[CERT-daily] Tageszusammenfassung - 30.04.2018

[Daily end-of-shift report]

=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 27-04-2018 18:00 − Montag 30-04-2018 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Issue with BitLocker/DMA setting in Windows 10 “Fall Creators Update” (v1709) ∗∗∗
---------------------------------------------
Update, 27 April 2018: The problem described in this post has been fixed in the April 2018 quality update. Customers that deployed Microsoft’s security baseline for Windows 10 v1709 might have experienced device and component failures. The ..
---------------------------------------------
https://blogs.technet.microsoft.com/secguide/2018/01/18/issue-with-bitlockerdma-setting-in-windows-10-fall-creators-update-v1709/


∗∗∗ FacexWorm Targets Cryptocurrency Trading Platforms, Abuses Facebook Messenger for Propagation ∗∗∗
---------------------------------------------
Our Cyber Safety Solutions team identified a malicious Chrome extension we named FacexWorm, which uses a miscellany of techniques to target cryptocurrency trading platforms accessed on an affected browser and ..
---------------------------------------------
https://blog.trendmicro.com/trendlabs-security-intelligence/facexworm-targets-cryptocurrency-trading-platforms-abuses-facebook-messenger-for-propagation/


∗∗∗ Please don’t buy this: smart toys ∗∗∗
---------------------------------------------
Smart toys attempt to offer what a lot of us imagined as kids—a toy that we can not only play with, but one that plays back. Many models offer voice recognition, facial expressions, hundreds of words and phrases, reaction to touch and impact, and even the ability to learn and retain new information. These ..
---------------------------------------------
https://blog.malwarebytes.com/security-world/2018/04/please-dont-buy-smart-toys/


∗∗∗ Bundesheer-Hacker nahmen an Nato-Übung teil ∗∗∗
---------------------------------------------
In Tallinn wurde geprobt, wie Cyberangriffe abgewehrt werden können
---------------------------------------------
http://derstandard.at/2000078919316



=====================
=  Vulnerabilities  =
=====================


∗∗∗ DSA-4181 roundcube - security update ∗∗∗
---------------------------------------------
https://www.debian.org/security/2018/dsa-4181


∗∗∗ DSA-4182 chromium-browser - security update ∗∗∗
---------------------------------------------
https://www.debian.org/security/2018/dsa-4182


∗∗∗ DSA-4186 gunicorn - security update ∗∗∗
---------------------------------------------
https://www.debian.org/security/2018/dsa-4186


∗∗∗ DSA-4185 openjdk-8 - security update ∗∗∗
---------------------------------------------
https://www.debian.org/security/2018/dsa-4185

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily