[CERT-daily] Tageszusammenfassung - 30.07.2018

[Daily end-of-shift report]

=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 27-07-2018 18:00 − Montag 30-07-2018 18:00
Handler:     Robert Waldner
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ An Introduction to the Xposed Framework for Android Penetration Testing ∗∗∗
---------------------------------------------
Introduction When it comes to the Pen Testing of Android-based applications, the main focus and attention of the Pen Tester is to live in the mindset of the Cyber attacker literally. The Pen Tester must then carry out an attack to see how the software code can be manipulated, what the weak spots of the […]The post An Introduction to the Xposed Framework for Android Penetration Testing appeared first on InfoSec Resources.An Introduction to the Xposed Framework for Android Penetration
---------------------------------------------
https://resources.infosecinstitute.com/an-introduction-to-the-xposed-framework-for-android-penetration-testing/


∗∗∗ Top 10 Free Threat-Hunting Tools ∗∗∗
---------------------------------------------
Threat hunting is an alternative approach to dealing with cyber-attacks, compared to network security systems that include appliances such as firewalls that monitor traffic as it flows through a system. While these common methods of defense generally investigate threats after they have occurred, the strategy of threat hunting involves searching through networks, detecting and isolating […]The post Top 10 Free Threat-Hunting Tools appeared first on InfoSec Resources.Top 10 Free
---------------------------------------------
https://resources.infosecinstitute.com/top-10-free-threat-hunting-tools/


∗∗∗ State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China ∗∗∗
---------------------------------------------
Heres a timely reminder that email isnt the only vector for phishing attacks: Several U.S. state and local government agencies have reported receiving strange letters via snail mail that include malware-laden compact discs (CDs) apparently sent from China, KrebsOnSecurity has learned. This particular ruse, while crude and simplistic, preys on the curiosity of recipients who may be enticed into popping the CD into a computer. 
---------------------------------------------
https://krebsonsecurity.com/2018/07/state-govts-warned-of-malware-laden-cd-sent-via-snail-mail-from-china/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (libextractor and wesnoth), Debian (ffmpeg, fuse, libidn, mercurial, openssl, policykit-1, tomcat7, tomcat8, wireshark, and wordpress), Fedora (java-1.8.0-openjdk, java-openjdk, libpng10, php, sox, and suricata), Gentoo (curl and znc), openSUSE (bouncycastle, Chromium, cinnamon, e2fsprogs, ImageMagick, kernel, libgcrypt, mercurial, openssh, openssl-1_0_0, openssl-1_1, python, qutebrowser, rubygem-sprockets, shadow, and xen), Slackware (kernel), ...
---------------------------------------------
https://lwn.net/Articles/761324/


∗∗∗ IBM Security Bulletin: A security vulnerability has been identified in Open SSL, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2016-0702). ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10718745


∗∗∗ IBM Security Bulletin: Users of Helm with IBM Cloud Private can elevate their privileges (CVE-2018-1714) ∗∗∗
---------------------------------------------
https://www-prd-trops.events.ibm.com/node/718339


∗∗∗ IBM Security Bulletin: A vulnerability in Apache Solr (lucene) affects IBM InfoSphere Information Server ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22017447


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer. ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10717895


∗∗∗ IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by a vulnerability in GNU C Library (CVE-2017-12133) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10718991


∗∗∗ IBM Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by a vulnerabilty in Freetype 2 (CVE-2016-10328) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10718665


∗∗∗ IBM Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by a vulnerabilty in PHP (CVE-2018-7584) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10718663


∗∗∗ IBM Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilties in dhcp (CVE-2018-5732, CVE-2018-5733) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10718661


∗∗∗ IBM Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilties in GNU C Library ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10718659


∗∗∗ IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by a vulnerabilities in freetype2 (CVE-2016-10244 CVE-2017-8105 CVE-2017-8287) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10718993


∗∗∗ IBM Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by a vulnerability in IPsec-Tools (CVE-2016-10396) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10718657


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Platform Symphony and IBM Spectrum Symphony ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10718381


∗∗∗ IBM Security Bulletin: IBM Cloud Functions is affected by two function runtimevulnerabilities ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10718977


∗∗∗ HPESBHF03867 rev.1 - HPE Systems with Intel-based processors with SPI Flash Engine, Local Denial of Service ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03867en_us

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily