End-of-Day report
Timeframe: Dienstag 20-08-2019 18:00 - Mittwoch 21-08-2019 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
News
Fortnite Ransomware Masquerades as an Aimbot Game Hack
Attackers are taking aim at Fortnites global community of 250 million gamers.
https://threatpost.com/fortnite-ransomware-masquerades-as-an-aimbot-game-hack/147549/
KAPE: Kroll Artifact Parser and Extractor, (Wed, Aug 21st)
KAPE vs Commando, another Red vs Blue vignette
https://isc.sans.edu/diary/rss/25258
CERT-Bund warnt vor öffentlich erreichbaren Sphinx-Suchservern
In der Standardkonfiguration sind Sphinx-Server aus dem Internet erreichbar. Dieses Sicherheitsrisiko sollten Admins eindämmen.
https://heise.de/-4501757
Vulnerabilities
Security updates for Wednesday
Security updates have been issued by Fedora (ghostscript, pango, and squirrelmail), openSUSE (libcryptopp, squid, tcpdump, and wireshark), SUSE (flatpak), and Ubuntu (giflib and NLTK).
https://lwn.net/Articles/796834/
Zebra Industrial Printers
https://www.us-cert.gov/ics/advisories/icsa-19-232-01
ZDI-19-764: (0Day) WECON LeviStudioU ShortMessage_Module SMtext Stack-based Buffer Overflow Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-19-764/
IBM Security Bulletin: A vulnerability in Open Source Libvirt affects IBM Netezza Host Management
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-open-source-libvirt-affects-ibm-netezza-host-management/
IBM Security Bulletin: Multiple vulnerabilities in Open Source Libreswan affect IBM Netezza Host Management
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-open-source-libreswan-affect-ibm-netezza-host-management/
IBM Security Bulletin: IBM Netezza Host Management is affected by the vulnerabilities known as Intel Microarchitectural Data Sampling (MDS) and other Kernel vulnerabilities
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-netezza-host-management-is-affected-by-the-vulnerabilities-known-as-intel-microarchitectural-data-sampling-mds-and-other-kernel-vulnerabilities/
IBM Security Bulletin: Multiple vulnerabilities in Spring Framework affect IBM InfoSphere Information Server
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-spring-framework-affect-ibm-infosphere-information-server/
IBM Security Bulletin: Enterprise Content Management System Monitor is affected by a vulnerability in IBM® SDK Java- Technology Edition
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-enterprise-content-management-system-monitor-is-affected-by-a-vulnerability-in-ibm-sdk-java-technology-edition-2/
IBM Security Bulletin: A vulnerability in Open Source Bind affects IBM Netezza Host Management
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-open-source-bind-affects-ibm-netezza-host-management-2/
IBM Security Bulletin: Privilege escalation in IBM DB2 HPU debug binary via trusted PATH
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-privilege-escalation-in-ibm-db2-hpu-debug-binary-via-trusted-path/
Unauthenticated sensitive information leakage in ZOHO ServiceDesk Software
https://sec-consult.com/en/blog/advisories/unauthenticated-sensitive-information-leakage-in-zoho-servicedesk-software/
FreeBSD Project FreeBSD OS: Mehrere Schwachstellen ermöglichen Denial of Service
http://www.cert-bund.de/advisoryshort/CB-K19-0743