Tageszusammenfassung - 20.12.2018

End-of-Day report

Timeframe: Mittwoch 19-12-2018 18:00 - Donnerstag 20-12-2018 18:00 Handler: Dimitri Robl Co-Handler: Alexander Riepl

News

On VBScript

Vulnerabilities in the VBScript scripting engine are a well known way to attack Microsoft Windows. In order to reduce this attack surface, in Windows 10 Fall Creators Update, Microsoft disabled VBScript execution in Internet Explorer in the Internet Zone and the Restricted Sites Zone by default. Yet this did not deter attackers ..

https://googleprojectzero.blogspot.com/2018/12/on-vbscript.html

Rise of the Webminers

About a year ago webminers began to appear on more and more website. It was popularized by CoinHive and a couple of high-profile scandals revolving around ThePirateBay and Showtime and, in ..

https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/rise-of-the-webminers/

WPA3 WLAN Encryption: All Good Things Come In 3s!

The current protocol WPA2 (WiFi Protected Access) from 2004 is getting on in years. In early 2018, the WiFi Alliance (WFA) announced an update at the Consumer Electronics Show in Las Vegas. WPA3 is the designated successor, which should eliminate weak points as well as the comfort and the security would clearly increase. In the last ..

http://www.ikarussecurity.com/about-ikarus/security-blog/wpa3-wlan-encryption-all-good-things-come-in-3s/

Kritische Sicherheitslücke in Internet Explorer - Patches verfügbar

Microsoft hat ausserhalb des monatlichen Patch-Zyklus Updates für den Internet Explorer veröffentlicht, mit denen eine kritische Sicherheitslücke geschlossen wird. Diese Schwachstelle soll bereits aktiv ..

http://www.cert.at/warnings/all/20181219.html

sgifashop.com ist unseriös

Der Online-Shop sgifashop.com ist mit seinem Sortiment sehr breit aufgestellt, so ist auch bestimmt für Sie das gewünschte Produkt dabei. Der Alleskönner ist jedoch betrügerisch und liefert ..

https://www.watchlist-internet.at/news/sgifashopcom-ist-unserioes/

Researcher publishes PoC for new Windows zero-day

This is the third Windows zero-day the researcher dumps online in the last five months.

https://www.zdnet.com/article/researcher-publishes-poc-for-new-windows-zero-day/#ftag=RSSbaffb68

Vulnerabilities

DSA-4355 openssl1.0 - security update

Several local side channel attacks and a denial of service via largeDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit.

https://www.debian.org/security/2018/dsa-4355

Vuln: Jenkins Multiple Security Vulnerabilities

http://www.securityfocus.com/bid/106176

JSON:API - Moderately critical - Access bypass - SA-CONTRIB-2018-081

https://www.drupal.org/sa-contrib-2018-081

E-Sign - Moderately critical - Cross site scripting - SA-CONTRIB-2018-080

https://www.drupal.org/sa-contrib-2018-080

Security Advisory - MaxAge LSA Vulnerability in OSPF Protocol of Some Huawei Products

http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170720-01-ospf-en

IBM Security Bulletin: Cross-Site Scripting vulnerability in IBM Business Automation Workflow (CVE-2018-1849)

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-cross-site-scripting-vulnerability-in-ibm-business-automation-workflow-cve-2018-1849/

IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MQ

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-mq-4/

D-LINK Router: Schwachstelle ermöglicht Codeausführung

http://www.cert-bund.de/advisoryshort/CB-K18-1191

FreeBSD OS: Schwachstelle ermöglicht Codeausführung

http://www.cert-bund.de/advisoryshort/CB-K18-1192