Daily

daily@lists.cert.at

1 participants
3154 discussions

Tageszusammenfassung - 12.10.2017
by Daily end-of-shift report 12 Oct '17

12 Oct '17

===================== = End-of-Day report = ===================== Timeframe: Mittwoch 11-10-2017 18:00 − Donnerstag 12-10-2017 18:00 Handler: Alexander Riepl Co-Handler: n/a ===================== = News = ===================== ∗∗∗ Over The Air - Vol. 2, Pt. 3: Exploiting The Wi-Fi Stack on Apple Devices ∗∗∗ --------------------------------------------- Posted by Gal Beniamini, Project ZeroIn this blog post we’ll complete our goal of achieving remote kernel code execution on the iPhone 7, by means of Wi-Fi communication alone.After developing a Wi-Fi firmware exploit in the previous blog post, we are left with the task of using our newly acquired access to gain control over the XNU kernel. To this end, we’ll begin by investigating the isolation mechanisms present on the iPhone. Next, we’ll explore the ways in which the host --------------------------------------------- http://googleprojectzero.blogspot.com/2017/10/over-air-vol-2-pt-3-exploitin… ∗∗∗ Kritische Sicherheitslücke in Thunderbird 52.4 geschlossen ∗∗∗ --------------------------------------------- Die Entwickler von Thunderbird haben sich in der aktuellen Version um mehrere Schwachstellen gekümmert. Wer die neue Version nicht installiert, könnte sich unter Umständen Schadcode einfangen. --------------------------------------------- https://heise.de/-3858847 ∗∗∗ Bankingtrojaner Retefe für macOS in deutscher Sprache ∗∗∗ --------------------------------------------- Eine neue Version vom Retefe-Schädling tarnt sich unter anderem als OS-X-Update und wird derzeit etwa über gefälschte DHL-Mails verteilt. Auch Windows-Nutzer sind gefährdet. --------------------------------------------- https://heise.de/-3859911 ∗∗∗ Hacker stahlen sensible Daten der australischen Rüstungsindustrie ∗∗∗ --------------------------------------------- Rüstungsminister Pyne sieht keine Gefahr für das Militär --------------------------------------------- http://derstandard.at/2000065885898 ∗∗∗ Kritische Lücke in Microsoft Office ermöglicht Remote Code Execution ∗∗∗ --------------------------------------------- Researcher haben eine schwerwiegende Sicherheitslücke in Microsoft Office entdeckt. Beschreibung: Wenn ein Benutzer eine speziell präparierte Datei im Microsoft Excel-Format oder Microsoft Word-Format öffnet, kann in Folge ein Angreifer beliebigen Code, mit den Rechten des angemeldeten Benutzers, auf dem System ausführen. --------------------------------------------- http://www.cert.at/warnings/all/20171011.html ===================== = Vulnerabilities = ===================== ∗∗∗ DSA-3997 wordpress - security update ∗∗∗ --------------------------------------------- Several vulnerabilities were discovered in Wordpress, a web blogging tool.They would allow remote attackers to exploit path-traversal issues, perform SQLinjections and various cross-site scripting attacks. --------------------------------------------- https://www.debian.org/security/2017/dsa-3997 ∗∗∗ DSA-3998 nss - security update ∗∗∗ --------------------------------------------- Martin Thomson discovered that nss, the Mozilla Network Security Servicelibrary, is prone to a use-after-free vulnerability in the TLS 1.2implementation when handshake hashes are generated. A remote attackercan take advantage of this flaw to cause an application using the nsslibrary to crash, resulting in a denial of service, or potentially toexecute arbitrary code. --------------------------------------------- https://www.debian.org/security/2017/dsa-3998 ∗∗∗ JSA10809 - 2017-10 Security Bulletin: SRX Series: Cryptographic weakness in SRX300 Series TPM Firmware (CVE-2017-10606) ∗∗∗ --------------------------------------------- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10809&actp=RSS ∗∗∗ JSA10810 - 2017-10 Security Bulletin: Junos: rpd core due to receipt of specially crafted BGP packet (CVE-2017-10607) ∗∗∗ --------------------------------------------- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10810&actp=RSS ∗∗∗ JSA10817 - 2017-10 Security Bulletin: Junos OS: Denial of service vulnerabilities in telnetd (CVE-2017-10614, CVE-2017-10621) ∗∗∗ --------------------------------------------- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10817&actp=RSS ∗∗∗ JSA10819 - 2017-10 Security Bulletin: Contrail: hard coded credentials (CVE-2017-10616) and XML External Entity (XXE) vulnerability (CVE-2017-10617) ∗∗∗ --------------------------------------------- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10819&actp=RSS ∗∗∗ Java SE vulnerability CVE-2017-10078 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K41815723 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 11.10.2017
by Daily end-of-shift report 11 Oct '17

