[CERT-daily] Tageszusammenfassung - Dienstag 30-05-2017

Tue May 30 18:09:17 CEST 2017

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 29-05-2017 18:00 − Dienstag 30-05-2017 18:00
Handler:     Stephan Richter
Co-Handler:  n/a


*** Chrome Bug Allows Sites to Record Audio and Video Without a Visual Indicator ***
---------------------------------------------
Ran Bar-Zik, a web developer at AOL, has discovered and reported a bug in Google Chrome that allows websites to record audio and video without showing a visual indicator. [...]
---------------------------------------------
https://www.bleepingcomputer.com/news/security/chrome-bug-allows-sites-to-record-audio-and-video-without-a-visual-indicator/


*** 5 incident response practices that keep enterprises from adapting to new threats ***
---------------------------------------------
Security analysts within enterprises are living a nightmare that never ends. 24 hours a day, their organizations are being attacked by outside (and sometimes inside) perpetrators - hackers, hacktivists, competitors, disgruntled employees, etc. Attacks range in scope and sophistication, but are always there, haunting the security teams tasked with guarding against them. To cope with this never-ending, ever-changing slew of threats, most organizations rely on established best practices to [...]
---------------------------------------------
https://www.helpnetsecurity.com/2017/05/30/incident-response-practices/


*** Darauf sollen Unternehmer bei der IT-Sicherheit achten ***
---------------------------------------------
Nahezu jeden Tag werden Cyberangriffe auf Unternehmen publik. Der Schaden ist oft erheblich. Wer ein paar einfache Tipps beachtet, kann das Risiko deutlich reduzieren.
---------------------------------------------
https://futurezone.at/b2b/darauf-sollen-unternehmer-bei-der-it-sicherheit-achten/266.869.752


*** Erpressungstrojaner Jaff: Vorsicht vor Mails mit PDF-Anhang ***
---------------------------------------------
Derzeit landen vermehrt E-Mails mit einem manipulierten PDF-Dokument in Posteingängen. Wer das Dokument unter Windows öffnet, kann sich die Ransomware Jaff einfangen. Diese verschlüsselt Daten und versieht sie mit der Dateiendung .wlc.
---------------------------------------------
https://heise.de/-3728073


*** FreeRADIUS: Anmelde-Server dank Sicherheitslücke viel zu gutgläubig ***
---------------------------------------------
Bei der Wiederaufnahme von TLS-Verbindungen überprüft der Anmelde-Server FreeRADIUS unter Umständen nicht, ob der Nutzer sich jemals richtig angemeldet hat. Für eine Software, die Anmeldungen prüfen soll, ist das fatal.
---------------------------------------------
https://heise.de/-3728535


*** SANS Securing the Human Security Awareness Report 2017 ***
---------------------------------------------
[...] The report highlights what successful programs do right to change behavior and what lagging programs can do to improve and move beyond compliance.
---------------------------------------------
https://securingthehuman.sans.org/resources/security-awareness-report-2017
https://securingthehuman.sans.org/media/resources/STH-SecurityAwarenessReport-2017.pdf


*** The Most Common Social Engineering Attacks ***
---------------------------------------------
Many years ago, one of the world's most popular hacker Kevin Mitnick explained in his book "The Art of Deception" the power of social engineering techniques, today we are aware that social engineering can be combined with hacking to power insidious attacks. Let's consider for example social media and mobile platforms; they are considered powerful attack [...]
---------------------------------------------
http://resources.infosecinstitute.com/common-social-engineering-attacks/


*** Serviio PRO 1.8 DLNA Media Streaming Server REST API Arbitrary Code Execution ***
---------------------------------------------
The version of Serviio installed on the remote Windows/Linux host is affected by an unauthenticated password modification vulnerability due to improper access control enforcement of the Configuration REST API. A remote attacker can exploit this, via a specially crafted request, to change the login password for the mediabrowser protected page.
---------------------------------------------
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5408.php


*** IBM Security Bulletin: Security vulnerabilities in IBM Java Runtime affect IBM RLKS Administration and Reporting Tool Admin ***
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22001029


*** IBM Security Bulletin: A vulnerability in IBM Java SDK affects IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2016-5597) ***
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22003602