[CERT-daily] Tageszusammenfassung - 03.01.2018

Wed Jan 3 18:06:01 CET 2018

=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 02-01-2018 18:00 − Mittwoch 03-01-2018 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ 9% of Popular Websites Use Anti-Adblock Scripts ∗∗∗
---------------------------------------------
Around 9% of todays most popular websites deployed or are deploying anti-adblock scripts in an effort to maintain advertising revenues and fight off the rise in the adoption of ad-blocking extensions.
---------------------------------------------
https://www.bleepingcomputer.com/news/technology/9-percent-of-popular-websites-use-anti-adblock-scripts/


∗∗∗ VMware Issues 3 Critical Patches for vSphere Data Protection ∗∗∗
---------------------------------------------
VMware released three patches fixing critical vulnerabilities affecting its vSphere cloud computing virtualization platform.
---------------------------------------------
http://threatpost.com/vmware-issues-3-critical-patches-for-vsphere-data-protection/129277/


∗∗∗ Massive Lücke in Intel-CPUs erfordert umfassende Patches ∗∗∗
---------------------------------------------
Derzeit arbeiten Linux- und Windows-Entwickler mit Hochdruck an umfangreichen Sicherheits-Patches, die Angriffe auf Kernel-Schwachstellen verhindern sollen. Grund für die Eile: eine Intel-spezifische Sicherheitslücke.
---------------------------------------------
https://heise.de/-3931562


∗∗∗ Serial Swatter “SWAuTistic” Bragged He Hit 100 Schools, 10 Homes ∗∗∗
---------------------------------------------
The individual who allegedly made a fake emergency call to Kansas police last week that summoned them to shoot and kill an unarmed local man has claimed credit for raising dozens of these dangerous false ..
---------------------------------------------
https://krebsonsecurity.com/2018/01/serial-swatter-swautistic-bragged-he-hit-100-schools-10-homes/


∗∗∗ Android-Update: Google räumt zahlreiche Sicherheitslücken aus ∗∗∗
---------------------------------------------
Media Framework bleibt problematischster Bereich – Update für Pixel- und Nexus-Devices begonnen
---------------------------------------------
http://derstandard.at/2000071414985


∗∗∗ Cybersecurity stand im Fokus eines Sicherheitsgipfels in St. Pölten ∗∗∗
---------------------------------------------
Behördliches Krisen- und Katastrophenmanagement soll u.a. weiter ausgebaut werden – Nächstes Treffen im Herbst
---------------------------------------------
http://derstandard.at/2000071416550


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Cisco WebEx Advanced Recording Format Player Remote Code Execution Vulnerability ∗∗∗
---------------------------------------------
A vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow a remote attacker to execute arbitrary code on the system of a targeted user. The attacker could exploit this vulnerability by sending the user a link or email attachment with a malicious ARF file and persuading the user to follow the link ..
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180103-warfp


∗∗∗ PMASA-2017-9 ∗∗∗
---------------------------------------------
https://www.phpmyadmin.net/security/PMASA-2017-9/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily