End-of-Day report
Timeframe: Donnerstag 12-07-2018 18:00 - Freitag 13-07-2018 18:00
Handler: Alexander Riepl
Co-Handler: n/a
News
Now Pushing Malware: NPM package dev logins slurped by hacked tool popular with coders
Tokens killed after eslint-scope JavaScript utility compromised An unfortunate chain reaction was averted today after miscreants tampered with a widely used JavaScript programming tool to steal other developers NPM login tokens.-
www.theregister.co.uk/2018/07/12/npm_eslint/
Cryptominers and stealers - malware edition
It all started in 2008 with a paper on the first decentralized digital currency, Bitcoin, created by an unknown person or persons referred to as Satoshi Nakamoto. Bitcoin is a peer-to-peer currency based on cryptography ..
https://www.zscaler.com/blogs/research/cryptominers-and-stealers-malware-edition
Patchday: Kritische Lücke in SAP Business Client
Im Juli hat SAP 11 neue Sicherheitswarnungen veröffentlicht. Davon gilt aber nur eine als kritisch. Sicherheitsupdates sind verfügbar.
http://heise.de/-4108062
Advanced Mobile Malware Campaign in India uses Malicious MDM
Cisco Talos has identified a highly targeted campaign against 13 iPhones which appears to be focused on India. The attacker deployed an open-source mobile device management (MDM) system to control enrolled devices. At this time, we dont know how the attacker ..
https://blog.talosintelligence.com/2018/07/Mobile-Malware-Campaign-uses-Malicious-MDM.html
Heres Why Your Static Website Needs HTTPS
It was Jan last year that I suggested HTTPS adoption had passed the "tipping point", that is, it had passed the moment of critical mass and as I said at the time, "will very shortly become the norm". Since that time, ..
https://www.troyhunt.com/heres-why-your-static-website-needs-https/
Gefälschte World4You-Phishingmail im Umlauf
Kriminelle versenden eine gefälschte World4You-Phishingmail. Darin fordern sie Empfänger/innen dazu auf, dass sie sich auf einer Website als echte Kontoinhaber/innen ausweisen. Geben Kund/innen ihre persönlichen Daten bekannt, übermitteln sie diese an Datendiebe. Verbrechen unter ihrem Namen sind möglich.
https://www.watchlist-internet.at/news/gefaelschte-world4you-phishingmail-im-umlauf/
IT-Security - Erpresser verschicken Drohmails mit echten Passwörtern
Wollen Nutzer beim Besuch von Pornoportalen gefilmt haben und verlangen "Schweigegeld"
https://derstandard.at/2000083434963/Erpresser-verschicken-Drohmails-mit-echten-Passwoertern
Vulnerabilities
Eaton 9000X Drive
This advisory includes mitigation recommendations for a stack-based buffer overflow vulnerability in the Eaton 9000X Drive.
https://ics-cert.us-cert.gov/advisories/ICSA-18-193-01
JSA10864 - 2018-07 Security Bulletin: Junos OS: Junos OS: MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2), PTX3K-FPC3 and PTX1K: Line card may crash upon receipt of specific MPLS packet (CVE-2018-0030)
http://kb.juniper.net/InfoCenter/index/content&id=JSA10864&actp=RSS
Critical Patch Update - July 2018 - Pre-Release Announcement
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html