11 Oct '17

===================== = End-of-Day report = ===================== Timeframe: Dienstag 10-10-2017 18:00 − Mittwoch 11-10-2017 18:00 Handler: Alexander Riepl Co-Handler: n/a ===================== = News = ===================== ∗∗∗ Antivirus: Symantec will keine Code-Reviews durch Regierungen mehr ∗∗∗ --------------------------------------------- Aus Angst vor Spionage will die Sicherheitsfirma Symantec nach Angaben ihres CEO keine Regierungen mehr in den eigenen Code schauen lassen. Anlass war offenbar eine Anfrage der russischen Regierung. --------------------------------------------- https://www.golem.de/news/antivirus-symantec-will-keine-code-reviews-durch-… ∗∗∗ Internal Accenture Data, Customer Information Exposed in Public Amazon S3 Bucket ∗∗∗ --------------------------------------------- Global consulting firm Accenture is the latest giant organization leaving sensitive internal and customer data exposed in a publicly available Amazon Web Services S3 storage bucket. --------------------------------------------- http://threatpost.com/internal-accenture-data-customer-information-exposed-… ∗∗∗ October 2017 security update release ∗∗∗ --------------------------------------------- Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend .. --------------------------------------------- https://blogs.technet.microsoft.com/msrc/2017/10/10/october-2017-security-u… ∗∗∗ Credit Card Stealer Investigation Uncovers Malware Ring ∗∗∗ --------------------------------------------- During a recent investigation, I found a new piece of malicious code being used to steal credit card information from compromised Magento sites. What I didn’t know was how many domains would be uncovered as part of the malware campaign. Each of the malicious domain names was specifically chosen to appear as legitimate as possible to the website .. --------------------------------------------- https://blog.sucuri.net/2017/10/credit-card-stealer-investigation-uncovers-… ∗∗∗ iOS: So einfach lassen sich Passwörter von Apple-Nutzern stehlen ∗∗∗ --------------------------------------------- Softwareentwickler zeigt, wie leicht täuschend echt aussehende Passwort-Anfragen erstellt werden können --------------------------------------------- http://derstandard.at/2000065785641 ∗∗∗ BSI warnt nicht vor Kaspersky-Produkten ∗∗∗ --------------------------------------------- Russische Hacker sollen Virenscanner der russischen Firma genutzt haben --------------------------------------------- http://derstandard.at/2000065833977 ∗∗∗ October 2017 Office Update Release ∗∗∗ --------------------------------------------- The October 2017 Public Update releases for Office are now available! This month, there are 26 security updates and 27 non-security updates. All of the security and non-security updates are listed in .. --------------------------------------------- https://blogs.technet.microsoft.com/office_sustained_engineering/2017/10/10… ===================== = Vulnerabilities = ===================== ∗∗∗ LAVA Computer MFG Inc. Ether-Serial Link ∗∗∗ --------------------------------------------- This advisory contains mitigation details for an authentication bypass by spoofing vulnerability in the LAVA Ether-Serial Links firmware. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-17-283-01 ∗∗∗ JanTek JTC-200 ∗∗∗ --------------------------------------------- This advisory contains mitigation details for cross-site request forgery and improper authentication vulnerabilities in JanTeks JTC-200 TCP/IP converter. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-17-283-02 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 10.10.2017
by Daily end-of-shift report 10 Oct '17

