[CERT-daily] Tageszusammenfassung - Freitag 1-04-2016

Fri Apr 1 18:11:28 CEST 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 31-03-2016 18:00 − Freitag 01-04-2016 18:00
Handler:     Robert Waldner
Co-Handler:  n/a


*** ICONICS WebHMI Directory Traversal Vulnerability ***
---------------------------------------------
This advisory contains mitigation details for a directory traversal vulnerability in the ICONICS WebHMI V9 application.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-16-091-01


*** Beware of Unverified TLS Certificates in PHP & Python ***
---------------------------------------------
Web developers today rely on various third-party APIs. For example, these APIs allow you to accept credit card payments, integrate a social network with your website, or clear your CDN's cache. The HTTPS protocol is used to secure the connection with the API server. However, if your web app doesn't verify the TLS certificate, aRead More The post Beware of Unverified TLS Certificates in PHP & Python appeared first on Sucuri Blog.
---------------------------------------------
https://blog.sucuri.net/2016/03/beware-unverified-tls-certificates-php-python.html


*** TA16-091A: Ransomware and Recent Variants ***
---------------------------------------------
In early 2016, destructive ransomware variants such as Locky and Samas were observed infecting computers belonging to individuals and businesses, which included healthcare facilities and hospitals worldwide. Ransomware is a type of malicious software that infects a computer and restricts users' access to it until a ransom is paid to unlock it.
---------------------------------------------
https://www.us-cert.gov/ncas/alerts/TA16-091A


*** How To Build Your Own Rogue GSM BTS For Fun And Profit ***
---------------------------------------------
In this blog post Im going to explain how to create a portable GSM BTS which can be used either to create a private ( and vendor free! ) GSM network or for GSM active tapping/interception/hijacking ... yes, with some (relatively) cheap electronic equipment you can basically build something very similar to what the governments are using from years to perform GSM interception.
---------------------------------------------
https://evilsocket.net/2016/03/31/how-to-build-your-own-rogue-gsm-bts-for-fun-and-profit/


*** About the security content of iBooks Author 2.4.1 ***
---------------------------------------------
Available for: OS X Yosemite v10.10 or later Impact: Parsing a maliciously crafted iBooks Author file may lead to disclosure of user information Description: An XML external entity reference issue existed with iBook Author parsing. This issue was addressed through improved parsing. CVE-ID CVE-2016-1789
---------------------------------------------
https://support.apple.com/en-us/HT206224


*** Security: Apples Rootless-Konzept hat erhebliche Mängel ***
---------------------------------------------
Apples Sicherheitsmechanismus Rootless soll verhindern, dass mit Rootrechten Systemdateien verändert werden können. Doch er lässt sich leicht austricksen und Apple scheint es nicht eilig zu haben, die Lücken zu schließen.
---------------------------------------------
http://www.golem.de/news/security-apples-rootless-konzept-hat-erhebliche-maengel-1604-120070-rss.html


*** WebKitGTK+ Security Advisory WSA-2016-0003 ***
---------------------------------------------
Several vulnerabilities were discovered in WebKitGTK+.
CVE identifiers: CVE-2016-1778, CVE-2016-1779, CVE-2016-1781, CVE-2016-1782, CVE-2016-1783, CVE-2016-1785, CVE-2016-1786.
---------------------------------------------
http://webkitgtk.org/security/WSA-2016-0003.html


*** DFN-CERT-2016-0530 - PostgreSQL: Zwei Schwachstellen ermöglichen u.a. das Ausspähen von Informationen ***
---------------------------------------------
Zwei Schwachstellen in PostgreSQL ermöglichen einem entfernten, einfach authentifizierten Angreifer das Ausspähen von Informationen, das Durchführen von Denial-of-Service-Angriffen sowie das Umgehen von Sicherheitsvorkehrungen und in der Folge die Manipulation von Daten.
Die PostgreSQL Global Development Group stellt ein Sicherheitsupdate auf die Version 9.5.2 bereit, um die Schwachstellen zu beheben.
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2016-0530/


*** New Ransomware KimcilWare Targets Magento Websites ***
---------------------------------------------
Ransomware dubbed KimcilWare is targeting websites running the e-commerce platform Magento and encrypting website files.
---------------------------------------------
http://threatpost.com/new-ransomware-kimcilware-targets-magento-websites/117124/