As part of the April “fix Tuesday”, Microsoft fixed 113 vulnerabilities in various products, including three zero-day vulnerabilities in Windows that were used in attacks to execute arbitrary code and increase privileges.

Two zero-day issues (CVE-2020-1020 and CVE-2020-0938) were contained in Adobe Type Manager Library and affected all supported versions of Windows, including Windows 7.

the Third vulnerability ( CVE-2020-1027 ) affected the Windows kernel and allowed the attacker to increase their privileges and execute code with kernel privileges.

The company also fixed dangerous vulnerabilities in Internet Explorer, Office , Word , MSR JavaScript Cryptography Library, Microsoft Graphics Component and other products.

Adobe has released fixes for vulnerabilities in its ColdFusion , After Effects , and Digital Editions products, but none of the issues are critical.

Their operation allows you to perform DoS attacks, increase privileges, and get information about the file system structure.

The Oracle software provider has released security updates that address a total of 405 vulnerabilities in various products, including Oracle Financial Services Applications, Oracle MySQL, Oracle Server Database Server, and so on.

286 issues could have been exploited remotely.

Industrial devices of Siemens contained DoS vulnerabilities, the operation of which can cause denial of service of the system.

The problem ( CVE-2019-19300) affected the SIDOOR door control system, various types of SIMATIC devices, SINAMICS converters and SIPLUS solutions.

(more SIMATIC related problems by Ralf Spenneberg)

A dangerous vulnerability (CVE-2019-10939) was discovered in the Siemens TIM 3V-IE and 4R-IE communication modules, allowing a remote attacker to take control of the device.

A dangerous vulnerability ( CVE-2020-10639) was discovered in the operator interface of Eaton HMiSoft VU3.

Its operation allows a remote unauthorized attacker to run a buffer overflow on the stack (by tricking the victim into opening a malicious file) and execute arbitrary code on the target system.

In addition, a specially generated input file can initiate an off-field read ( CVE-2020-10637) when a vulnerable product is loaded.

Cisco also released a patch package for a number of its products.

Among the fixed issues are critical vulnerabilities affecting various Cisco IP phones, Cisco UCS Director and Cisco UCS Director Express for Big Data , Cisco Webex Network Recording Player and Cisco Webex Player , and Cisco Wireless LAN Controller (WLC) .

auto translated from src: https://www.securitylab.ru/news/506810.php

SecurityLab, [02.04.20 08:05]

Experts from North Carolina state University (USA) and the Military research administration demonstrated a new model for distributing competing information materials in social networks and the Internet of things.
Developed a way to combat disinformation on the Internet (https://www.securitylab.ru/news/506340.php)

SecurityLab, [02.04.20 08:10]
Microsoft is working to fix a whole class of vulnerabilities affecting all versions of Windows over the past two decades.

The vulnerabilities were discovered by Israeli security researcher Gil Dabah.

On Wednesday, April 1, it reported 25 bugs, essentially representing different versions of the same vulnerability, and published a PoC code.

Microsoft will fix a whole class of vulnerabilities in Windows (https://www.securitylab.ru/news/506341.php)

Apple firmware Update mess continues:

SecurityLab, [02.04.20 09: 15]
In conditions of widespread quarantine associated with coronavirus, isolated people are forced to communicate with their relatives and friends using various means of communication.

However, the owners of iPhone and iPad were not lucky – after the release of updates for the operating system, the FaceTime video call service stopped working.

Under quarantine, owners of some iPhones lost their video connection (https://www.securitylab.ru/news/506347.php)

SecurityLab, [02.04.20 09:25]

A vulnerability has been discovered in the Zoom client for Windows that allows UNC paths to be inserted into the chat function in order to steal Windows user credentials.

Vulnerability in Zoom allows Windows credentials to be stolen (https://www.securitylab.ru/news/506348.php)

SecurityLab, [02.04.20 09:55]
Recently, Microsoft released an unscheduled update for Windows 10 to fix a bug that causes problems with connecting to the Internet via a VPN.

However, as it turned out, the” fix ” also causes problems with connecting to the Internet, but now via Wi-Fi.

Fixing an Internet problem in Windows 10 is causing Internet problems (https://www.securitylab.ru/news/506351.php)

SecurityLab, [02.04.20 11: 50]

Since may 2018, cybercriminals in the course of the malicious campaign Vollgar daily break into thousands of vulnerable Microsoft SQL servers (MSSQL), install backdoors and download crypto currency miners and Trojans for remote access.

Vollgar has been hacking Microsoft SQL servers for several years (https://www.securitylab.ru/news/506360.php)

SecurityLab, [02.04.20 14: 40]

Linux kernel developers released a fix for a vulnerability discovered by Pwn2Own contestant Manfred Paul from The redrocket CTF team on March 18 this year.

The vulnerability exists due to insufficient input data verification and allows an attacker to upgrade their privileges on Ubuntu Desktop to superuser.

A serious vulnerability has been fixed in the Linux kernel (https://www.securitylab.ru/news/506367.php)

SecurityLab, [02.04.20 15: 30]

Zoom has decided to suspend the development of new features for its video conferencing app for 90 days in order to conduct a security audit.

Zoom will conduct a security audit (https://www.securitylab.ru/news/506369.php)

SecurityLab, [02.04.20 15: 50]

A group of European scientists and specialists in the field of digital technologies, led by experts from the Fraunhofer Institute for telecommunications (HHI) in Germany, are working on a technology for tracking close contacts with infected COVID-19, which does not violate EU data protection laws.

