[CERT-daily] Tageszusammenfassung - 05.10.2017

Thu Oct 5 18:08:16 CEST 2017

=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 04-10-2017 18:00 − Donnerstag 05-10-2017 18:00
Handler:     Stephan Richter
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Mozilla to End All Firefox Support for XP and Vista in June 2018 ∗∗∗
---------------------------------------------
Mozilla announced today plans to discontinue any support for the Firefox browser on Windows XP and Vista in June 2018. [...]
---------------------------------------------
https://www.bleepingcomputer.com/news/software/mozilla-to-end-all-firefox-support-for-xp-and-vista-in-june-2018/


∗∗∗ Avast: Ccleaner-Malware hat drei Stufen und verschont 64-Bit-PCs ∗∗∗
---------------------------------------------
Die Malware in einer Ccleaner-Version hatte mindestens drei Stufen - von der ersten waren 1,65 Millionen Personen betroffen. Wer ein 64-Bit-Windows nutzt, soll allerdings nichts zu befürchten haben.
---------------------------------------------
https://www.golem.de/news/avast-ccleaner-malware-hat-drei-stufen-und-verschont-64-bit-pcs-1710-130444-rss.html


∗∗∗ Security Awareness Month: How to Help Friends and Family, (Wed, Oct 4th) ∗∗∗
---------------------------------------------
For the last few years, October has been "Security Awareness Month", with various organizations using it to promote security awareness. We have done a few "themed" diaries around security awareness in past years, but for the most part, there isn't that much new to say for our core audience. Security awareness is however still a big issue for the rest of humanity, and if you are looking for advice to help friends and family become more security-aware, then the [...]
---------------------------------------------
https://isc.sans.edu/diary/rss/22896


∗∗∗ SYSCON Backdoor Uses FTP as a C&C Channel ∗∗∗
---------------------------------------------
Bots can use various methods to establish a line of communication between themselves and their command-and-control (C&C) server. Usually, these are done via HTTP or other TCP/IP connections. However, we recently encountered a botnet that uses a more unusual method: an FTP server that, in effect, acts as a C&C server.
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/Mw_aCJ0nNos/


∗∗∗ Common Sense in EDI Security ∗∗∗
---------------------------------------------
[...] Looking at these examples, we can see that security is a process, a chain of events; for security measures to succeed, every link in the chain of events must be as secure as possible.
---------------------------------------------
https://www.tripwire.com/state-of-security/security-data-protection/common-sense-edi-security/


∗∗∗ Outsmarting grid security threats ∗∗∗
---------------------------------------------
Almost two-thirds (63 percent) of utility executives believe their country faces at least a moderate risk of electricity supply interruption from a cyberattack on electric distribution grids in the next five years. The Accenture survey of more than 100 utilities executives from over 20 countries revealed interruptions to the power supply from cyberattacks is the most serious concern, cited by 57 percent of respondents. Just as worrying is the physical threat to the distribution grid.
---------------------------------------------
https://www.helpnetsecurity.com/2017/10/05/grid-security-threats/


∗∗∗ PoC for several Magento vulnerabilities released, update now! ∗∗∗
---------------------------------------------
DefenseCode has published proof of concept code for two CSRF and stored XSS vulnerabilities affecting a number of versions of the popular e-commerce platform Magento. Magento is an open source platform that provides merchants with control over their online stores and a shopping cart system, as well as tools to improve the visibility and management of the shop. About the vulnerabilities Security researcher Bosko Stankovic discovered the security flaws during a security audit of Magento [...]
---------------------------------------------
https://www.helpnetsecurity.com/2017/10/05/magento-vulnerability-poc-code/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ iManager 3.0.4 ∗∗∗
---------------------------------------------
Abstract: This patch addresses important issues found since the original release of iManager 3.0.
---------------------------------------------
https://download.novell.com/Download?buildid=r_GBmD8A9cU~


∗∗∗ eDirectory 9.0.4 ∗∗∗
---------------------------------------------
Abstract: This update is being provided to resolve important issues found since the original release of Novell eDirectory 9.0.
---------------------------------------------
https://download.novell.com/Download?buildid=WKnTKcctISw~


∗∗∗ Apple security update for watchOS ∗∗∗
---------------------------------------------
watchOS 4.0.1 includes the security content of watchOS 4 and is available for Apple Watch Series 3 (GPS + Cellular).
---------------------------------------------
https://support.apple.com/en-us/HT208163


∗∗∗ DFN-CERT-2017-1736: Digium Asterisk, Digium Certified Asterisk: Eine Schwachstelle ermöglicht das Ausspähen von Informationen ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-1736/


∗∗∗ DFN-CERT-2017-1750: cURL: Eine Schwachstelle ermöglicht einen Denial-of-Service-Angriff ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-1750/


∗∗∗ DFN-CERT-2017-1755: Sophos UTM Manager: Mehrere Schwachstellen ermöglichen Denial-of-Service-Angriffe ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-1755/


∗∗∗ Cisco Security Advisories and Alerts ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/publicationListing.x


∗∗∗ IBM Security Bulletins ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/


∗∗∗ SSA-971654 (Last Update 2017-10-05): Authentication Bypass in 7KT PAC1200 Data Manager from the SENTRON Portfolio ∗∗∗
---------------------------------------------
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-971654.pdf

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily