End-of-Day report
Timeframe: Mittwoch 29-08-2018 18:00 - Donnerstag 30-08-2018 18:00
Handler: Alexander Riepl
Co-Handler: n/a
News
What are botnets downloading?
Every day we intercept numerous file-download commands sent to bots of various types and families. Here we present the results of our botnet activity analysis for H2 2017 and H1 2018.
https://securelist.com/what-are-botnets-downloading/87658/
Crypto Mining Is More Popular Than Ever!, (Thu, Aug 30th)
We already wrote some diaries about crypto miners and they remain more popular than ever. Based on my daily hunting statistics, we can see that malicious scripts performing crypto mining operations ..
https://isc.sans.edu/diary/rss/24050
Kritische Lücke in der Klinik: Netzwerk-Gateways am Krankenbett angreifbar
Capsule-Netzwerkgeräte der Firma Qualcomm Life verbinden Geräte am Krankenbett mit dem Krankenhaus-Netzwerk. Hier klafft eine kritische Sicherheitslücke.
http://heise.de/-4151345
Intel entwickelt Spezial-Linux für sicherheitskritische Einsätze
Das Intel Safety Critical Project for Linux OS soll autonome Roboter, Drohnen und selbstfahrende Autos sicher machen.
http://heise.de/-4151374
Rocke: The Champion of Monero Miners
Cryptocurrency miners are becoming an increasingly significant part of the threat landscape. These malicious miners steal CPU cycles from compromised devices to mine ..
https://blog.talosintelligence.com/2018/08/rocke-champion-of-monero-miners.html
Cyberkriminalität - Schwedischer Wahlkampf vermehrt Cyberangriffen ausgesetzt
Gefälschte Social-Media-Accounts verbreiten vermehrt falsche Informationen
https://derstandard.at/2000086347410/Schwedischer-Wahlkampf-vermehrt-Cyberangriffen-ausgesetzt
Vulnerabilities
Security updates for Thursday
Security updates have been issued by Debian (libx11), Fedora (bouncycastle, libxkbcommon, libzypp, nodejs, ntp, openssh, tomcat, xen, and zypper), Red Hat (ansible, kernel, and opendaylight), and SUSE (apache2, cobbler, ImageMagick, libtirpc, libzypp, zypper, and qemu).
https://lwn.net/Articles/763824/
BlackBerry Powered by Android Security Bulletin - August 2018
http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000051163
Bing Autosuggest API - Moderately critical - Cross Site Scripting - SA-CONTRIB-2018-058
https://www.drupal.org/sa-contrib-2018-058
Drupal Commerce - Moderately critical - Access bypass - SA-CONTRIB-2018-057
https://www.drupal.org/sa-contrib-2018-057