End-of-Day report
Timeframe: Freitag 31-01-2020 18:00 - Montag 03-02-2020 18:00
Handler: Thomas Pribitzer
Co-Handler: n/a
News
Devious Spamhaus Phishing Scam Warns Youre on an Email Block List
A new phishing campaign distributing malware pretends to be from the Spamhaus Project warning that the recipients email address has been added to a spam block list due to sending unsolicited email.
https://www.bleepingcomputer.com/news/security/devious-spamhaus-phishing-scam-warns-youre-on-an-email-block-list/
Abo-Falle durch gefälschte E-Mail von -Zoll Österreich-
Eine neue Massenmail landet momentan im Posteingang unzähliger InternetnutzerInnen. In der Nachricht von -Zoll Österreich- heißt es, dass eine Zollgebühr nicht bezahlt wurde. Dem Inhalt der E-Mail darf kein Glauben geschenkt werden, denn sie wird von Kriminellen verschickt. Eine Dateneingabe führt hier in eine teure Abo-Falle für 90 Euro monatlich.
https://www.watchlist-internet.at/news/abo-falle-durch-gefaelschte-e-mail-von-zoll-oesterreich/
Hackers are hijacking smart building access systems to launch DDoS attacks
More than 2,300 building access systems can be hijacked due to a severe vulnerability left without a fix.
https://www.zdnet.com/article/hackers-are-hijacking-smart-building-access-systems-to-launch-ddos-attacks/
Windows 10 PCs get these new Intel chip security updates for Zombieload attacks
Microsoft helps Intel deliver its latest microcode security updates to mitigate the Zombieload threat.
https://www.zdnet.com/article/windows-10-pcs-get-these-new-intel-chip-security-updates-for-zombieload-attacks/
Vulnerabilities
Security Advisory 2020-01-31-1 - Opkg susceptible to MITM (CVE-2020-7982)
A bug in the package list parse logic of OpenWrts opkg fork caused the package manager to ignore SHA-256 checksums embedded in the signed repository index, effectively bypassing integrity checking of downloaded .ipk artifacts.
https://lists.infradead.org/pipermail/openwrt-devel/2020-January/021544.html
Security updates for Monday
Security updates have been issued by Arch Linux (opensmtpd), Debian (firefox-esr, libidn2, libjackson-json-java, prosody-modules, qemu, qtbase-opensource-src, spamassassin, and sudo), Fedora (e2fsprogs, java-1.8.0-openjdk, mingw-openjpeg2, openjpeg2, samba, sox, upx, webkit2gtk3, and xar), Red Hat (git), Scientific Linux (git), Slackware (sudo), SUSE (ceph and rmt-server), and Ubuntu (sudo).
https://lwn.net/Articles/811368/
Strong Testimonials < 2.40.1 - Stored Cross Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/10056
Security Bulletin: Rational Asset Analyzer is affected by a WebSphere Application Server vulnerability
https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-is-affected-by-a-websphere-application-server-vulnerability-2/
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Log4j
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-watson-discovery-for-ibm-cloud-pak-for-data-affected-by-vulnerability-in-apache-log4j/
Security Bulletin: Vulnerabilities affect Watson Explorer Foundational Components (CVE-2019-1563, CVE-2019-1549, CVE-2019-1547)
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-affect-watson-explorer-foundational-components-cve-2019-1563-cve-2019-1549-cve-2019-1547/
Security Bulletin: IBM API Connect is impacted by vulnerabilities in Golang (CVE-2019-17596)
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-impacted-by-vulnerabilities-in-golang-cve-2019-17596/
Security Bulletin: Rational Asset Analyzer (RAA) is affected by a WebSphere Application Server vulnerability
https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-raa-is-affected-by-a-websphere-application-server-vulnerability-2/
Security Bulletin: Rational Asset Analyzer is affected by a WebSphere Application Server vulnerability.
https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-is-affected-by-a-websphere-application-server-vulnerability/
Security Bulletin: Information Disclosure in IBM StoredIQ (CVE-2020-4224)
https://www.ibm.com/blogs/psirt/security-bulletin-information-disclosure-in-ibm-storediq-cve-2020-4224/
Security Bulletin: Rational Asset Analyzer (RAA) is affected by a WAS vulnerability.
https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-raa-is-affected-by-a-was-vulnerability-2/
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by multiple vulnerabilities in Java
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-watson-discovery-for-ibm-cloud-pak-for-data-affected-by-multiple-vulnerabilities-in-java/
Security Bulletin: Rational Asset Analyzer (RAA) is affected by several WebSphere Application Server vulnerabilities.
https://www.ibm.com/blogs/psirt/security-bulletin-rational-asset-analyzer-raa-is-affected-by-several-websphere-application-server-vulnerabilities/