End-of-Day report
Timeframe: Mittwoch 04-07-2018 18:00 - Donnerstag 05-07-2018 18:00
Handler: Alexander Riepl
Co-Handler: n/a
News
First-Ever Person Sentenced for Malicious Use of Coinhive Library
Authorities in Japan have sentenced a man for the first time for using the Coinhive JavaScript library for malicious purposes.
https://www.bleepingcomputer.com/news/security/first-ever-person-sentenced-for-malicious-use-of-coinhive-library/
Analysis: Downloader with a twist
In this latest analysis, we will stay on the topic of fileless malware. Having dissected the Rozena backdoor in the last article, we have taken a peek into another malware that uses -fileless- techniques. Case in point: a downloader.
https://www.gdatasoftware.com/blog/07/30876-analysis-downloader-with-a-twist
How to Check App Permissions on iOS, Android, Windows, and macOS
Its never a bad time to audit your app permissions. In fact, its more important than ever.
https://www.wired.com/story/how-to-check-app-permissions-ios-android-macos-windows
NSO-Mitarbeiter bietet iOS-Spyware Pegasus im Darknet an
Der geheimnisumwitterten israelischen Sicherheitsfirma NSO Group sind mächtige Spyware-Tools abhanden gekommen. Ein Insider wollte sie im Darknet verkaufen.
http://heise.de/-4101187
Gentoos GitHub mirror compromise incident report
LWN reported on June 29 that Gentoos GitHub mirror had been compromised. Gentoo now considers the incident resolved and the full report is available. "An unknown entity gained control of an admin account for the Gentoo GitHub Organization and removed all access to the organization (and its repositories) from Gentoo developers. They then proceeded to make ..
https://lwn.net/Articles/759046/
Warnung vor gefälschtem Microsoft-Sicherheitshinweis
Konsument/innen sehen in ihrem Browser eine gefälschte Microsoft-Sicherheitswarnung. Darin heißt es, dass ihr Computer mit Schadsoftware befallen sei. Aus diesem Grund sollen sie einen technischen Support anrufen und ein Programm auf ihrem Computer installieren. Es ermöglicht Kriminellen, bei Bezahlung von Rechnungen die Kreditkartendaten ihrer Opfern zu stehlen.
https://www.watchlist-internet.at/news/warnung-vor-gefaelschtem-microsoft-sicherheitshinweis/
Vulnerabilities
Custom Tokens - Moderately critical - Arbitrary Code Execution - SA-CONTRIB-2018-046
https://www.drupal.org/sa-contrib-2018-046