[CERT-daily] Tageszusammenfassung - Dienstag 8-03-2016

Daily end-of-shift report team at cert.at
Tue Mar 8 18:12:16 CET 2016


=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 07-03-2016 18:00 − Dienstag 08-03-2016 18:00
Handler:     Stephan Richter
Co-Handler:  n/a




*** PhishLabs on the growing sophistication of business email scams ***
---------------------------------------------
At the 2016 RSA Conference, CSOs Steve Ragan chats with Joseph Opacki from PhishLabs about how cyber-criminals are becoming increasingly smarter about targeting specific high-end business users to try and steal data or money.
---------------------------------------------
http://www.cio.com/video/63026/phishlabs-on-the-growing-sophistication-of-business-email-scams#tk.rss_security




*** Google plugs 19 holes in newest Android security update ***
---------------------------------------------
In the March 2016 security update for the Android Open Source Project (AOSP), Google has fixed 19 security issues, seven of which are considered to be critical. Among these, and admittedly the most important to patch, are two remote code execution vulnerabilities in - yes, you've guessed it - Mediaserver. Mediaserver is a service in Android that allows the device to index media files that are located on it. The vulnerabilities in question (CVE-2016-0815, CVE-2016-0816)...
---------------------------------------------
https://www.helpnetsecurity.com/2016/03/08/android-security-update/




*** Free and Commercial Tools to Implement the Center for Internet Security (CIS) Security Controls, Part 12: Controlled Use of Administrative Privileges ***
---------------------------------------------
This is Part 12 of a How-To effort to compile a list of tools (free and commercial) that can help IT administrators comply with what was formerly known as the "SANS Top 20 Security Controls". It is now known as the Center for Internet Security (CIS) Security Controls. A summary of the previous posts is here:  Part 1 - we looked at Inventory of Authorized and Unauthorized Devices. Part 2 - we looked at Inventory of Authorized and Unauthorized Software. Part 3 - we looked at Secure...
---------------------------------------------
https://www.alienvault.com/blogs/security-essentials/free-and-commercial-tools-to-implement-the-center-for-internet-security-cis-security-controls-part-12-controlled-use-of-administrative-privileges




*** Cloud sellers who acted on Heartbleed sink when it comes to DROWN ***
---------------------------------------------
An out-stretched arm slowly disappears... Response to the critical web-crypto-blasting DROWN vulnerability in SSL/TLS by cloud services has been much slower than the frantic patching witnessed when the Heartbleed vulnerability surfaced two years ago.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2016/03/08/drown_vulnerability_web_crypto_cloud/




*** Erpressungs-Trojaner Keranger: Wie Sie Ihren Mac schützen ***
---------------------------------------------
Erstmals zielt funktionstüchtige Ransomware auf OS-X-Nutzer ab. Nach der Infektion bleiben drei Tage, bis "Keranger" Dokumente verschlüsselt. Nutzer sollten prüfen, ob sie betroffen sind - und Gegenmaßnahmen ergreifen.
---------------------------------------------
http://heise.de/-3130854




*** Security Bulletins Posted ***
---------------------------------------------
Security Bulletins for Adobe Digital Editions (APSB16-06) as well as Adobe Acrobat and Reader (APSB16-09) have been published. Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant security bulletin. A security...
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1322




*** DFN-CERT-2016-0402: ISC DHCP: Eine Schwachstelle ermöglicht einen Denial-of-Service-Angriff ***
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2016-0402/




*** DFN-CERT-2016-0405: PuTTY: Eine Schwachstelle ermöglicht das Ausführen beliebigen Programmcodes ***
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2016-0405/




*** DFN-CERT-2016-0400: BlackBerry powered by Android: Mehrere Schwachstellen ermöglichen u.a. die Ausführung beliebigen Programmcodes mit den Rechten des Mediaservers ***
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2016-0400/




*** Bugtraq: ESA-2016-012: EMC Documentum xCP - User Information Disclosure Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/archive/1/537712




*** [R3] OpenSSL 20160301 Advisory Affects Tenable Nessus ***
---------------------------------------------
http://www.tenable.com/security/tns-2016-03




*** Security Advisory: Libpng vulnerability CVE-2015-8472 ***
---------------------------------------------
https://support.f5.com:443/kb/en-us/solutions/public/k/81/sol81903701.html?ref=rss




*** Security Advisory: OpenSSL vulnerabilities CVE-2016-0703, CVE-2016-0704, and CVE-2016-0800 ***
---------------------------------------------
https://support.f5.com:443/kb/en-us/solutions/public/k/23/sol23196136.html?ref=rss




*** IBM Security Bulletins ***
---------------------------------------------
*** IBM Security Bulletin: GNU C library (glibc) and OpenSSL vulnerabilities affect WebSphere Cast Iron. (CVE-2015-7547 CVE-2015-3193 CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-1794) ***
http://www.ibm.com/support/docview.wss?uid=swg21978339
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in current releases of IBM SDK for Node.js in IBM Bluemix (CVE-2015-3197, CVE-2016-2086, CVE-2016-2216) ***
http://www.ibm.com/support/docview.wss?uid=swg21977242
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in OpenSSH affect IBM XIV Gen2 (CVE-2016-0777, CVE-2016-0778) ***
http://www.ibm.com/support/docview.wss?uid=ssg1S1005618
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in OpenSSH affect IBM XIV Gen3 (CVE-2016-0777, CVE-2016-0778) ***
http://www.ibm.com/support/docview.wss?uid=ssg1S1005619
---------------------------------------------
*** IBM Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM XIV Gen3 systems and IBM XIV Management Tools (CVE-2015-7575) ***
http://www.ibm.com/support/docview.wss?uid=ssg1S1005615
---------------------------------------------


More information about the Daily mailing list