[CERT-daily] Tageszusammenfassung - 24.10.2018

Daily end-of-shift report team at cert.at
Wed Oct 24 18:17:58 CEST 2018


=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 23-10-2018 18:00 − Mittwoch 24-10-2018 18:00
Handler:     Dimitri Robl
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ The Key New Security Features & Capabilities to Know in Windows 10 ∗∗∗
---------------------------------------------
Last year's WannaCry and Petya malware outbreaks couldn't breach Windows 10's latest security defenses, but companies still running outdated [...]
---------------------------------------------
https://www.beyondtrust.com/blog/key-new-security-features-in-windows-10/


∗∗∗ Hacker Discloses New Windows Zero-Day Exploit On Twitter ∗∗∗
---------------------------------------------
A security researcher with Twitter alias SandboxEscaper—who two months ago publicly dropped a zero-day exploit for Microsoft Windows Task Scheduler—has yesterday released another proof-of-concept exploit for a new Windows zero-day vulnerability.
---------------------------------------------
https://thehackernews.com/2018/10/windows-zero-day-exploit.html


∗∗∗ Sicherheitsupdates: Backup-Software von Arcserve kann Daten leaken ∗∗∗
---------------------------------------------
Angreifer könnten unberechtigt auf Daten von Host-Systemen, auf denen die Backup-Lösung Arcserve Unified Data Protection läuft, zugreifen.
---------------------------------------------
http://heise.de/-4202167


∗∗∗ Einkaufsbetrug mit gefälschten Smile Bank-Nachrichten ∗∗∗
---------------------------------------------
Privatverkäufer/innen erhalten Nachrichten von Kriminellen. Sie geben vor, im Ausland zu sein und wollen die angebotene Ware kaufen. Sie überweisen angeblich einen überhöhten Geldbetrag an ihre Vertragspartner/innen. Das sollen gefälschte Smile Bank-Nachrichten belegen. Schließlich sollen Verkäufer/innen den Differenzbetrag und die Ware ins Ausland senden. Dadurch verlieren sie ihre personenbezogenen Daten, ihr Geld und ihre Produkte an Betrüger/innen.
---------------------------------------------
https://www.watchlist-internet.at/news/einkaufsbetrug-mit-gefaelschten-smile-bank-nachrichten/


∗∗∗ Nike-Markenfälscher auf coldenemy.com ∗∗∗
---------------------------------------------
Die neuesten Schuhe von Nike um 70 Prozent vergünstigt? Das gibt's auf coldenemy.com. Wer hier bestellt, erhält minderwertige Ware, die nichts mit dem gekauften Produkt zu tun hat. Außerdem gelangen Kredit- und Personendaten in die Hände von Kriminellen.
---------------------------------------------
https://www.watchlist-internet.at/news/nike-markenfaelscher-auf-coldenemycom/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Advantech WebAccess ∗∗∗
---------------------------------------------
This advisory includes mitigations for stack-based buffer overflow, external control of file name or path, improper privilege management, and path traversal vulnerabilities in Advantechs WebAccess.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-296-01


∗∗∗ GAIN Electronic Co. Ltd SAGA1-L Series ∗∗∗
---------------------------------------------
This advisory includes mitigations for authentication bypass by capture-relay, improper access control, and improper authentication vulnerabilities in GAIN Electronics SAGA1-L series transmitters.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-296-02


∗∗∗ Telecrane F25 Series ∗∗∗
---------------------------------------------
This advisory includes mitigations for an authentication bypass by capture-replay vulnerability in the Telecrane F25 Series software.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-296-03


∗∗∗ BitDefender Digital Signature Bypass Lets Remote Users Execute Arbitrary Code ∗∗∗
---------------------------------------------
A remote user can cause arbitrary code that is located elsewhere to be executed on the target users system due to a bypass of the digital signature GravityZone verification tools. Additional information is available at: https://labs.nettitude.com/blog/cve-2018-8955-bitdefender-gravityzone-arbitrary-code-execution/
---------------------------------------------
https://www.securitytracker.com/id/1041940


∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Fedora (hesiod, lighttpd, and opencc), openSUSE (apache-pdfbox, net-snmp, pam_pkcs11, rpm, tiff, udisks2, and wireshark), SUSE (dhcp, ghostscript-library, ImageMagick, libraw, net-snmp, ntp, postgresql96, rust, tiff, xen, and zziplib), and Ubuntu (mysql-5.5, mysql-5.7).
---------------------------------------------
https://lwn.net/Articles/769415/


∗∗∗ IBM Security Bulletins ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/


∗∗∗ October 23, 2018   TNS-2018-13   [R1] LCE 5.1.1 Fixes Multiple Third-party Vulnerabilities ∗∗∗
---------------------------------------------
http://www.tenable.com/security/tns-2018-13


∗∗∗ October 23, 2018   TNS-2018-14   [R1] Nessus 8.0.0 Fixes Multiple Third-party Vulnerabilities ∗∗∗
---------------------------------------------
http://www.tenable.com/security/tns-2018-14


∗∗∗ Security vulnerabilities fixed in Firefox ESR 60.3 ∗∗∗
---------------------------------------------
https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/


∗∗∗ Security vulnerabilities fixed in Firefox 63 ∗∗∗
---------------------------------------------
https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list