End-of-Day report
Timeframe: Mittwoch 05-06-2019 18:00 - Donnerstag 06-06-2019 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
News
USB Killer: What it is and how to protect your devices
Introduction What-s more ubiquitous in the PC world than USB sticks? They-re easy to use, affordable and are used by millions of people on a daily basis. Everyone knows that USB sticks can house nasties, including malware, but did you know that this same little drive can completely destroy a system by simply inserting it?
https://resources.infosecinstitute.com/usb-killer-how-to-protect-your-devices/
Telecoms taken by storm: Natural phenomena dominate the outage picture
A total of 157 telecom outages were reported by the 28 EU member states and 2 EFTA countries, as part of the EU-wide telecom security breach reporting for the year 2018. Today ENISA, the EU Agency for Cybersecurity, publishes the 8th annual report on telecom security incidents, analyzing root causes, impact, and trends.
https://www.enisa.europa.eu/news/enisa-news/telecoms-taken-by-storm-natural-phenomena-dominate-the-outage-picture
Will you be Europe-s best cybersecurity talent?
European countries have started or are preparing to kick off their national cybersecurity competitions. The winners of the national contests will represent their countries in the ultimate cybersecurity competition on the continent: the European Cyber Security Challenge (ECSC) 2019.
https://www.enisa.europa.eu/news/enisa-news/will-you-be-europe-s-best-cybersecurity-talent
Emotet bei Heise - Lehren aus einem Trojaner-Angriff
Es gab einen schwerwiegenden Einbruch in das Heise-Netz. An der Beseitigung arbeiten aktuell die IT-Abteilungen der Heise Gruppe und weitere Spezialisten.
https://heise.de/-4437807
Vorsicht bei BAWAG PSK-Mails
Mit der Aufforderung Ihren "secTAN" zu aktivieren, versuchen Kriminelle derzeit an Ihre Bankzugangsdaten zu gelangen. In der vermeintlichen E-Mail der Bank werden Sie aufgefordert, einem Link zu folgen. Dieser Link führt jedoch zu einer gefälschten BAWAG PSK-Website! Wir raten dazu, derartige Mails in den Spam-Ordner zu verschieben.
https://www.watchlist-internet.at/news/vorsicht-bei-bawag-psk-mails/
Vulnerabilities
Sicherheitslücke: Exim-Sicherheitslücke gefährlicher als gedacht
EineSicherheitslücke im Exim-Mailserver lässt sich auch übers Netz zur Codeausführung ausnutzen, der Angriff dauert aber in der Standardkonfiguration mehrere Tage. Lokal ist er trivial und emöglicht es Nutzern, Root-Rechte zu erlangen.
https://www.golem.de/news/sicherheitsluecke-root-zugriff-fuer-angreifer-bei-exim-mailservern-1906-141729-rss.html
Angreifer könnten Kommunikationssoftware von Cisco lahmlegen
Es gibt wichtige Sicherheitsupdates für Cisco Unified Communications Manager, Webex Meetings Server & Co.
https://heise.de/-4440986
VMSA-2019-0009
VMware Tools and Workstation updates address out of bounds read and use-after-free vulnerabilities. (CVE-2019-5522, CVE-2019-5525)
https://www.vmware.com/security/advisories/VMSA-2019-0009.html
Security updates for Thursday
Security updates have been issued by Arch Linux (binutils), Debian (exim4 and poppler), Fedora (deepin-api, kernel, kernel-headers, kernel-tools, and php), openSUSE (cronie), and Ubuntu (apparmor, exim4, mariadb-10.1, php5, and php7.0, php7.2).
https://lwn.net/Articles/790541/
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Software Architect and Rational Software Architect for WebSphere Software
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-rational-software-architect-and-rational-software-architect-for-websphere-software-5/
IBM Security Bulletin: IBM® Intelligent Operations Center does not correctly validate file types before uploading files (CVE-2019-4069)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-intelligent-operations-center-does-not-correctly-validate-file-types-before-uploading-files-cve-2019-4069/
IBM Security Bulletin: IBM® Intelligent Operations Center has a weak user-creation policy (CVE-2019-4066)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-intelligent-operations-center-has-a-weak-user-creation-policy-cve-2019-4066/
IBM Security Bulletin: IBM® Intelligent Operations Center is vulnerable to user enumeration (CVE-2019-4068)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-intelligent-operations-center-is-vulnerable-to-user-enumeration-cve-2019-4068/
IBM Security Bulletin: User passwords might be obtained by a brute force attack on IBM® Intelligent Operations Center (CVE-2019-4067)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-user-passwords-might-be-obtained-by-a-brute-force-attack-on-ibm-intelligent-operations-center-cve-2019-4067/
IBM Security Bulletin: Cross-site scripting vulnerability in IBM® Intelligent Operations Center (CVE-2019-4070)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-cross-site-scripting-vulnerability-in-ibm-intelligent-operations-center-cve-2019-4070/
IBM Security Bulletin: IBM API Connect V5 is impacted by multiple vulnerabilities in IBM Java SDK (CVE-2018-3139 CVE-2018-3180)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-api-connect-v5-is-impacted-by-multiple-vulnerabilities-in-ibm-java-sdk-cve-2018-3139-cve-2018-3180/