[CERT-daily] Tageszusammenfassung - 09.10.2020
Daily end-of-shift report
team at cert.at
Fri Oct 9 18:20:09 CEST 2020
=====================
= End-of-Day report =
=====================
Timeframe: Donnerstag 08-10-2020 18:00 − Freitag 09-10-2020 18:00
Handler: Dimitri Robl
Co-Handler: Thomas Pribitzer
=====================
= News =
=====================
∗∗∗ Phishing kits as far as the eye can see, (Fri, Oct 9th) ∗∗∗
---------------------------------------------
If you've never delved too deep into the topic of phishing kits, you might quite reasonably expect that they would be the sort of tools, which are traded almost exclusively on dark web marketplaces. This is however not the case.
---------------------------------------------
https://isc.sans.edu/diary/rss/26660
∗∗∗ Firebase: Google Cloud’s Evil Twin - Excerpt ∗∗∗
---------------------------------------------
Firebase is the most popular developer tool that security has never heard of. We will bring its numerous flaws to light.
---------------------------------------------
https://www.sans.org/blog/firebase-google-cloud-s-evil-twin-condensed
∗∗∗ BSI-Team räumt bei CHES-Challenge alle Preise ab ∗∗∗
---------------------------------------------
Vom 14. bis 18. September 2020 veranstaltete die International Association for Cryptologic Research (IACR) die Conference on Cryptographic Hardware and Embedded Systems (CHES). Die CHES ist die weltweit größte und renommierteste hardwarenahe Kryptographietagung.
---------------------------------------------
https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2020/CHES-Challenge_091020.html
∗∗∗ verbraucherclub.de: Warnung vor unseriösen Werbeschaltungen! ∗∗∗
---------------------------------------------
Haben Sie bereits von der Smartwatch „KoreTrak“ gehört, die ein Lebensretter für SeniorInnen sein soll? Oder von der LiveWave Antenna, die Ihnen gratis Fernsehen ins Wohnzimmer zaubert? Wenn ja, dann sind Sie wohl auf eine unseriöse Werbeschaltung von verbraucherclub.de gestoßen.
---------------------------------------------
https://www.watchlist-internet.at/news/verbraucherclubde-warnung-vor-unserioesen-werbeschaltungen/
∗∗∗ Microsoft Exchange CVE-2020-0688 Revisited -- in zwei Akten ∗∗∗
---------------------------------------------
Im April veröffentlichten wir einen Blogpost über Microsoft Exchange Server, die für die bereits im Februar 2020 gepatchte Lücke CVE-2020-0688 anfällig waren.
---------------------------------------------
https://cert.at/de/aktuelles/2020/10/microsoft-exchange-cve-2020-0688-revisited
=====================
= Vulnerabilities =
=====================
∗∗∗ Apples T2: Wenn der Sicherheitschip zum Keylogger wird ∗∗∗
---------------------------------------------
Eigentlich soll Apples T2-Chip für Sicherheit sorgen, ein Forscherteam könnte ihn jedoch in einen Keylogger umwandeln.
---------------------------------------------
https://www.golem.de/news/apples-t2-wenn-der-sicherheitschip-zum-keylogger-wird-2010-151401-rss.html
∗∗∗ We Hacked Apple for 3 Months: Here’s What We Found ∗∗∗
---------------------------------------------
During our engagement, we found a variety of vulnerabilities in core portions of their infrastructure that would've allowed an attacker to fully compromise both customer and employee applications, launch a worm capable of automatically taking over a victims iCloud account, retrieve source code for internal Apple projects, [...]
---------------------------------------------
https://samcurry.net/hacking-apple/
∗∗∗ Credit card skimmer targets virtual conference platform ∗∗∗
---------------------------------------------
Criminals have gone after an online conference platform to steal credit card data from virtual attendees.
---------------------------------------------
https://blog.malwarebytes.com/malwarebytes-news/2020/10/credit-card-skimmer-targets-virtual-conference-platform/
∗∗∗ Security Bulletin: An XPath vulnerability may impact IBM Cúram Social Program Management (CVE-2020-4774) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-an-xpath-vulnerability-may-impact-ibm-cram-social-program-management-cve-2020-4774/
∗∗∗ Security Bulletin: IBM Cúram Social Program Management uses MD5 algorithm (CVE-2020-4778) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cram-social-program-management-uses-md5-algorithm-cve-2020-4778/
∗∗∗ Security Bulletin: A cross-site scripting (XSS) vulnerability may impact IBM Cúram Social Program Management (CVE-2020-4775) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-cross-site-scripting-xss-vulnerability-may-impact-ibm-cram-social-program-management-cve-2020-4775/
∗∗∗ Security Bulletin: IBM Kenexa LCMS Premier On Premise – IBM SDK, Java Technology Edition Quarterly CPU – Jul 2020 – Includes Oracle Jul 2020 CPU plus one additional vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-kenexa-lcms-premier-on-premise-ibm-sdk-java-technology-edition-quarterly-cpu-jul-2020-includes-oracle-jul-2020-cpu-plus-one-additional-vulnerability/
∗∗∗ Security Bulletin: An improper input validation vulnerability may impact IBM Cúram Social Program Management (CVE-2020-4781) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-an-improper-input-validation-vulnerability-may-impact-ibm-cram-social-program-management-cve-2020-4781/
∗∗∗ Security Bulletin: API Connect is vulnerable to denial of service via Kubernetes (CVE-2020-8557, CVE-2020-8559) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-api-connect-is-vulnerable-to-denial-of-service-via-kubernetes-cve-2020-8557-cve-2020-8559/
∗∗∗ Security Bulletin: Security vulnerabilities have been fixed in IBM Security Access Manager and IBM Security Verify Access (CVE-2020-4661, CVE-2020-4699, CVE-2020-4660) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-have-been-fixed-in-ibm-security-access-manager-and-ibm-security-verify-access-cve-2020-4661-cve-2020-4699-cve-2020-4660/
∗∗∗ Security Bulletin: API Connect is vulnerable to denial of service (CVE-2020-16845) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-api-connect-is-vulnerable-to-denial-of-service-cve-2020-16845/
∗∗∗ Security Bulletin: Vulnerabilities in Node.js affect IBM Integration Bus & IBM App Connect Enterprise V11 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-node-js-affect-ibm-integration-bus-ibm-app-connect-enterprise-v11/
∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus and IBM App Connect Enterpise v11. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-integration-bus-and-ibm-app-connect-enterpise-v11-5/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list