The EU is working on a standard for tracking contacts with patients COVID-19 (https://www.securitylab.ru/news/506370.php)

SecurityLab, [02.04.20 16:05]

Employees of the cyber police of Ukraine have exposed a criminal group whose members organized a criminal scheme to duplicate SIM cards in order to steal money.

The criminal group operated since August 2018, it consisted of three residents of Krivoy Rog.

Ukrainian criminals duplicated SIM cards in order to steal funds (https://www.securitylab.ru/news/506371.php)

SecurityLab, [03.04.20 06:35]

In Friday’s issue:

Maxim Filippov, business development Director for Positive Technologies in Russia, will talk about what has changed in the company’s life since the transition to remote access, the labor market in the field of information security and what specialties are in particular demand today;

Irina Smirnova, consultant of the coaching Institute, facilitator of open boards of Directors and business coach, will teach you to focus on the main things and get what you need in any situation;

Kirill Yermakov, technical Director of QIWI, will continue to talk about critical thinking in the context of information security and current events.
https://www.youtube.com/watch?v=P-Q71Uuje3E

For the fifth day in the air project “Isnik on distance”. (https://www.securitylab.ru/news/506373.php)

SecurityLab, [03.04.20 08:10]

Twitter has reported a vulnerability in its platform that affects users of the Firefox browser.

As it turned out, the service stored users ‘ personal files in the Firefox cache – a folder where sites should store information and files temporarily.

However, after a user closed the Twitter site or exited, their personal files were still cached, and anyone could access them.

Twitter saved users ‘ private messages in the browser cache (https://www.securitylab.ru/news/506374.php)

SecurityLab, [03.04.20 08: 30]

Vulnerabilities fixed earlier this year in Firefox (CVE-2019-17026) and Internet Explorer (CVE-2020-0674) were exploited by members of the DarkHotel cybercrime group (APT-C-06) in attacks targeting China and Japan.

DarkHotel exploited vulnerabilities in Firefox and IE in attacks on China and Japan (https://www.securitylab.ru/news/506375.php)

SecurityLab, [03.04.20 09: 05]

Over the past two weeks, a cybercriminal has been hacking into Elasticsearch’s unsecured and Internet-accessible servers and deleting their contents.

As a distraction, the hacker leaves the name of the company that provides cybersecurity, writes ZDNet.

The hero of the future book hacked more than 15000 unsecured servers Elasticsearch (https://www.securitylab.ru/news/506377.php)

SecurityLab, [03.04.20 09: 45]

Extortionists from the REvil cybercrime group attacked a California biotech company that researches drugs for coronavirus infection (COVID-19).

REvil group stole a terabyte of data from a biotech company (https://www.securitylab.ru/news/506381.php)

SecurityLab, [03.04.20 10: 40]

In just a few weeks, Zoom has gone from a standard conference app to one of the most popular communication tools around the world.

Under the quarantine imposed due to the spread of COVID-19, companies, educational institutions, medical institutions, etc.began to use Zoom massively to organize remote work.

The growing popularity of the platform could not fail to attract the attention of information security experts, who have already discovered a number of problems.

Zoom removed the tool that collected LinkedIn profiles of users (https://www.securitylab.ru/news/506382.php)

SecurityLab, [03.04.20 11: 20]

Google has released fixes for dangerous vulnerabilities in its Chrome browser.

A total of eight issues were fixed in the Chrome browser version 80.0.3987.162 for Windows, Mac, and Linux, the most serious of which allowed arbitrary code to be executed in the browser context.

Google has fixed a number of dangerous vulnerabilities in Chrome (https://www.securitylab.ru/news/506385.php)

SecurityLab, [03.04.20 14:35]

The Ministry of culture of the Russian Federation intends to reduce the time for removing pirated content, as well as introduce new penalties for refusing to delete it.

The Ministry of culture intends to tighten penalties for pirated content (https://www.securitylab.ru/news/506403.php)

 

SecurityLab, [03.04.20 14: 45]

One of the most popular hacker forums, OGUsers, has been hacked for the second time in the past year.

According to the resource administrator, known under the alias Ace, hackers compromised the server through the shell in uploading the avatar to the forum SOFTWARE and gained access to the database, which is current on April 2, 2020.

As a result of the hack, hackers stole the data of more than 200000 users.
Popular hacker forum OGUsers was hacked (https://www.securitylab.ru/news/506404.php)

SecurityLab, [03.04.20 15:45]

Bad news for Apple iPhone and MacBook owners – just visiting a site (not necessarily malicious, it may be a legitimate resource, but with malicious ads) through the Safari browser, it can give a remote attacker access to the camera and microphone on their device, location data, and in some cases even passwords.

Vulnerabilities in Safari allowed you to hack the camera on your iPhone and MacBook (https://www.securitylab.ru/news/506405.php)

SecurityLab, [03.04.20 16:20]

This week, vulnerabilities were discovered in Google Chrome, Avast antivirus SOFTWARE, Apache HTTP server, Tor browser, and so on.

Vulnerability overview for the week: April 3, 2020 (https://www.securitylab.ru/news/506406.php)

SecurityLab, [03.04.20 18:10]
Positive Technologies invites you to participate in the webinar “MaxPatrol SIEM 5.1: what’s new”, which will be held on April 9 from 14:00 to 15:00 (Moscow time).

Positive Technologies invites you to the webinar “MaxPatrol SIEM 5.1: what’s new” (https://www.securitylab.ru/news/506384.php)

 

admin