End-of-Day report
Timeframe: Dienstag 29-10-2019 18:00 - Mittwoch 30-10-2019 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
News
Paradise Ransomware Decryptor Gets Your Files Back for Free
A decryptor for the Paradise Ransomware has been released by Emsisoft that allows victims to decrypt their files for free.
https://www.bleepingcomputer.com/news/security/paradise-ransomware-decryptor-gets-your-files-back-for-free/
A1 warnt Android-Nutzer vor App, die Bankdaten stiehlt
Kunden sollten sich vor einer App mit dem Titel -Netztest- in Acht nehmen.
https://futurezone.at/digital-life/a1-warnt-android-nutzer-vor-app-die-bankdaten-stiehlt/400662122
Gewinnversprechen von Coca-Cola in Höhe von 1 Million US-Dollar ist Scam
Wenn Sie per E-Mail über einen Gewinn in Millionenhöhe benachrichtigt werden, handelt es sich um einen Betrugsversuch. Aktuell geben sich Kriminelle als Kommunikationsbeauftragte von Coca-Cola aus und informieren Sie über einen vermeintlichen Gewinn. Die Gewinnsumme wird im Austausch Ihrer persönlichen Daten und Ausweiskopien übermittelt. Vorsicht: Kriminelle versuchen an Ihr Geld zu kommen, stehlen Ihre Identität und missbrauchen sie für Straftaten in Ihrem [...]
https://www.watchlist-internet.at/news/gewinnversprechen-von-coca-cola-in-hoehe-von-1-million-us-dollar-ist-scam/
Vulnerabilities
PHOENIX CONTACT Automation Worx Software Suite
This advisory contains mitigations for an improper input validation vulnerability in Phoenix Contacts Automation Worx Software Suite products.
https://www.us-cert.gov/ics/advisories/icsa-19-302-01
Apple Releases Security Updates
Original release date: October 30, 2019Content: Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates: [...]
https://www.us-cert.gov/ncas/current-activity/2019/10/30/apple-releases-security-updates
Security updates for Wednesday
Security updates have been issued by Debian (imapfilter, libvncserver, and pam-python), Fedora (tcpdump), Mageia (file, graphviz, kernel, and php, pcre2), openSUSE (nfs-utils), Red Hat (heketi and samba), Scientific Linux (thunderbird), SUSE (libtomcrypt, php7, and runc), and Ubuntu (apport, libarchive, libidn2, samba, and whoopsie).
https://lwn.net/Articles/803474/
Synology-SA-19:35 Samba
These vulnerabilities allow remote attackers to bypass security constraints via a susceptible version of DiskStation Manager (DSM), Synology Router Manager (SRM), and allow remote authenticated users to conduct denial-of-service attacks via a susceptible version of Synology Directory Server.
https://www.synology.com/en-global/support/security/Synology_SA_19_35
Security Advisory - Two Heap Buffer Overflow Vulnerabilities in Broadcom WiFi Chipset Drivers
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20191030-01-broadcom-en