End-of-Day report
Timeframe: Mittwoch 26-06-2019 18:00 - Donnerstag 27-06-2019 18:00
Handler: Stephan Richter
Co-Handler: n/a
News
How Hackers Turn Microsoft Excels Own Features Against It
A pair of recent findings show how hackers can compromise Excel users without any fancy exploits.
https://www.wired.com/story/microsoft-excel-hacking-power-query-macros
Fake Instagram Verification
Across various social media platforms there are verification checkmark symbols that appear near the name of the account-s page we view. For example, this verified account indicator seen from our our Twitter page: These verification checkmarks exist as a credibility indicator to help show authenticity and integrity to social media page visitors.
https://blog.sucuri.net/2019/06/fake-instagram-verification.html
NIST Releases Report on Managing IoT Risks
Original release date: June 26, 2019The National Institute of Standards and Technology (NIST) has released the Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks report. The publication-the first in a planned series on IoT-aims to help federal agencies and other organizations manage the cybersecurity and privacy risks associated with individual IoT devices.
https://www.us-cert.gov/ncas/current-activity/2019/06/26/nist-releases-report-managing-iot-risks
Europäischer Rechtsakt zur Cyber-Sicherheit tritt in Kraft
Der europäische Rechtsakt zur Cyber-Sicherheit ("Cybersecurity Act") ist am 27. Juni 2019 in Kraft getreten. Kernelemente des Rechtsakts sind ein neues, permanentes Mandat für die europäische Cyber-Sicherheitsagentur ENISA sowie die Einführung eines einheitlichen europäischen Zertifizierungsrahmens für IKT-Produkte, -Dienstleistungen und -Prozesse.
https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2019/Cybersecurity_Act_270619.html
GreenFlash Sundown exploit kit expands via large malvertising campaign
The GreenFlash exploit kit, which we typically saw targeting South Korean users, reaches globally with a large malvertising campaign via a popular website.Categories: Threat analysisTags: EKexploit kitGreenFlash Sundownmalvertisingseon ransomware [...]
https://blog.malwarebytes.com/threat-analysis/2019/06/greenflash-sundown-exploit-kit-expands-via-large-malvertising-campaign/
Bestellen Sie nicht bei media-blue.store
Wer bei media-blue.store glaubt, ein Schnäppchen ergattert zu haben, irrt sich, denn die Ware wird trotz Bezahlung nie geliefert. Es handelt sich um einen Fake-Shop!
https://www.watchlist-internet.at/news/bestellen-sie-nicht-bei-media-bluestore/
Vulnerabilities
Epyc crypto flaw? AMD emits firmware fix for server processors after Googler smashes RAM encryption algorithms
SEV code cracked to leak secret keys Updated Microchip slinger AMD has issued a firmware patch to fix the encryption in its Secure Encrypted Virtualization technology (SEV), used to defend the memory of Linux KVM virtual machines running on its Epyc processors.
http://go.theregister.com/feed/www.theregister.co.uk/2019/06/26/amd_epyc_key_security_flaw/
Advanced Forum - Critical - Cross Site Scripting - SA-CONTRIB-2019-054
Project: Advanced Forum
Version: 7.x-2.x-dev
Date: 2019-June-26
Security risk: Critical 16-25 AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting
https://www.drupal.org/sa-contrib-2019-054
Kritische Lücken in Cisco Data Center Network Manager
Eine Schwachstelle gefährdet Netzwerkgeräte von Cisco. Ein Sicherheitsupdate schließt mehrere Schlupflöcher.
https://heise.de/-4456661
Security updates for Thursday
Security updates have been issued by Fedora (drupal7-uuid, php-brumann-polyfill-unserialize, and php-typo3-phar-stream-wrapper2), openSUSE (ansible, compat-openssl098, exempi, glib2, gstreamer-0_10-plugins-base, gstreamer-plugins-base, libmediainfo, libssh2_org, SDL2, sqlite3, and wireshark), Oracle (firefox), Red Hat (thunderbird and vim), Scientific Linux (firefox), SUSE (java-1_8_0-ibm), and Ubuntu (bzip2 and expat).
https://lwn.net/Articles/792231/
Kubernetes CLI tool security flaw lets attackers run code on host machine
Interesting bug can lead to total compromise of cloud production environments.
https://www.zdnet.com/article/kubernetes-cli-tool-security-flaw-lets-attackers-run-code-on-host-machine/
Vuln: GNU Binutils CVE-2019-12972 Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/108903
Vuln: Linux Kernel CVE-2019-12984 Null Pointer Dereference Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/108905
OpenJPEG: Mehrere Schwachstellen
http://www.cert-bund.de/advisoryshort/CB-K19-0545
ImageMagick: Mehrere Schwachstellen
http://www.cert-bund.de/advisoryshort/CB-K19-0547