End-of-Day report
Timeframe: Dienstag 29-12-2020 18:00 - Mittwoch 30-12-2020 18:00
Handler: Thomas Pribitzer
Co-Handler: Stephan Richter
News
Gesundheits-IT: Tut mal kurz weh
Röntgenbilder auf ungeschützten Servern und aus dem Internet erreichbare Praxen: Die Gesundheits-IT hat viele Sicherheitsprobleme. Ein Bericht von Moritz Tremmel
https://www.golem.de/news/gesundheits-it-tut-mal-kurz-weh-2012-153097-rss.html
Facebook-Freundschaftsanfrage von -Kurz- führt in Abo-Falle
Sie haben eine Freundschaftsanfragen von -Kurz (Sebastian Kurz - team)- erhalten? Wenn ja, sollten Sie diese ignorieren. Die BetrügerInnen, die hinter diesem gefälschten Profil stecken, schicken Ihnen eine Nachricht, nachdem Sie die Freundschaftsanfrage akzeptiert haben. Dort heißt es, Sie hätten 5.000 Euro gewonnen und Sie werden auf eine Webseite weitergeleitet, auf der sich Werbung für betrügerische Dienste und Trading-Plattformen versteckt!
https://www.watchlist-internet.at/news/facebook-freundschaftsanfrage-von-kurz-fuehrt-in-abo-falle/
New worm turns Windows, Linux servers into Monero miners
A newly discovered and self-spreading Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since early December.
https://www.bleepingcomputer.com/news/security/new-worm-turns-windows-linux-servers-into-monero-miners/
A Year After Microsoft Ended All Support for Windows 7, Millions of Users Are Still Not Upgrading
Ed Bott, writing at ZDNet: With a heartfelt nod to Monty Python, Windows 7 would like you all to know that its not dead yet. A year after Microsoft officially ended support for its long-running OS, a small but determined population of PC users would rather fight than switch. How many? No one knows for sure, but that number has shrunk substantially in the past year. On the eve of Microsofts Windows 7 end-of-support milestone, I consulted some analytics experts and calculated that the owners of [...]
https://tech.slashdot.org/story/20/12/30/1635257/a-year-after-microsoft-ended-all-support-for-windows-7-millions-of-users-are-still-not-upgrading
SEO Spam Links in Nulled Plugins
It-s not unusual to see website owners running things on a budget. Choosing a safe and reliable hosting company, buying a nice domain name, boosting posts on social media, and ranking on search engines - all this costs a lot of money. At the end of the day, some site owners may even choose to cut expenses by installing pirated (or nulled) software on their websites. Unfortunately, as discussed in some of our earlier posts about free software and fake verification, these [...]
https://blog.sucuri.net/2020/12/seo-spam-links-in-nulled-plugins.html
Shields Up: How to Tackle Supply Chain Risk Hazards
Organizations Need to Monitor and Manage IT Security Risks Downstream in the Supply Chain read more
https://www.securityweek.com/shields-how-tackle-supply-chain-risk-hazards
Vulnerabilities
Security updates for Wednesday
Security updates have been issued by Debian (libdatetime-timezone-perl and tzdata), openSUSE (kdeconnect-kde and opera), and SUSE (gimp, squid3, and xen).
https://lwn.net/Articles/841471/
Security Advisory - Resource Management Errors Vulnerability in Huawei Smartphone Product
https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20201230-01-resourcemanagement-en
Security Advisory - Privilege Escalation Vulnerability in Huawei Product
https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20201230-01-pe-en
Security Bulletin: Multiple security vulnerabilities with IBM Content Navigator component in IBM Business Automation Workflow - CVE-2020-4687, CVE-2020-4760, CVE-2020-4704
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-with-ibm-content-navigator-component-in-ibm-business-automation-workflow-cve-2020-4687-cve-2020-4760-cve-2020-4704-2/
Security Bulletin: Publicly disclosed vulnerability from Bind affects IBM Netezza Host Management
https://www.ibm.com/blogs/psirt/security-bulletin-publicly-disclosed-vulnerability-from-bind-affects-ibm-netezza-host-management-2/
QNAP NAS: Mehrere Schwachstellen
https://www.cert-bund.de/advisoryshort/CB-K20-1273
OpenJPEG: Mehrere Schwachstellen ermöglichen Ausführen von beliebigem Programmcode mit Benutzerrechten
https://www.cert-bund.de/advisoryshort/CB-K20-1272