[CERT-daily] Tageszusammenfassung - Dienstag 26-07-2016

Tue Jul 26 18:04:45 CEST 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 25-07-2016 18:00 − Dienstag 26-07-2016 18:00
Handler:     Stephan Richter
Co-Handler:  Alexander Riepl


*** Devices with Qualcomm modems safe from critical ASN.1 telecom flaw ***
---------------------------------------------
Despite initial concerns, smartphones equipped with Qualcomm modems are not vulnerable to a recently announced vulnerability that could potentially allow attackers to take over cellular network gear and consumer mobile ..
---------------------------------------------
http://www.cio.com/article/3099688/devices-with-qualcomm-modems-safe-from-critical-asn1-telecom-flaw.html


*** Patchwork cyberespionage group expands targets from governments to wide range of industries ***
---------------------------------------------
Symantec finds that Patchwork now targets a variety of industries in the US, China, Japan, South East Asia, and the UK.
---------------------------------------------
http://www.symantec.com/connect/blogs/patchwork-cyberespionage-group-expands-targets-governments-wide-range-industries


*** Bugtraq: [security bulletin] HPSBGN03630 rev.1 - HP Operations Manager for Unix, Solaris, and Linux using Apache Commons Collections (ACC), Remote Code Execution ***
---------------------------------------------
http://www.securityfocus.com/archive/1/539001


*** Trump, DNC, RNC Flunk Email Security Test ***
---------------------------------------------
Donald J. Trump has repeatedly bashed Sen. Hillary Clinton for handling classified documents on her private email server, even going so far as to suggest that anyone who is so lax with email security isn’t fit to become ..
---------------------------------------------
http://krebsonsecurity.com/2016/07/trump-dnc-rnc-flunk-email-security-test/


*** Bugtraq: July 2016 - Bamboo Server - Critical Security Advisory ***
---------------------------------------------
http://www.securityfocus.com/archive/1/539003


*** DFN-CERT-2016-1197/">Perl: Zwei Schwachstellen ermöglichen u.a. das Ausführen beliebigen Programmcodes ***
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2016-1197/


*** Mobilfunk: Sicherheitslücke macht auch Smartphones angreifbar ***
---------------------------------------------
Große Teile der Mobilfunkinfrastruktur sind laut Sicherheitsforschern über eine Lücke in einer Software-Bibliothek gefährdet. Ein Fix steht zwar bereit, doch Updates wird es für die meisten Geräte wohl nicht geben.
---------------------------------------------
http://www.golem.de/news/mobilfunk-sicherheitsluecke-macht-auch-smartphones-angreifbar-1607-122335.html


*** Amazon Silk browser removes Google’s default encryption ***
---------------------------------------------
Google’s good intentions of keeping searches made via its search engine protected through default encryption have been stymied by Amazon. A bug in the Amazon Silk ..
---------------------------------------------
https://www.helpnetsecurity.com/2016/07/26/amazon-silk-bug-encryption/


*** 50+ vulnerabilities found in popular home gateway modems/routers ***
---------------------------------------------
Researcher Gergely Eberhardt with Hungarian security testing outfit SEARCH Laboratory has unearthed over fifty vulnerabilities in five home gateway modems/routers used by Hungarian Cable TV operator UPC Magyarország, but also by many ISPs around the ..
---------------------------------------------
https://www.helpnetsecurity.com/2016/07/26/home-gateway-modems-vulnerabilities/


*** Citrix XenServer Multiple Security Updates ***
---------------------------------------------
A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a PV guest VM to compromise or crash the host.
---------------------------------------------
https://support.citrix.com/article/CTX214954


*** Low-cost wireless keyboards open to keystroke sniffing and injection attacks ***
---------------------------------------------
Bastille Networks researcher Marc Newlin has discovered a set of security vulnerabilities in low-cost wireless keyboards that could be exploited to collect all passwords, security questions, sensitive personal, bank account and ..
---------------------------------------------
https://www.helpnetsecurity.com/2016/07/26/keystroke-sniffing-wireless-keyboards/


*** DFN-CERT-2016-1199/">Xen: Zwei Schwachstellen ermöglichen u.a. das Erlangen von Administratorrechten ***
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2016-1199/


*** Command and Control Channels Using "AAAA" DNS Records, (Tue, Jul 26th) ***
---------------------------------------------
Dataexfiltration and command and control channels via DNS are nothing new exactly. In many ways, DNS is an ideal covert channel. Even well-protected systems usually can connect to a recursive name server that will forward queries ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=21301


*** DFN-CERT-2016-1200/">Moodle: Mehrere Schwachstellen ermöglichen u.a. das Ausspähen von Informationen ***
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2016-1200/