[CERT-daily] Tageszusammenfassung - Donnerstag 23-02-2017

Daily end-of-shift report team at cert.at
Thu Feb 23 18:11:43 CET 2017 

=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 22-02-2017 18:00 − Donnerstag 23-02-2017 18:00
Handler:     Robert Waldner
Co-Handler:  n/a



*** Criminals Monetizing Attacks Against Unpatched WordPress Sites ***
---------------------------------------------
Sites still vulnerable to a REST API endpoint flaw in WordPress are now being targeted by attackers trying to turn a profit.
---------------------------------------------
http://threatpost.com/criminals-monetizing-attacks-against-unpatched-wordpress-sites/123848/




*** MSRT February 2017: Chuckenit detection completes MSRT solution for one malware suite ***
---------------------------------------------
In September 2016, we started adding to Microsoft Malicious Software Removal Tool (MSRT) a malware suite of browser modifiers and other Trojans installed by software bundlers. We documented how the malware in this group install other malware or applications silently, without your consent.
---------------------------------------------
https://blogs.technet.microsoft.com/mmpc/2017/02/22/msrt-february-2017-chuckenit-detection-completes-msrt-solution-for-one-malware-suite/




*** Top 8 Reverse Engineering Tools for Cyber Security Professionals ***
---------------------------------------------
Whether it is rebuilding a car engine or diagramming a sentence, people can learn about many things simply by taking them apart and putting them back together again. This process of breaking something down to understand it, build a copy to improve it, is known as reverse engineering.
---------------------------------------------
http://resources.infosecinstitute.com/top-8-reverse-engineering-tools-cyber-security-professionals/




*** Impact of New Linux Kernel DCCP Vulnerability Limited ***
---------------------------------------------
Existing mitigations and limitations around a newly disclosed Linux kernel vulnerability in the DCCP module mute the potential impact of local attacks.
---------------------------------------------
http://threatpost.com/impact-of-new-linux-kernel-dccp-vulnerability-limited/123863/




*** Java, Python FTP Injection Attacks Bypass Firewalls ***
---------------------------------------------
Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses.
---------------------------------------------
http://threatpost.com/java-python-ftp-injection-attacks-bypass-firewalls/123858/




*** Kollissionsangriff: Hashfunktion SHA-1 gebrochen ***
---------------------------------------------
Forscher von Google und der Universität Amsterdam ist es gelungen, zwei unterschiedliche PDF-Dateien mit demselben SHA-1-Hash zu erzeugen. Dass SHA-1 unsicher ist, war bereits seit 2005 bekannt. (SHA-1, Google)
---------------------------------------------
https://www.golem.de/news/kollissionsangriff-hashfunktion-sha-1-gebrochen-1702-126355-rss.html




*** Putty 0.68 released ***
---------------------------------------------
http://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html




*** IBM Security Bulletins ***
---------------------------------------------
*** IBM Security Bulletin: Buffer Overflow from improperly formatted SELECT command in IBM Tivoli Storage Manager (IBM Spectrum Protect) Server (CVE-2016-8998) ***
http://www.ibm.com/support/docview.wss?uid=swg21998747
---------------------------------------------
*** IBM Security Bulletin: IBM WebSphere MQ cluster channel definition causes denial of service to cluster (CVE-2016-9009) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21998647
---------------------------------------------
*** IBM Security Bulletin: Vulnerability in OpenSSL affects IBM Netezza PureData System for Analytics (CVE-2016-8610) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21997472
---------------------------------------------
*** IBM Security Bulletin: IBM MQ and IBM MQ Appliance are vulnerable to SWEET32 Birthday attack (CVE-2016-2183) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21995099
---------------------------------------------
*** IBM Security Bulletin: Information disclosure CVE-2016-9975 affects IBM Dashboard Application Services Hub (DASH) ***
http://www.ibm.com/support/docview.wss?uid=swg21998714
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in OpenSSL affect IBM WebSphere MQ (CVE-2016-2106, CVE-2016-2109) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21998797
---------------------------------------------

More information about the Daily mailing list