10 Oct '17

===================== = End-of-Day report = ===================== Timeframe: Montag 09-10-2017 18:00 − Dienstag 10-10-2017 18:00 Handler: Alexander Riepl Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ ATMii Malware Makes Windows 7 and Windows Vista ATMs Spit Out Cash ∗∗∗ --------------------------------------------- Security researchers have discovered a new ATM malware strain named ATMii that targets only ATMs running on Windows 7 and Windows Vista. --------------------------------------------- https://www.bleepingcomputer.com/news/security/atmii-malware-makes-windows-… ∗∗∗ Changes in Password Best Practices ∗∗∗ --------------------------------------------- NIST recently published their four-volume SP800-63-3 Digital Identity Guidelines. Among other things, they make three important suggestions when it comes to passwords:Stop it with the annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially complex passwords are harder to type in. And they dont help that much. Its better to allow people to use pass phrases.Stop it with password expiration. That was an old idea for an old way we used [...] --------------------------------------------- https://www.schneier.com/blog/archives/2017/10/changes_in_pass.html ∗∗∗ The Absurdly Underestimated Dangers of CSV Injection ∗∗∗ --------------------------------------------- In some ways this is old news, but in other ways…well, I think few realize how absolutely devastating and omnipresent this vulnerability can be. It is an attack vector available in every application I’ve ever seen that takes user input and allows administrators to bulk export to CSV. --------------------------------------------- http://georgemauer.net/2017/10/07/csv-injection.html ∗∗∗ Financial Times bekämpft Werbebetrug ∗∗∗ --------------------------------------------- Millionenverluste durch Domain-Spoofing: Werbenetzwerke verkauften Videowerbung für Leser der Financial Times, die aber tatsächlich auf anderen Websites ausgespielt wurde. --------------------------------------------- https://www.heise.de/newsticker/meldung/Financial-Times-bekaempft-Werbebetr… ∗∗∗ Google-Analyse: Microsoft patcht Windows 7/8 teilweise nicht ∗∗∗ --------------------------------------------- Forscher von Google haben nachgewiesen, dass Microsoft Sicherheitslücken in Windows 10 behoben hat, die gleichen Lücken in Windows 7 und 8 jedoch offen ließ. Patches kamen erst, als die Veröffentlichung durch Project Zero drohte. --------------------------------------------- https://heise.de/-3852695 ∗∗∗ Über 37.000 Chrome-Nutzer installierten gefälschte Adblock-Plus-Extension ∗∗∗ --------------------------------------------- Die Browser-Erweiterung Adblock Plus soll vor Werbung und Schadcode schützen. Eine kürzlich aus dem Chrome Web Store entfernte Extension gleichen Namens führte das genaue Gegenteil im Schilde. Im Zweifel ist eine Neuinstallation ratsam. --------------------------------------------- https://heise.de/-3854625 ∗∗∗ Sicherheits-App der Erste Bank ist Schadsoftware ∗∗∗ --------------------------------------------- Kriminelle versenden eine gefälschte Erste Bank und Sparkasse-Nachricht. Darin behaupten sie, dass das Konto von Kund/innen eingeschränkt worden sei und sie zur weiteren Benutzung eine Sicherheits-App installieren müssen. Die angebliche Sicherheits-App ist Schadsoftware. Wer sie isntalliert, ermöglicht Kriminellen Zugriff auf das eigene Konto. --------------------------------------------- https://www.watchlist-internet.at/schadsoftware/sicherheits-app-der-erste-b… ===================== = Vulnerabilities = ===================== ∗∗∗ SAP Security Patch Day – October 2017 ∗∗∗ --------------------------------------------- This post by SAP Product Security Response Team shares information on Patch Day Security Notes* that are released on second Tuesday of every month and fix vulnerabilities discovered in SAP products. SAP strongly recommends that [...] --------------------------------------------- https://blogs.sap.com/2017/10/10/sap-security-patch-day-october-2017/ ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Host On-Demand ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg22009289 ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect (formerly Tivoli Storage Manager) Operations Center and Client Management Services (CVE-2017-10115, CVE-2017-10116) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22009293 ∗∗∗ IBM Security Bulletin: WebSphere Application Server Edge Caching Proxy may be vulnerable to HTTP response splitting (CVE-2017-1503) ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg22006815 ∗∗∗ IBM Security Bulletin: Open Source Apache Cordova Android Vulnerabilities affect IBM Worklight and IBM MobileFirst Platform Foundation ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg2C1000350 ∗∗∗ IBM Security Bulletin:IBM Integration Bus is affected by deserialization RCE vulnerability in IBM WebSphere JMS Client ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22008829 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 09.10.2017
by Daily end-of-shift report 09 Oct '17

