[CERT-daily] Tageszusammenfassung - Freitag 31-03-2017

Daily end-of-shift report team at cert.at
Fri Mar 31 18:05:57 CEST 2017


=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 30-03-2017 18:00 − Freitag 31-03-2017 18:00
Handler:     Robert Waldner
Co-Handler:  Alexander Riepl


*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security SiteProtector System ***
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22000768




*** IBM Security Bulletin: IBM Cognos Analytics is affected by multiple vulnerabilities ***
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg21998887




*** Spotting a Hidden SEO Hack: “Play One” ***
---------------------------------------------
SEO hacks continue to plague websites as attackers abuse SERP rankings for their own gain. The time and effort spent by the website owner creating content, optimizing pages and building ..
---------------------------------------------
https://blog.sucuri.net/2017/03/spotting-a-hidden-seo-hack-play-one.html




*** Schneider Electric Modicon PLCs ***
---------------------------------------------
This advisory contains mitigation details predictable value range from previous values, use of insufficiently random values, and insufficiently protected credentials vulnerabilities in Schneider Electrics Modicon PLCs.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-17-089-02




*** Researchers steal data from shared cache of two cloud VMs ***
---------------------------------------------
All of a sudden dedicated instances are looking a lot better than multi-tenancy A group of researchers, one ..
---------------------------------------------
www.theregister.co.uk/2017/03/31/researchers_steal_data_from_shared_cache_of_two_cloud_vms/




*** Novell: Sentinel 8.0 SP1 (Sentinel 8.0.1.0) Build 3512 ***
---------------------------------------------
https://download.novell.com/Download?buildid=M7_yJE9WOXE~




*** Celebrate World Backup Day the Smarter Way ***
---------------------------------------------
In an effort to help the community be more cyber aware, WorldBackupDay.com celebrates on March 31st ..
---------------------------------------------
https://www.webroot.com/blog/2017/03/31/celebrate-world-backup-day-smarter-way/




*** Samsung Galaxy S8s Facial Unlocking Feature Can Be Fooled With A Photo ***
---------------------------------------------
All users need to do is simply hold their Galaxy S8 or S8 Plus in front of their eyes or their entire ..
---------------------------------------------
http://thehackernews.com/2017/03/samsung-galaxy-s8-facial-unlocking.html




*** Studie: TK-Infrastruktur hoffnungslos unsicher – Verschlüsselung Fehlanzeige ***
---------------------------------------------
Der amerikanische Pendant zur Bundesnetzagentur hat die Sicherheit des für die Telekommunikations-Infrastruktur unverzichtbaren SS7-Protokolls untersucht. Die Bilanz ist haarsträubend; die Arbeitsgruppe empfiehlt Ende-zu-Ende-Verschlüsselung.
---------------------------------------------
https://heise.de/-3671794




*** l+f: Flash für eine Handvoll Dollar ***
---------------------------------------------
FedEx Office macht seinen Kunden ein unmoralisches Angebot.
---------------------------------------------
https://heise.de/-3672139




*** Pornhub und Youporn stellen auf https um ***
---------------------------------------------
Die beiden Pornoseiten wollen ihren Nutzern mehr Datenschutz ermöglichen
---------------------------------------------
http://derstandard.at/2000055192256


More information about the Daily mailing list