[CERT-daily] Tageszusammenfassung - 21.10.2020

Daily end-of-shift report team at cert.at
Wed Oct 21 18:12:40 CEST 2020


=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 20-10-2020 18:00 − Mittwoch 21-10-2020 18:00
Handler:     Dimitri Robl
Co-Handler:  Thomas Pribitzer

=====================
=       News        =
=====================

∗∗∗ TrickBot malware under siege from all sides, and its working ∗∗∗
---------------------------------------------
The Trickbot malware operation is on the brink of going down completely following efforts from an alliance of cybersecurity and hosting providers targeting the botnets command and control servers.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/trickbot-malware-under-siege-from-all-sides-and-its-working/


∗∗∗ LockBit ransomware moves quietly on the network, strikes fast ∗∗∗
---------------------------------------------
LockBit ransomware takes as little as five minutes to deploy the encryption routine on target systems once it lands on the victim network.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/lockbit-ransomware-moves-quietly-on-the-network-strikes-fast/


∗∗∗ Shipping dangerous goods, (Wed, Oct 21st) ∗∗∗
---------------------------------------------
For the past several months, I've been tracking a campaign that sends rather odd-looking emails like this.
---------------------------------------------
https://isc.sans.edu/diary/rss/26702


∗∗∗ Securing Your Online Store for the Holidays ∗∗∗
---------------------------------------------
Shopping season is here, and so is the opportunity for ecommerce site owners to grow their business and generate revenue. In lieu of the changing global ecommerce climate that this pandemic has produced, comes the importance of securing your website to protect your users — and your revenue streams.
---------------------------------------------
https://blog.sucuri.net/2020/10/securing-your-online-store-for-the-holidays.html


∗∗∗ Studie: Mehr als die Häfte aller Windows-Server ist Security-Schrott ∗∗∗
---------------------------------------------
Rund 58 Prozent aller Windows Server im Internet werden nicht mehr regelmäßig mit Sicherheits-Updates versorgt und sind damit tickende Zeitbomben.
---------------------------------------------
https://heise.de/-4933295


∗∗∗ How safe is your USB drive? ∗∗∗
---------------------------------------------
What are some of the key security risks to be aware of when using USB flash drives and how can you mitigate the threats?
---------------------------------------------
https://www.welivesecurity.com/2020/10/20/how-safe-is-your-usb-drive/


∗∗∗ Video: So entlarven Sie betrügerische Werbung im Internet ∗∗∗
---------------------------------------------
Ob auf Google, in Sozialen Medien oder in Apps – überall lauert Werbung, die uns dazu bringen will, ein bestimmtes Produkt zu kaufen oder eine Dienstleistung in Anspruch zu nehmen. Doch nicht jede Werbung ist seriös.
---------------------------------------------
https://www.watchlist-internet.at/news/video-so-entlarven-sie-betruegerische-werbung-im-internet/


∗∗∗ IP Spoofing inbound verhindern ∗∗∗
---------------------------------------------
Die Brigham Young University schickt gerade Empfehlungsschreiben an Internet Provider aus, in denen darauf hingewiesen wird, dass es beidiesen möglich ist, eingehende IP Pakete mit Source-Adressen aus dem Netz des Internet Providers zu empfangen.
---------------------------------------------
https://cert.at/de/blog/2020/10/ip-spoofing-inbound-verhindern



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Big Blue Button: Das große blaue Sicherheitsrisiko ∗∗∗
---------------------------------------------
Kritische Sicherheitslücken, die Golem.de dem Entwickler der Videochat-Software Big Blue Button meldete, sind erst nach Monaten geschlossen worden.
---------------------------------------------
https://www.golem.de/news/big-blue-button-das-grosse-blaue-sicherheitsrisiko-2010-151610-rss.html


∗∗∗ Chrome zero-day in the wild – patch now! ∗∗∗
---------------------------------------------
https://nakedsecurity.sophos.com/2020/10/21/chrome-zero-day-in-the-wild-patch-now/


∗∗∗ Oracle Critical Patch Update Advisory - October 2020 ∗∗∗
---------------------------------------------
https://www.oracle.com/security-alerts/cpuoct2020.html


∗∗∗ Security Bulletin: A security vulnerability in angular.js affects IBM Cloud Pak for Multicloud Management Infrastructure Management and Managed Service. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-angular-js-affects-ibm-cloud-pak-for-multicloud-management-infrastructure-management-and-managed-service/


∗∗∗ Security Bulletin: A security vulnerability in GO affects IBM Cloud Pak for Multicloud Management Managed Service. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-go-affects-ibm-cloud-pak-for-multicloud-management-managed-service-2/


∗∗∗ Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale where an unprivileged local user may cause a denial of service ( CVE-2020-4411) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-has-been-identified-in-ibm-spectrum-scale-where-an-unprivileged-local-user-may-cause-a-denial-of-service-cve-2020-4411-2/


∗∗∗ Security Bulletin: A security vulnerability in Node.js acorn and bootstrap-select affects IBM Cloud Pak for Multicloud Management Infrastructure Management and Managed Service. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-node-js-acorn-and-bootstrap-select-affects-ibm-cloud-pak-for-multicloud-management-infrastructure-management-and-managed-service/


∗∗∗ Security Bulletin: A security vulnerability in GO affects IBM Cloud Pak for Multicloud Management Managed Service. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-go-affects-ibm-cloud-pak-for-multicloud-management-managed-service/


∗∗∗ Security Bulletin: BIND for IBM i is affected by CVE-2020-8622 and CVE-2020-8624 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-bind-for-ibm-i-is-affected-by-cve-2020-8622-and-cve-2020-8624/


∗∗∗ Security Bulletin: A vulnerability in IBM Spectrum Scale packaged in IBM Elastic Storage System could cause a denial of service (CVE-2020-4756) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-spectrum-scale-packaged-in-ibm-elastic-storage-system-could-cause-a-denial-of-service-cve-2020-4756-2/


∗∗∗ Security Bulletin: IBM MQ could allow leak sensitive information due to an error within the pre-v7 pubsub logic (CVE-2020-4319) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-could-allow-leak-sensitive-information-due-to-an-error-within-the-pre-v7-pubsub-logic-cve-2020-4319/


∗∗∗ Security Bulletin: Multiple vulnerabilities in GNU Binutils affect IBM Netezza Platform Software clients. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-gnu-binutils-affect-ibm-netezza-platform-software-clients-2/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list