische Code-Injection-Schwachstelle (CVE-2020-6262), mit einem CVSSv3 Score von 9.9, in SAP® Service Data Download (ein Teil des SAP® Solution Manager Plugin ST-PI), identifiziert.
---------------------------------------------
https://www.sec-consult.com/./blog/2020/05/unmittelbar-patchen-kritische-schwachstelle-in-sap-abap-systemen-cve-2020-6262/


∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Fedora (java-1.8.0-openjdk and seamonkey), Gentoo (firefox, lrzip, qemu, squid, and thunderbird), Oracle (thunderbird), Red Hat (buildah, kernel, kernel-alt, kernel-rt, kpatch-patch, podman, python-pip, python-virtualenv, and qemu-kvm), Scientific Linux (kernel), Slackware (mariadb), SUSE (openconnect), and Ubuntu (file, firefox, iproute2, pulseaudio, and squid, squid3).
---------------------------------------------
https://lwn.net/Articles/820409/


∗∗∗ Mai-Patchday: Microsoft schließt 111 Sicherheitslücken ∗∗∗
---------------------------------------------
Es ist der drittgrößte Patchday in der Geschichte des Unternehmens. Anfällig sind unter anderem Windows, SharePoint, Edge und Internet Explorer. Eine Lücke in Windows erlaubt sogar eine Remotecodeausführung mit erweiterten Benutzerrechten.
---------------------------------------------
https://www.zdnet.de/88379702/mai-patchday-microsoft-schliesst-111-sicherheitsluecken/


∗∗∗ Security Advisory - Out of Bounds Read Vulnerability in Several Smartphones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200513-02-smartphone-en


∗∗∗ Security Advisory - Integer Overflow Vulnerability in Android affects Several Huawei Smartphones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200513-03-smartphone-en


∗∗∗ Security Advisory - Improper Authentication Vulnerability in Some Huawei Smartphones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200513-01-smartphone-en


∗∗∗ Security Bulletin: [All] Apache Tomcat (core only) (Publicly disclosed vulnerability) CVE-2020-1935, CVE-2019-17569 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-all-apache-tomcat-core-only-publicly-disclosed-vulnerability-cve-2020-1935-cve-2019-17569/


∗∗∗ Security Bulletin: Security Vulnerabilities in IBM® Java SDK Oct 2019 and Jan 2020 CPU affect multiple IBM Continuous Engineering products based on IBM Jazz Technology ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-in-ibm-java-sdk-oct-2019-and-jan-2020-cpu-affect-multiple-ibm-continuous-engineering-products-based-on-ibm-jazz-technology/


∗∗∗ Security Bulletin: Multiple Security Vulnerabilities in IBM WebSphere Application Server Affect IBM Sterling B2B Integrator ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-in-ibm-websphere-application-server-affect-ibm-sterling-b2b-integrator/


∗∗∗ Security Bulletin: IBM WebSphere Cast Iron Solution & App Connect Professional is affected by Apache Tomcat vulnerabilities. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-websphere-cast-iron-solution-app-connect-professional-is-affected-by-apache-tomcat-vulnerabilities-4/


∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Netcool Agile Service Manager ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-netcool-agile-service-manager-3/


∗∗∗ Security Bulletin: Information Disclosure Security Vulnerability Exists in IBM Sterling B2B Integrator (CVE-2020-4312) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-information-disclosure-security-vulnerability-exists-in-ibm-sterling-b2b-integrator-cve-2020-4312/


∗∗∗ FreeBSD: Mehrere Schwachstellen ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K20-0453

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily