Tageszusammenfassung - 15.05.2019

End-of-Day report

Timeframe: Dienstag 14-05-2019 18:00 - Mittwoch 15-05-2019 18:00 Handler: Alexander Riepl Co-Handler: n/a

News

Sicherheitslücken: Adobe patcht PDF-Werkzeuge und den Flash Player

Adobe hat turnusmäßig neue Sicherheitsupdates veröffentlicht. Im Mai 2019 sollten vor allem der Adobe Reader und Adobe Acrobat abgesichert werden. Auch für den Flash Player gibt es eine Warnung ..

https://www.golem.de/news/sicherheitsluecken-adobe-patcht-pdf-werkzeuge-und-den-flash-player-1905-141259.html

Best of the Web: Trust-Siegel verteilt Keylogger

Eigentlich soll das Best-of-the-Web-Siegel die Sicherheit von Webseiten zertifizieren, stattdessen wurden über ein gehacktes Script Keylogger ..

https://www.golem.de/news/best-of-the-web-trust-siegel-verteilt-keylogger-1905-141275.html

May 2019 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information ..

https://blogs.technet.microsoft.com/msrc/2019/05/14/may-2019-security-update-release/

Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)

Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services - formerly known as Terminal Services - that affects some older versions of Windows. The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user ..

https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/

Three New Masque Attacks against iOS: Demolishing, Breaking and Hijacking

In the recent release of iOS 8.4, Apple fixed several vulnerabilities including vulnerabilities that allow attackers to deploy two new kinds of Masque Attack (CVE-2015-3722/3725, and CVE-2015-3725). We call these exploits Manifest Masque and Extension Masque, which can be used to demolish apps, including system apps (e.g., Apple Watch, ..

http://www.fireeye.com/blog/threat-research/2015/06/three_new_masqueatt.html

array_diff_ukey Usage in Malware Obfuscation

We discovered a PHP backdoor on a WordPress installation that contained some interesting obfuscation ..

http://labs.sucuri.net/?note=2019-05-14

IT-Security - Grazer Forscher entdeckten neue Lücken bei Intel-Prozessoren

Prozessoren der Jahre 2012 bis 2018 betroffen - Neue Updates werden notwendig

https://derstandard.at/2000103122472/Grazer-Forscher-entdeckten-neue-Sicherheitsluecke-bei-Intel-Prozessoren

Vulnerabilities

Vuln: SAP BusinessObjects Business Intelligence CVE-2019-0289 Information Disclosure Vulnerability

SAP BusinessObjects Business Intelligence CVE-2019-0289 Information Disclosure Vulnerability

http://www.securityfocus.com/bid/108311

Synology-SA-19:23 Samba AD DC

CVE-2018-16860 allows man-in-the-middle attackers to bypass security constraints via a susceptible version of Directory Server for Windows Domain.

https://www.synology.com/en-global/support/security/Synology_SA_19_23