End-of-Day report
Timeframe: Donnerstag 25-07-2019 18:00 - Freitag 26-07-2019 18:00
Handler: Robert Waldner
Co-Handler: Dimitri Robl
News
No More Ransom Success Story: Saves $108+ Million in Ransomware Payments
Today marks the third anniversary of No More Ransom and through its partners from the public and private sectors, law enforcement, academia, and researchers, the project has been able to help hundreds of thousands, if not millions, of victims get their encrypted files back for free.
https://www.bleepingcomputer.com/news/security/no-more-ransom-success-story-saves-108-million-in-ransomware-payments/
New Loader Variant Behind Widespread Malware Attacks
Malware infection technique called TxHollower gets updated with stealthy features.
https://threatpost.com/new-loader-variant-behind-widespread-malware-attacks/146683/
MyDoom Still Active in 2019
MyDoom is an infamous computer worm first noted in early 2004. This malware has been featured in top ten lists of the most destructive computer viruses, causing an estimated $38 billion in damage. Although now well past its heyday, MyDoom continues to be a presence in the cyber threat landscape. While not as prominent as other malware families, over the past few years MyDoom has remained relatively consistent, averaging approximately 1.1 percent of all emails we see with malware attachments.
https://unit42.paloaltonetworks.com/mydoom-still-active-in-2019/
Vulnerabilities
Security updates for Friday
Security updates have been issued by Debian (libssh2 and patch), Fedora (kernel and kernel-headers), Mageia (vlc), Red Hat (rh-redis32-redis), SUSE (libgcrypt, libsolv, libzypp, zypper, and rmt-server), and Ubuntu (exim4, firefox, libebml, linux, linux-aws, linux-kvm, linux-raspi2, and vlc).
https://lwn.net/Articles/794694/
Vuln: Qualcomm Components CVE-2019-2307 Integer Underflow Vulnerability
http://www.securityfocus.com/bid/109383
Security Advisory - DoS Vulnerability in Huawei S Series Switch Products
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190522-01-switch-en
Security Advisory - DoS Vulnerability in RTSP Module of Huawei Smart Phones
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190523-01-smartphone-en
IBM Security Bulletin: ViewONE is vulnerable to XXE attack via HTTP payload (CVE-2019-4456)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-viewone-is-vulnerable-to-xxe-attack-via-http-payload-cve-2019-4456/
IBM Security Bulletin: Financial Transaction Manager for Digital Payments is affected by a potential SQL Injection vulnerability (CVE-2019-4032)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-financial-transaction-manager-for-digital-payments-is-affected-by-a-potential-sql-injection-vulnerability-cve-2019-4032/
cURL and libcurl vulnerability CVE-2019-5436
https://support.f5.com/csp/article/K55133295