[CERT-daily] Tageszusammenfassung - 02.08.2017

[Daily end-of-shift report]

=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 01-08-2017 18:00 − Mittwoch 02-08-2017 18:00
Handler:     Petr Sikuta
Co-Handler:  Alexander Riepl

=====================
=        News       =
=====================

∗∗∗ Ein paar Thesen zu aktuellen Gesetzesentwürfen ∗∗∗
---------------------------------------------
Ein paar Thesen zu aktuellen Gesetzesentwürfen31. Juli 2017Das Thema "LE going dark in the age of encrytion" kocht mal wieder hoch, und noch schnell vor den Neuwahlen wurden entsprechende Gesetzesentwürfe eingebracht. Ich will hier aus technischer Sicht ein paar Argumente in die Diskussion einwerfen, ..
---------------------------------------------
http://www.cert.at/services/blog/20170731130131-2076.html


∗∗∗ Auch bei Amazon: Android-Smartphones mit vorinstallierter Malware im Umlauf ∗∗∗
---------------------------------------------
Vorinstallierte Malware auf dem Smartphone dürfte für viele Nutzer ein Albtraum sein. In einem aktuellen Fall sollen günstige Smartphones des Herstellers Nomu betroffen sein. Diese sind auch in Deutschland bestellbar.
---------------------------------------------
https://www.golem.de/news/auch-bei-amazon-android-smartphones-mit-vorinstallierter-malware-im-umlauf-1708-129269.html


∗∗∗ WannaCry Inspires Banking Trojan to Add Self-Spreading Ability ∗∗∗
---------------------------------------------
Although the wave of WannaCry and Petya ransomware has now been slowed down, money-motivated hackers and cyber criminals have taken lessons from the global outbreaks to make their malware more powerful. Security researchers have now discovered at least one group of cyber criminals that are attempting to ..
---------------------------------------------
https://thehackernews.com/2017/08/trickbot-banking-trojan.html


∗∗∗ Invisible Man malware runs keylogger on your Android banking apps ∗∗∗
---------------------------------------------
Top tip: Dont fetch and install dodgy Flash updates from random websites A new breed of Android malware is picking off mobile banking customers, particularly those in the UK and Germany, were told.
---------------------------------------------
http://www.theregister.co.uk/2017/08/02/banking_android_malware_in_uk/


∗∗∗ Sorry, psycho bosses, its not OK to keylog your employees ∗∗∗
---------------------------------------------
In Germany, at least, youre gonna have to get your jollies some other way Installing keylogging software on your employees computers and using what you find to fire them is not OK, a German court has decided.
---------------------------------------------
http://www.theregister.co.uk/2017/08/02/keylogging_software_for_employees/


∗∗∗ Exposed IoT servers let hackers unlock prison cells, modify pacemakers ∗∗∗
---------------------------------------------
A researcher has found an often misconfigured protocol (MQTT) puts heart monitors, oil pipelines or particle accelerators at risk of attack.
---------------------------------------------
http://www.zdnet.com/article/exposed-servers-hack-prison-cells-alter-pacemakers/


∗∗∗ Sicherheitsupdates: VMware vCenter Server und Tools angreifbar ∗∗∗
---------------------------------------------
Die Entwickler schließen mehrere Schwachstellen in ihrer Software. Keine Lücke gilt als kritisch.
---------------------------------------------
https://heise.de/-3790197


∗∗∗ Most damaging threat vector for companies? Malicious insiders ∗∗∗
---------------------------------------------
According to a new SANS survey, 40 percent of respondents rated malicious insiders (insiders who intentionally do harm) as the most damaging threat vector their companies faced. Furthermore, nearly half (49 percent) said they were in the process of developing a formal incident response plan with provisions ..
---------------------------------------------
https://www.helpnetsecurity.com/2017/08/02/malicious-insiders-threat-vector/



=====================
=    Advisories     =
=====================

∗∗∗ Mitsubishi Electric Europe B.V. E-Designer ∗∗∗
---------------------------------------------
This advisory contains mitigation details for heap-based buffer overflow, stack-based buffer overflow, and out-of-bounds write vulnerabilities in the Mitsubishi Electric Europe B.V. E-Designer.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-17-213-01


∗∗∗ Schneider Electric Trio TView ∗∗∗
---------------------------------------------
This advisory contains mitigation details for multiple vulnerabilities for Java Runtime Environment in Schneider Electric’s Trio TView software.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-17-213-02


∗∗∗ Security Advisory - Multiple Buffer Overflow Vulnerabilities in Driver of Huawei Smart Phone ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170801-01-smartphone-en


∗∗∗ Security Advisory - DoS Vulnerability of Audio Driver in Some Huawei Smartphones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170802-01-smartphone-en


∗∗∗ Security Advisory - Insufficient Input Validation Vulnerability in Bastet of Huawei Smart Phone ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170802-02-smartphone-en


∗∗∗ IBM Security Bulletin: Weaker than expected security in WebSphere Application Server (CVE-2017-1504) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22006803


∗∗∗ IBM Security Bulletin: Fix Available for IBM iNotes Cross-Site Scripting Vulnerability (CVE-2017-1327) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22003664


∗∗∗ IBM Security Bulletin: IBM InfoSphere Master Data Management Server is vulnerable to cross-site scripting (XSS) Attack (CVE-2017-1199) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22006618


∗∗∗ IBM Security Bulletin: IBM InfoSphere Master Data Management is vulnerable to multiple OpenSSL vulnerabilities (CVE-2016-7055, CVE-2017-3730, CVE-2017-3731, CVE-2017-3732) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22006602

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily