[CERT-daily] Tageszusammenfassung - 11.09.2017

Mon Sep 11 18:15:17 CEST 2017

=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 08-09-2017 18:00 − Montag 11-09-2017 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a

=====================
=        News       =
=====================

∗∗∗ Energieversorgung: E-Mail-Konten sind besser gesichert als Windparks ∗∗∗
---------------------------------------------
Windparks machen einen professionellen Eindruck, doch bei der IT-Sicherheit hapert es leider. Recherchen von Internetwache.org und Golem.de zeigen eine Menge Schwachstellen und ein Chaos bei der Zuständigkeit.
---------------------------------------------
https://www.golem.de/news/energieversorgung-e-mail-konten-sind-besser-gesichert-als-windparks-1709-129868.html


∗∗∗ Secure microkernel in a KVM switch offers spy-grade app virtualization ∗∗∗
---------------------------------------------
Need a few air-gapped apps on one screen? Australian researchers show how Researchers at Australian think tank Data61 and the nations Defence Science and Technology Group have cooked up application publishing for the paranoid, by baking an ARM CPU and secure microkernel into a KVM switch.…
---------------------------------------------
www.theregister.co.uk/2017/09/07/cross_domain_desktop_compositor_vdi_for_the_paranoid/


∗∗∗ Apache Foundation rebuffs allegation it allowed Equifax attack ∗∗∗
---------------------------------------------
Timeline explains that either Equifax didnt patch old bugs, or was zero-dayed The Apache Software Foundation has defended its development practices in the face of a report alleging its code was responsible for the Equifax data leak.…
---------------------------------------------
www.theregister.co.uk/2017/09/11/apache_rebuts_equifax_allegation/


∗∗∗ Bug im Windows-Kernel könnte durch Schadcode missbraucht werden ∗∗∗
---------------------------------------------
Im Windows-Kernel schlummert seit Jahren eine Lücke, die in einigen Fällen dafür sorgen könnte, dass Malware vom Radar von Sicherheitssoftware verschwindet. Laut ihrem Entdecker zeigt sich Microsoft bislang aber eher desinteressiert.
---------------------------------------------
https://heise.de/-3825130


∗∗∗ Equifax Breach Response Turns Dumpster Fire ∗∗∗
---------------------------------------------
I cannot recall a previous data breach in which the breached company’s public outreach and response has been so haphazard and ill-conceived as the one coming right now from big-three credit bureau Equifax, which rather clumsily announced Thursday that an intrusion jeopardized Social security numbers and other information on 143 million Americans.
---------------------------------------------
https://krebsonsecurity.com/2017/09/equifax-breach-response-turns-dumpster-fire/


∗∗∗ Hack: 143 Millionen US-Amerikanern droht Identitätsdiebstahl ∗∗∗
---------------------------------------------
Datendiebstahl bei US-Finanzinstitut Equifax gilt als einer der schlimmsten Einbrüche in der IT-Geschichte
---------------------------------------------
http://derstandard.at/2000063850369


∗∗∗ Another Apache Struts Vulnerability Under Active Exploitation ∗∗∗
---------------------------------------------
This post authored by Nick Biasini with contributions from Alex Chiu.Earlier this week, a critical vulnerability in Apache Struts was publicly disclosed in a security advisory. This new vulnerability, identified as CVE-2017-9805, manifests due to the way the REST plugin uses XStreamHandler with an instance of XStream for deserialization without any type filtering. As a result, a remote, unauthenticated attacker could achieve remote code execution on a host running a vulnerable version of Apache
---------------------------------------------
http://blog.talosintelligence.com/2017/09/apache-struts-being-exploited.html


=====================
=    Advisories     =
=====================

∗∗∗ Multiple Vulnerabilities in Apache Struts 2 Affecting Cisco Products: September 2017 ∗∗∗
---------------------------------------------
On September 5, 2017, the Apache Software Foundation released security bulletins that disclosed three vulnerabilities in the Apache Struts 2 package. Of these vulnerabilities, the Apache Software Foundation classifies one as Critical Severity, one as Medium Severity, and one as Low Severity. For more information about the vulnerabilities, refer to the Details section ..
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2


∗∗∗ HPESBNS03755 rev.2 - HPE NonStop Server using Samba, Multiple Remote Vulnerabilities ∗∗∗
---------------------------------------------
https://h20566.www2.hpe.com/portal/site/hpsc/template.PAGE/action.process/public/kb/docDisplay/?javax.portlet.action=true&spf_p.tpst=kbDocDisplay&javax.portlet.begCacheTok=com.vignette.cachetoken&spf_p.prp_kbDocDisplay=wsrp-interactionState%3DdocId%253Demr_na-hpesbns03755en_us%257CdocLocale%253Den_US%257CcalledBy%253D&javax.portlet.endCacheTok=com.vignette.cachetoken

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily