[CERT-daily] Tageszusammenfassung - 01.08.2018

Daily end-of-shift report team at cert.at
Wed Aug 1 18:12:52 CEST 2018


=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 31-07-2018 18:00 − Mittwoch 01-08-2018 18:00
Handler:     Robert Waldner
Co-Handler:  Alexander Riepl

=====================
=       News        =
=====================


∗∗∗ Facebook Phishing via SMS, (Wed, Aug 1st) ∗∗∗
---------------------------------------------
Facebook accounts are still a pretty hot commodity to spread malware. No ruse works better than having a "Friend" offer you some new software or browser extension. As a result, we keep seeing attempts to phish Facebook credentials. Late last week I came across a simple example of such an attempt that in particular targeted users of mobile ..
---------------------------------------------
https://isc.sans.edu/diary/23940


∗∗∗ When Cameras and Routers attack Phones. Spike in CVE-2014-8361 Exploits Against Port 52869, (Wed, Aug 1st) ∗∗∗
---------------------------------------------
Universal Plug an Play (UPnP) is the gift that keeps on giving. One interesting issue with UPnP (aside from the fact that it never ever should be exposed to the Internet, but often is), is the ..
---------------------------------------------
https://isc.sans.edu/diary/23942


∗∗∗ Österreichischer Hoster: E-Mail-Addressen bei EDIS abhanden gekommen ∗∗∗
---------------------------------------------
Die E-Mail-Adressen zu Kundenkonten des Hosters EDIS sind bei Have I Been Pwned aufgetaucht. Kunden der Firma wurden per E-Mail vor einem Zwischenfall gewarnt.
---------------------------------------------
http://heise.de/-4125214


∗∗∗ Efail: HTML Mails have no Security Concept and are to blame ∗∗∗
---------------------------------------------
I recently wrote down my thoughts about why I think deprecated cryptographic standards are to blame for the Efail vulnerability in OpenPGP and S/MIME. However I promised that Ill also cover the other ..
---------------------------------------------
https://blog.hboeck.de:443/archives/894-Efail-HTML-Mails-have-no-Security-Concept-and-are-to-blame.html


=====================
=  Vulnerabilities  =
=====================


∗∗∗ Johnson Controls Metasys and BCPro ∗∗∗
---------------------------------------------
This advisory includes mitigation recommendations for an information exposure through an error message vulnerability in Johnson Controls Metasys and BCPro products.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-212-02


∗∗∗ WECON LeviStudioU ∗∗∗
---------------------------------------------
This advisory includes mitigation recommendations for stack-based buffer overflow and heap-based buffer overflow vulnerabilities in WECONs LeviStudioU HMI editor.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-212-03


∗∗∗ AVEVA InTouch Access Anywhere ∗∗∗
---------------------------------------------
This advisory includes mitigation recommendations for a cross-site scripting vulnerability in the outdated and insecure third-party jQuery library used in the AVEVA InTouch Access Anywhere remote access software.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-212-04


∗∗∗ AVEVA Wonderware License Server ∗∗∗
---------------------------------------------
This advisory includes mitigation recommendations for an improper restriction of operations within the bounds of a memory buffer vulnerability in the Flexera lmgrd third-party component used by the AVEVA Wonderware License Server.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-212-05


∗∗∗ Vuln: Apache Camel CVE-2018-8027 XML External Entity Information Disclosure Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/104933


∗∗∗ IBM Security Bulletin: IBM Maximo Asset Management is affected by a cross-site scripting vulnerability. (CVE-2018-1554) ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10713695


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms (CVE-2018-2783) ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10717143


∗∗∗ IBM Security Bulletin: IBM MQ Appliance affected by an OpenSSL vulnerability (CVE-2018-0739) ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10717517


∗∗∗ IBM Security Bulletin: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit JNDI component could affect IBM InfoSphere Optim Performance Manager. CVE-2018-2633 CVE-2018-2603 CVE-2018-2579 ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=swg22014113


∗∗∗ July 31, 2018   TNS-2018-11   [R1] SecurityCenter 5.7.0 Fixes Multiple Vulnerabilities ∗∗∗
---------------------------------------------
http://www.tenable.com/security/tns-2018-11

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list