09 Oct '17

===================== = End-of-Day report = ===================== Timeframe: Freitag 06-10-2017 18:00 − Montag 09-10-2017 18:00 Handler: Alexander Riepl Co-Handler: n/a ===================== = News = ===================== ∗∗∗ Sicherheitssoftware: Schlangenöl oder notwendiges Übel? ∗∗∗ --------------------------------------------- Als Schlangenöl wurden in Zeiten des Wilden Westens vorwiegend medizinische Produkte und Hilfsmittel bezeichnet, deren Wirkung wenig bis keinen Ursprung in den darin verwendeten Zutaten hatte oder schlicht nicht existent war. Der Begriff wird mittlerweile auch im Software-Kontext für Produkte verwendet, die mehr versprechen, als sie halten können. Besonders .. --------------------------------------------- https://www.dfn-cert.de/aktuell/sicherheitssoftware-schlangenoel.html ∗∗∗ Foren-Tool Disqus gehackt: 17,5 Millionen User betroffen ∗∗∗ --------------------------------------------- Der Vorfall, bei dem Usernamen und Passwörter abgegriffen wurden, ereignete sich bereits vor fünf Jahren. Disqus will bis jetzt nichts davon gewusst haben. --------------------------------------------- https://futurezone.at/digital-life/foren-tool-disqus-gehackt-17-5-millionen… ∗∗∗ Passwortmanager im Vergleich: Das letzte Passwort, das du dir jemals merken musst ∗∗∗ --------------------------------------------- Menschen scheinen nicht dafür gemacht, sich sehr viele komplizierte Passwörter zu merken. Abhilfe schaffen Passwortmanager. Wir haben die Lösungen von Keepass, Lastpass, 1Password und Dashlane verglichen - und bei allen Stärken gefunden. --------------------------------------------- https://www.golem.de/news/passwortmanager-im-vergleich-das-letzte-passwort-… ∗∗∗ After selling his site for millions, founder hacked it for a second payday ∗∗∗ --------------------------------------------- Rigzone founder sentenced for data duplication scheme "Operation Resume Hoard" was going well. Initiated around April 1, 2015, it represented David W. Kents plan to build the membership of his oil and gas industry .. --------------------------------------------- www.theregister.co.uk/2017/10/07/after_selling_site_for_millions_founder_ha… ∗∗∗ Dnsmasq: A Reality Check and Remediation Practices ∗∗∗ --------------------------------------------- Dnsmasq is the de-facto tool for meeting the DNS/DHCP requirements of small servers and embedded devices. Recently, Google Security researchers identified seven vulnerabilities that can allow a remote attacker to execute code on, leak information from, or crash a device running a Dnsmasq version earlier than 2.78, if configured .. --------------------------------------------- http://blog.trendmicro.com/trendlabs-security-intelligence/dnsmasq-reality-… ∗∗∗ John Kellys Hacked Phone Could Be a Major National Security Issue ∗∗∗ --------------------------------------------- When the former head of the Department of Homeland Security and current White House Chief of Staffs personal smartphone gets hacked, nothing good can happen. --------------------------------------------- https://www.wired.com/story/john-kelly-hacked-phone ∗∗∗ TLS 1.3: Security-Devices verhindern die Einführung ∗∗∗ --------------------------------------------- Alle Security-Experten sind sich einig, dass der Standard TLS 1.3 ein deutlicher Schritt zu mehr Sicherheit im Internet wäre. Doch ausgerechnet Security-Devices, die Verschlüsselung aufbrechen, verhindern die Einführung auf nicht absehbare Zeit. --------------------------------------------- https://heise.de/-3852819 ∗∗∗ Testing Security Keys ∗∗∗ --------------------------------------------- http://www.imperialviolet.org/2017/10/08/securitykeytest.html ===================== = Vulnerabilities = ===================== ∗∗∗ DSA-3993 tor - security update ∗∗∗ --------------------------------------------- https://www.debian.org/security/2017/dsa-3993 ∗∗∗ DSA-3994 nautilus - security update ∗∗∗ --------------------------------------------- https://www.debian.org/security/2017/dsa-3994 ∗∗∗ Symantec Endpoint Encryption / Symantec Encryption Desktop DoS ∗∗∗ --------------------------------------------- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=se… ∗∗∗ HPESBHF03777 rev.2 - HPE Intelligent Management Center (iMC) PLAT, Remote Denial of Service ∗∗∗ --------------------------------------------- https://h20565.www2.hpe.com/portal/site/hpsc/template.PAGE/action.process/p… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 06.10.2017
by Daily end-of-shift report 06 Oct '17

