End-of-Day report
Timeframe: Mittwoch 12-06-2019 18:00 - Donnerstag 13-06-2019 18:00
Handler: Stephan Richter
Co-Handler: n/a
News
What is "THAT" Address Doing on my Network, (Thu, Jun 13th)
Disclosure: ISC does not endorse any one particular vendor. That said, you may recognize what type of firewall I use :)
https://isc.sans.edu/diary/rss/25028
LDAP Swiss Army Knife
This paper presents the "LDAP Swiss Army Knife", an easy to use LDAP server implementation built for penetration oder software testing. Apart from general usage as a server or proxy it also shows some specific attacks against Java/JNDI based LDAP clients.
https://packetstormsecurity.com/files/153270/LDAP-Swiss-Army-Knife.html
SandboxEscaper enthüllt fünften Win-Exploit, Microsoft patcht die übrigen
Pünktlich zum Patchday hat Microsoft auch die 0-Day-Lücken des Hackers "SandboxEscaper" geschlossen. Alle bis auf eine.
https://heise.de/-4445318
Vermeintliche E-Mail von A1 ignorieren
Eine E-Mail von A1, in der es heißt, dass Ihnen irrtümlicherweise 86,43 Euro in Rechnung gestellt wurde, können Sie ignorieren. Es handelt sich um einen Versuch, an Ihre Zugangs- und Bankdaten zu gelangen.
https://www.watchlist-internet.at/news/vermeintliche-e-mail-von-a1-ignorieren/
SEC security alert warns about misconfigured NAS, DBs, and cloud storage servers
SEC OCIE inspections finds that companies have failed to properly secure network-accessible storage systems.
https://www.zdnet.com/article/sec-security-alert-warns-about-misconfigured-nas-dbs-and-cloud-storage-servers/
Vulnerabilities
Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based UI (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190612-iosxe-csrf
About the security content of iCloud for Windows 10.4
This document describes the security content of iCloud for Windows 10.4.
https://support.apple.com/en-us/HT210212
Security updates for Thursday
Security updates have been issued by Fedora (firefox, kernel, kernel-headers, libreswan, python-urllib3, and vim), Red Hat (python), SUSE (sssd), and Ubuntu (dbus).
https://lwn.net/Articles/791052/
IBM Security Bulletin: IBM Connections Security Refresh (CVE-2019-4403)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-connections-security-refresh-cve-2019-4403/
IBM Security Bulletin: IBM i Clustering is affected by CVE-2019-4381
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-i-clustering-is-affected-by-cve-2019-4381/
IBM Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect Liberty for Java for IBM Cloud April 2019 CPU
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-liberty-for-java-for-ibm-cloud-april-2019-cpu/
IBM Security Bulletin: A vulnerability in Python affects PowerKVM
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-python-affects-powerkvm-4/
IBM Security Bulletin: Multiple vulnerabilities affect IBM® SDK for Node.js- in IBM Cloud
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-affect-ibm-sdk-for-node-js-in-ibm-cloud-3/
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Reporting for Development Intelligence
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-rational-reporting-for-development-intelligence/