End-of-Day report
Timeframe: Dienstag 06-11-2018 18:00 - Mittwoch 07-11-2018 18:00
Handler: Stephan Richter
Co-Handler: Alexander Riepl
News
Oracle: Verärgerter Forscher veröffentlicht Exploit für Virtualbox
Ein Sicherheitsforscher hat eine Zero-Day-Lücke für Virtualbox veröffentlicht, die einen Ausbruch aus dem Gastsystem auf das Host-System ermöglicht. Der Forscher sei frustriert darüber, ..
https://www.golem.de/news/oracle-veraergerter-forscher-veroeffentlicht-exploit-fuer-virtualbox-1811-137562.html
BCMPUPnP_Hunter: A 100k Botnet Turns Home Routers to Email Spammers
This article was co-authored by Hui Wang and RootKiter.Since September 2018, 360Netlab Scanmon has detected multiple scan spikes on TCP port 5431, each time the system logged more than 100k scan ..
http://blog.netlab.360.com/bcmpupnp_hunter-a-100k-botnet-turns-home-routers-to-email-spammers-en/
ADV180028 | Guidance for configuring BitLocker to enforce software encryption
Microsoft is aware of reports of vulnerabilities in the hardware encryption of certain ..
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180028
WordPress Design Flaw Leads to WooCommerce RCE
A flaw in the way WordPress handles privileges can lead to a privilege escalation in WordPress plugins. This affects for example WooCommerce, the most popular e-commerce plugin with over 4 million ..
https://blog.ripstech.com/2018/wordpress-design-flaw-leads-to-woocommerce-rce/
Vorsicht! Neue betrügerische Bewerbungsmail mit Erpressungstrojaner im Umlauf
Derzeit kursiert eine gefakte Bewerbung von "Peter Reif" im Internet. Nach dem Öffnen des Dateianhangs verschlüsselt ein Schädling Daten und fordert Lösegeld.
http://heise.de/-4214191
Attackers breached Statcounter to steal cryptocurrency from gate.io users
Web analytics company Statcounter and cryptocurrency exchange gate.io have been compromised in another supply-chain attack, which resulted in an unknown number of gate.io customers getting their money stolen,..
https://www.helpnetsecurity.com/2018/11/07/statcounter-gate-io-compromised/
Keine FLIXGLADE und FLIX FORGE LTD- Rechnungen bezahlen!
Auf der Suche nach kostenlosen Filmen im Internet stoßen Konsument/innen auf flixman.de und inflix.de. Es handelt sich um kriminelle Plattformen, die ihren Opfern keine Leistung erbringen, ..
https://www.watchlist-internet.at/news/keine-flixglade-und-flix-forge-ltd-rechnungen-bezahlen/
Vulnerabilities
Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability
A vulnerability in the Session Initiation Protocol (SIP) inspectionengine of Cisco Adaptive Security Appliance (ASA) Software and CiscoFirepower Threat Defense (FTD) Software could allow an unauthenticated, ..
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos
IBM Security Bulletin:Eclipse OpenJ9 could allow a local attacker to gain elevated privileges on the system and The IBM Java Runtime Environment-s Diagnostic Tooling Framework for Java does not protect against CVE-2018-1656 and CVE-2018-12539
The IBM Java Runtime Environment-s Diagnostic Tooling Framework for Java (DTFJ) (IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0) does not protect against path traversal attacks when extracting compressed ..
https://www.ibm.com/blogs/psirt/ibm-security-bulletineclipse-openj9-could-allow-a-local-attacker-to-gain-elevated-privileges-on-the-system-and-the-ibm-java-runtime-environments-diagnostic-tooling-framework-for-java-does-not-prote/
IBM Security Bulletin: Vulnerability in Apache Cassandra affects IBM Operations Analytics Predictive Insights (CVE-2018-8016)
Apache Cassandra is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVE. Note that the usage of Apache Cassandra within IBM Operations ..
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-apache-cassandra-affects-ibm-operations-analytics-predictive-insights-cve-2018-8016/
IBM Security Bulletin: Vulnerabilities in Python affect IBM Operations Analytics Predictive Insights (CVE-2018-1060, CVE-2018-1061)
Python is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs. Note that the usage of Python within IBM Operations Analytics ..
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabilities-in-python-affect-ibm-operations-analytics-predictive-insights-cve-2018-1060-cve-2018-1061/
Roche Point of Care Handheld Medical Devices
https://ics-cert.us-cert.gov/advisories/ICSMA-18-310-01
Cisco Integrated Management Controller Supervisor SQL Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-cimc-sql-inject
Cisco Unity Express Arbitrary Command Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-cue
Xen Security Advisory 282 - guest use of HLE constructs may lock up host
https://xenbits.xen.org/xsa/advisory-282.html
Red Hat JBoss EAP RichFaces Access Control Bug Lets Remote Users Execute Arbitrary Code on the Target System
http://www.securitytracker.com/id/1042037