06 Oct '17

===================== = End-of-Day report = ===================== Timeframe: Donnerstag 05-10-2017 18:00 − Freitag 06-10-2017 18:00 Handler: Stephan Richter Co-Handler: n/a ===================== = News = ===================== ∗∗∗ Hackers Hijack Ongoing Email Conversations to Insert Malicious Documents ∗∗∗ --------------------------------------------- A group of hackers is using a sophisticated technique of hijacking ongoing email conversations to insert malicious documents that appear to be coming from a legitimate source and infect other targets participating in the same conversational thread. [...] --------------------------------------------- https://www.bleepingcomputer.com/news/security/hackers-hijack-ongoing-email… ∗∗∗ IT-Sicherheit: Für das FBI Botnetze ausschalten ∗∗∗ --------------------------------------------- Der deutsche IT-Sicherheitsforscher Tillmann Werner hat der US-Behörde FBI geholfen, einen gefährlichen Hacker zu jagen. --------------------------------------------- https://www.golem.de/news/it-sicherheit-fuer-das-fbi-botnetze-ausschalten-1… ∗∗∗ Geheimdienste: Wenn Hacker Hacker hacken, scheitert die Attribution ∗∗∗ --------------------------------------------- Einen Hack bis zu seinem Ursprung zurückzuverfolgen, gilt im IT-Sicherheitsbereich als schwieriges Geschäft. Neue Forschungen von Kaspersky zeigen, dass die Situation noch verfahrener ist, als bislang angenommen. --------------------------------------------- https://www.golem.de/news/geheimdienste-wenn-hacker-hacker-hacken-scheitert… ∗∗∗ Whats in a cable? The dangers of unauthorized cables, (Fri, Oct 6th) ∗∗∗ --------------------------------------------- As data speeds have increased over the last few years, and interface ports have become more and more multi-functioning and integrated, cables have started to pose a very particular and real danger. So far, they often have been ignored and considered "dumb wires". But far from that, many cables these days hold logic chips of their own and in some cases even upgradable (replaceable) firmware. --------------------------------------------- https://isc.sans.edu/diary/rss/22904 ∗∗∗ Dumb bug of the week: Apples macOS reveals your encrypted drives password in the hint box ∗∗∗ --------------------------------------------- High Sierra update derided by devs as half-baked | Apple on Thursday released a security patch for macOS High Sierra 10.13 to address vulnerabilities in Apple File System (APFS) volumes and its Keychain software. --------------------------------------------- http://go.theregister.com/feed/www.theregister.co.uk/2017/10/05/apple_patch… ∗∗∗ Wenn Facebook-Freund/innen nach Geld fragen ∗∗∗ --------------------------------------------- Nachdem Facebook-Konten erfolgreich gehackt wurden, versuchen Betrüger daraus Kapital zu schlagen. Aus diesem Grund schreiben sie Kontakte an und erfinden Geschichten, um an schnelles Geld zu kommen. Um kein Opfer dieser Masche zu werden, sollte den Inhalten nicht leichtfertig geglaubt werden. --------------------------------------------- https://www.watchlist-internet.at/facebook-betrug/wenn-facebook-freundinnen… ∗∗∗ Cyber-Sicherheit am Arbeitsplatz: Persönliche Daten im Internet schützen ∗∗∗ --------------------------------------------- https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2017/ECSM_BSI_06… ===================== = Vulnerabilities = ===================== ∗∗∗ GE CIMPLICITY ∗∗∗ --------------------------------------------- This advisory contains mitigation details for a stack-based buffer overflow vulnerability in GEs CIMPLICITY. