[CERT-daily] Tageszusammenfassung - 23.10.2020

Daily end-of-shift report team at cert.at
Fri Oct 23 18:07:37 CEST 2020


=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 22-10-2020 18:00 − Freitag 23-10-2020 18:00
Handler:     Dimitri Robl
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ R_Evil WordPress Hacktool & Malicious JavaScript Injections ∗∗∗
---------------------------------------------
We often see hackers reusing the same malware, with only a few new adjustments to obfuscate the code so that it is more difficult for scanning tools to detect. However, sometimes entirely new attack tools are created and deployed by threat actors who don’t want to rely on obfuscating existing malware.
---------------------------------------------
https://blog.sucuri.net/2020/10/r_evil-wordpress-hacktool-malicious-javascript-injections.html


∗∗∗ Zahlreiche neue Fake-Shops locken mit günstigen Angeboten und gutem Kundendienst ∗∗∗
---------------------------------------------
Derzeit melden uns LeserInnen der Watchlist Internet zahlreiche neu registrierte Fake-Shops, die alle ähnlich aufgebaut sind und die gleichen Texte verwenden. Versprochen werden hochwertige Produkte, ein starkes Kundendienstteam und einfache Rückgabemöglichkeiten. Doch tatsächlich stecken hinter diesen vermeintlichen Online-Shops, Kriminelle.
---------------------------------------------
https://www.watchlist-internet.at/news/zahlreiche-neue-fake-shops-locken-mit-guenstigen-angeboten-und-gutem-kundendienst/


∗∗∗ Securing medical devices: Can a hacker break your heart? ∗∗∗
---------------------------------------------
Why are connected medical devices vulnerable to attack and how likely are they to get hacked? Here are five digital chinks in the armor.
---------------------------------------------
https://www.welivesecurity.com/2020/10/23/securing-medical-devices-hack-heart/


∗∗∗ Practical example of fuzzing OPC UA applications ∗∗∗
---------------------------------------------
We continue to describe our approaches to searching for vulnerabilities in industrial systems based on the OPC UA protocol. In this article, we examine new techniques that can be used to search for memory corruption vulnerabilities if the source code is available. We also discuss an example of fuzzing using libfuzzer.
---------------------------------------------
https://ics-cert.kaspersky.com/reports/2020/10/19/practical-example-of-fuzzing-opc-ua-applications/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ VMware Horizon Server and VMware Horizon Client updates address multiple security vulnerabilities (CVE-2020-3997, CVE-2020-3998) ∗∗∗
---------------------------------------------
VMware Horizon Server does not correctly validate user input. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.1.
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2020-0024.html


∗∗∗ Sicherheitsupdate: Nvidia Geforce Experience macht PCs vielfältig angreifbar ∗∗∗
---------------------------------------------
Nvidias Entwickler haben drei Sicherheitslücken im Grafikkarten-Tool Geforce Experience geschlossen.
---------------------------------------------
https://heise.de/-4937481


∗∗∗ Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-dos-7uZWwSEy


∗∗∗ Security Bulletin: A vulnerability in IBM Java Runtime affects IBM SPSS Statistics ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-java-runtime-affects-ibm-spss-statistics-8/


∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms Jul 2020 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-system-automation-for-multiplatforms-jul-2020/


∗∗∗ Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-2/


∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect z/TPF ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-z-tpf-4/


∗∗∗ Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application and IHS server ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-tivoli-monitoring-embedded-websphere-application-and-ihs-server-3/


∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager Jul 2020 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-system-automation-application-manager-jul-2020/


∗∗∗ Security Bulletin: A vulnerability in IBM Java Runtime affects IBM SPSS Statistics ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-java-runtime-affects-ibm-spss-statistics-7/


∗∗∗ Security Bulletin: Enterprise Content Management System Monitor is affected by a vulnerability in IBM® SDK Java™ Technology Edition ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-enterprise-content-management-system-monitor-is-affected-by-a-vulnerability-in-ibm-sdk-java-technology-edition-2/


∗∗∗ Multiple Vulnerabilities in PubliXone ∗∗∗
---------------------------------------------
https://sec-consult.com/./en/blog/advisories/multiple-vulnerabilities-in-publixone/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list