Tageszusammenfassung - 08.03.2018

End-of-Day report

Timeframe: Mittwoch 07-03-2018 18:00 − Donnerstag 08-03-2018 18:00 Handler: Nina Bieringer Co-Handler: Alexander Riepl

News

∗∗∗ Microsoft Stops Malware Campaign That Tried to Infect 400,000 Users in 12 Hours ∗∗∗ Microsoft revealed today that Windows Defender stopped a massive malware distribution campaign that attempted to infect over 400,000 users with a cryptocurrency miner during a 12-hour period on March 6, 2018.

https://www.bleepingcomputer.com/news/security/microsoft-stops-malware-campaign-that-tried-to-infect-400-000-users-in-12-hours/ ∗∗∗ Memcached Amplification: Neue Hacker-Tools verursachen Rekord-DDoS-Angriffe ∗∗∗ DDoS-Angriffe per Memcached Amplification sind erst seit etwa einer Woche bekannt, nun existieren einfach zu bedienende Werkzeuge für solche Attacken. Unter anderem wurde auf diese Art GitHub mit einem Rekord-Angriff aus dem Internet geschwemmt.

https://www.heise.de/security/meldung/Memcached-Amplification-Neue-Hacker-Tools-verursachen-Rekord-DDoS-Angriffe-3988939.html ∗∗∗ Distrust of the Symantec PKI: Immediate action needed by site operators ∗∗∗ We previously announced plans to deprecate Chrome’s trust in the Symantec certificate authority (including Symantec-owned brands like Thawte, VeriSign, Equifax, GeoTrust, and RapidSSL). This post outlines how site operators can determine if they’re affected by this ..

https://security.googleblog.com/2018/03/distrust-of-symantec-pki-immediate.html

Vulnerabilities

∗∗∗ Cisco Releases Security Updates for Multiple Products ∗∗∗

https://www.us-cert.gov/ncas/current-activity/2018/03/07/Cisco-Releases-Security-Updates-Multiple-Products ∗∗∗ DFN-CERT-2018-0455/">Red Hat JBoss Web Server: Mehrere Schwachstellen ermöglichen u.a. das Ausführen beliebigen Programmcodes ∗∗∗

https://portal.cert.dfn.de/adv/DFN-CERT-2018-0455/ ∗∗∗ rt-sa-2018-001 ∗∗∗

https://www.redteam-pentesting.de/advisories/rt-sa-2018-001.txt