End-of-Day report
Timeframe: Donnerstag 22-11-2018 18:00 - Freitag 23-11-2018 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
News
Aurora / Zorro Ransomware Actively Being Distributed
A ransomware that has been distributed since the summer of 2018 has started to pick up steam in the latest variant. This new variant is currently being called Zorro Ransomware, but has also been called Aurora Ransomware in the past.
https://www.bleepingcomputer.com/news/security/aurora-zorro-ransomware-actively-being-distributed/
Old Printer Vulnerabilities Die Hard
New research on an old problem reveals despite efforts, the InfoSec professionals still have a way to go when it comes to securing printers.
https://threatpost.com/old-printer-vulnerabilities-die-hard/139318/
Sicherheitsupdate: VMware Fusion und Workstation anfällig für Schadcode
Aktualisierte Versionen von Fusion und Workstation schließen eine kritische Sicherheitslücke.
http://heise.de/-4231452
l+f: Hacker ärgern Hacker
Online-Kreditkarten-Skimmer fechten Revierkämpfe aus.
http://heise.de/-4231527
Vulnerabilities
IBM Security Bulletin: A Vulnerability in IBM Java SDK (April 2018) affecting IBM Application Delivery Intelligence V5.0.5 and V5.0.4 (CVE-2018-2783)
A vulnerability is identified in IBM® SDK Java Technology Edition Version 1.7 and Version 1.8 that are used by IBM Application Delivery Intelligence V5.0.4 and V5.0.5 respectively. This issue was disclosed as part of the IBM Java SDK updates in April 2018.CVE(s): CVE-2018-2783Affected product(s) and affected version(s):IBM Application Delivery Intelligence V5.0.4IBM Application Delivery Intelligence V5.0.5Refer to the following reference URLs for remediation and additional vulnerability [...]
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-ibm-java-sdk-april-2018-affecting-ibm-application-delivery-intelligence-v5-0-5-and-v5-0-4-cve-2018-2783/
VMSA-2018-0030
VMware Workstation and Fusion updates address an integer overflow issue.
https://www.vmware.com/security/advisories/VMSA-2018-0030.html
Security updates for (US) Thanksgiving Day
Security updates have been issued by Debian (ceph, openssl, and pixman), Fedora (kernel-headers, kernel-tools, libconfuse, python-urllib3, and xen), Mageia (gettext and roundcubemail), openSUSE (GraphicsMagick and libwpd), Oracle (thunderbird), Slackware (openssl), and Ubuntu (libapache2-mod-perl2).
https://lwn.net/Articles/772811/
Security updates for Friday
Security updates have been issued by Arch Linux (flashplugin, lib32-libtiff, and webkit2gtk), Debian (libphp-phpmailer and openjdk-7), Mageia (flash-player-plugin, Ghostscript, and poppler), openSUSE (chromium and virtualbox), and SUSE (java-1_8_0-ibm, libwpd, openssl, openssl-1_1, realtime-kernel, salt, and SDL_image).
https://lwn.net/Articles/772851/