[CERT-daily] Tageszusammenfassung - 03.10.2017

Tue Oct 3 18:31:31 CEST 2017

=====================
= End-of-Day report =
=====================

Timeframe:   Montag 02-10-2017 18:00 − Dienstag 03-10-2017 18:00
Handler:     Stephan Richter
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Three WordPress Plugin Zero-Days Exploited in the Wild ∗∗∗
---------------------------------------------
Hackers have exploited three zero-days to install backdoors on WordPress sites, according to a security alert published minutes ago by WordPress security firm Wordfence. [...]
---------------------------------------------
https://www.bleepingcomputer.com/news/security/three-wordpress-plugin-zero-days-exploited-in-the-wild/


∗∗∗ Security Bugs in Dnsmasq Affect Computers, Smartphones, Routers, IoT Devices ∗∗∗
---------------------------------------------
Security researchers at Google have found seven security bugs in the Dnsmasq application that put an inestimable number of desktops, servers, smartphones, routers, and other IoT devices at risk of hacking. [...]
---------------------------------------------
https://www.bleepingcomputer.com/news/security/security-bugs-in-dnsmasq-affect-computers-smartphones-routers-iot-devices/


∗∗∗ Cyber Security Challenge: Das Team Austria steht fest ∗∗∗
---------------------------------------------
Nach dem Finale ist vor dem Finale: Die Sieger der Austria Cyber Security Challenge trainieren jetzt für den Sieg im europäischen Hacker-Wettbewerb.
---------------------------------------------
https://futurezone.at/digital-life/cyber-security-challenge-das-team-austria-steht-fest/289.751.619


∗∗∗ Netgear Fixes 50 Vulnerabilities in Routers, Switches, NAS Devices ∗∗∗
---------------------------------------------
Netgear patches over a dozen vulnerabilities impacting its routers, switches and NAS devices.
---------------------------------------------
http://threatpost.com/netgear-fixes-50-vulnerabilities-in-routers-switches-nas-devices/128230/


∗∗∗ E-Mail Tracking ∗∗∗
---------------------------------------------
Interesting survey paper: on the privacy implications of e-mail tracking: Abstract: We show that the simple act of viewing emails contains privacy pitfalls for the unwary. We assembled a corpus of commercial mailing-list emails, and find a network of hundreds of third parties that track email recipients via methods such as embedded pixels. About 30% of emails leak the recipients email address to one or more of these third parties when they are viewed. In the majority of cases, these leaks are [...]
---------------------------------------------
https://www.schneier.com/blog/archives/2017/10/e-mail_tracking.html


∗∗∗ Outdated vendor systems leaving finance industry at risk ∗∗∗
---------------------------------------------
BitSight data scientists found that in most cases, companies in the finance industry supply chain are not meeting the same security standards that finance companies hold for their own organizations. The spread of BitSight Security Ratings amongst Finance Firms and monitored Legal, Technology, and Business Services organizations as of September 1st, 2017. "While finance organizations tend to have more sophisticated vendor risk management programs, there is a lot of work to be done to close [...]
---------------------------------------------
https://www.helpnetsecurity.com/2017/10/03/outdated-vendor-systems/


∗∗∗ Threat Hunting Part 2: Hunting on ICS Networks ∗∗∗
---------------------------------------------
In this edition of the Dragos Threat Hunting on ICS network series, we will compare threat hunting on industrial networks with concepts from the wider threat hunting community. We will also look at how the unique characteristics of industrial networks can be used to an advantage as network defense professionals [...]
---------------------------------------------
https://dragos.com/blog/20170927-ThreatHuntingSeriesPart2.html


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Dnsmasq Contains Multiple Vulnerabilities ∗∗∗
---------------------------------------------
Original release date: October 03, 2017 Dnsmasq versions 2.77 and prior contain multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
---------------------------------------------
https://www.us-cert.gov/ncas/current-activity/2017/10/03/Dnsmasq-Contains-Multiple-Vulnerabilities


∗∗∗ Android Security Bulletin—October 2017 ∗∗∗
---------------------------------------------
https://source.android.com/security/bulletin/2017-10-01


∗∗∗ IBM Security Bulletins ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily