[CERT-daily] Tageszusammenfassung - Dienstag 25-04-2017

Daily end-of-shift report team at cert.at
Tue Apr 25 18:05:30 CEST 2017


=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 24-04-2017 18:00 − Dienstag 25-04-2017 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Frankreich-Wahl: Russische Hacker sollen Macron ins Visier nehmen ***
---------------------------------------------
Experten bringen Gruppe mit russischen Militärgeheimdienst in Verbindung
---------------------------------------------
http://derstandard.at/2000056465269




*** The Backstory Behind Carder Kingpin Roman Seleznev’s Record 27 Year Prison Sentence ***
---------------------------------------------
Roman Seleznev, a 32-year-old Russian cybercriminal and prolific credit card thief, was sentenced Friday to 27 years in federal prison. That is a record ..
---------------------------------------------
https://krebsonsecurity.com/2017/04/the-backstory-behind-carder-kingpin-roman-seleznevs-record-27-year-prison-sentence/




*** Analysis of the Shadow Z118 PayPal phishing site, (Mon, Apr 24th) ***
---------------------------------------------
[This is a guest post submitted by Remco Verhoef. Got something interesting to share? Please use our contact form to suggest your topic] Today I got lucky walking around within a phishing site and found some left-over ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=22338




*** Alert: If youre running SquirrelMail, Sendmail... why? And oh yeah, remote code vuln found ***
---------------------------------------------
This is nuts Security researchers have uncovered a critical security hole in SquirrelMail, the open-source webmail project.
---------------------------------------------
www.theregister.co.uk/2017/04/24/squirrelmail_vuln/




*** AV provider Webroot melts down as update nukes hundreds of legit files ***
---------------------------------------------
https://arstechnica.com/security/2017/04/av-provider-webroot-melts-down-as-update-nukes-hundreds-of-legit-files/




*** BrickerBot, the permanent denial-of-service botnet, is back with a vengeance ***
---------------------------------------------
https://arstechnica.com/security/2017/04/brickerbot-the-permanent-denial-of-service-botnet-is-back-with-a-vengeance/




*** Western Digital My Cloud 2.21.126 Authentication Bypass ***
---------------------------------------------
https://cxsecurity.com/issue/WLB-2017040164




*** Bis zu 100.000 Rechner mit geleakter NSA-Malware infiziert ***
---------------------------------------------
Sicherheitsforscher finden "Doublepulsar" auf zigtausenden Maschinen, darunter auch Rechner in Österreich
---------------------------------------------
http://derstandard.at/2000056481284




*** Angreifer könnten Drupal-Webseiten ausspionieren ***
---------------------------------------------
Im Versionsstrang 8.x klafft eine als kritisch eingestufte Sicherheitslücke. Abgesicherte Versionen schließen die Schwachstelle.
---------------------------------------------
https://heise.de/-3693082




*** Doskozil: Bundesheer soll Gegner im Cyberwar auch angreifen ***
---------------------------------------------
Minister: Angriffe sollen nicht nur abgewehrt werden – Wöchentlich fünf bis sechs ernste Attacken
---------------------------------------------
http://derstandard.at/2000056452452




*** Sicherheitspatches in Sicht: Zehn Lücken gefährden Linksys-Router ***
---------------------------------------------
Verschiedene Modelle der Smart-Wi-Fi-Serie von Linksys sind laut Sicherheitsforschern angreifbar. Unter gewissen Voraussetzungen sollen Angreifer Befehle auf Routern ausführen können.
---------------------------------------------
https://heise.de/-3693136




*** New IoT Botnet Rises Feeding on Vulnerable Security Cameras ***
---------------------------------------------
A new botnet is slowly building critical mass on the back of unsecured webcams and IP cameras, ..
---------------------------------------------
https://www.bleepingcomputer.com/news/security/new-iot-botnet-rises-feeding-on-vulnerable-security-cameras/




*** Hard Target: Fileless Malware ***
---------------------------------------------
Researchers say fileless in-memory malware attacks have become a major nuisance to businesses and have become even harder to detect and defend.
---------------------------------------------
http://threatpost.com/hard-target-fileless-malware/125054/




*** DSA-3833 libav - security update ***
---------------------------------------------
Several security issues have been corrected in multiple demuxers anddecoders of the libav multimedia library. A full list of the changes is available ..
---------------------------------------------
https://www.debian.org/security/2017/dsa-3833




*** Ashley Madison users blackmailed again ***
---------------------------------------------
Criminals are still trying to shake down users of the Ashley Madison dating/cheating online service. As you might remember, the service was hacked in 2015, and the attackers ..
---------------------------------------------
https://www.helpnetsecurity.com/2017/04/25/ashley-madison-blackmail/




*** SAP NetWeaver durch Lücken gefährdet ***
---------------------------------------------
In verschiedenen Komponenten der NetWeaver-Plattform klaffen Sicherheitslücken. Sicherheitsforschern zufolge könnten Angreifer über die Schlupflöcher unter anderem an Log-in-Daten kommen.
---------------------------------------------
https://heise.de/-3693658




*** Security Bulletin Posted for ColdFusion (APSB17-14) ***
---------------------------------------------
Adobe has published a Security Bulletin (APSB17-14) announcing the availability of hotfixes for ColdFusion versions 2016, 11 and 10. These hotfixes resolve an input validation ..
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1460




*** Hackers uncork experimental Linux-targeting malware ***
---------------------------------------------
SSH... its Shishiga Hackers have unleashed a new malware strain that targets Linux-based systems.
---------------------------------------------
www.theregister.co.uk/2017/04/25/linux_malware/




*** [2017-04-25] Portrait Display SDK Service privilege escalation ***
---------------------------------------------
The Portrait Display SDK Service (PdiService.exe) configuration was found to be writable for every authenticated user in a default installation.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170425-0_Portrait_Displays_SDK_Privilege_Escalation_v10.txt




*** [20170402] - Core - XSS Vulnerability ***
---------------------------------------------
https://developer.joomla.org/security-centre/684-20170402-core-xss-vulnerability.html




*** [20170403] - Core - XSS Vulnerability ***
---------------------------------------------
https://developer.joomla.org/security-centre/685-20170403-core-xss-vulnerability.html




*** [20170404] - Core - XSS Vulnerability ***
---------------------------------------------
https://developer.joomla.org/security-centre/686-20170404-core-xss-vulnerability.html




*** [20170405] - Core - XSS Vulnerability ***
---------------------------------------------
https://developer.joomla.org/security-centre/687-20170405-core-xss-vulnerability.html


More information about the Daily mailing list