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-17-278-01 ∗∗∗ ZDI-17-838: (0Day) Microsoft Windows WAV File Uninitialized Pointer Denial of Service Vulnerability ∗∗∗ --------------------------------------------- This vulnerability allows remote attackers to cause a denial-of-service condition on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-17-838/ ∗∗∗ DFN-CERT-2017-1757: Ruby: Mehrere Schwachstellen ermöglichen u.a. die Ausführung beliebigen Programmcodes ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2017-1757/ ∗∗∗ HPESBHF03786 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution ∗∗∗ --------------------------------------------- https://h20565.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=e… ∗∗∗ IBM Security Bulletin: Multiple Vulnerabilities in the IBM SDK Java Technology Edition affect IBM Notes ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22009253 ∗∗∗ IBM Security Bulletin: Multiple DB2 vulnerabilities affect IBM Spectrum Protect (formerly Tivoli Storage Manger) Server (CVE-2017-1105, CVE-2017-1297) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22009194 ∗∗∗ IBM Security Bulletin: Multiple Vulnerabilities in Open Source zlib affect IBM Netezza SQL Extensions ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22001212 ∗∗∗ Linux kernel vulnerability CVE-2017-14106 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K62178133 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 05.10.2017
by Daily end-of-shift report 05 Oct '17

05 Oct '17

===================== = End-of-Day report = ===================== Timeframe: Mittwoch 04-10-2017 18:00 − Donnerstag 05-10-2017 18:00 Handler: Stephan Richter Co-Handler: n/a ===================== = News = ===================== ∗∗∗ Mozilla to End All Firefox Support for XP and Vista in June 2018 ∗∗∗ --------------------------------------------- Mozilla announced today plans to discontinue any support for the Firefox browser on Windows XP and Vista in June 2018. [...] --------------------------------------------- https://www.bleepingcomputer.com/news/software/mozilla-to-end-all-firefox-s… ∗∗∗ Avast: Ccleaner-Malware hat drei Stufen und verschont 64-Bit-PCs ∗∗∗ --------------------------------------------- Die Malware in einer Ccleaner-Version hatte mindestens drei Stufen - von der ersten waren 1,65 Millionen Personen betroffen. Wer ein 64-Bit-Windows nutzt, soll allerdings nichts zu befürchten haben. --------------------------------------------- https://www.golem.de/news/avast-ccleaner-malware-hat-drei-stufen-und-versch… ∗∗∗ Security Awareness Month: How to Help Friends and Family, (Wed, Oct 4th) ∗∗∗ --------------------------------------------- For the last few years, October has been "Security Awareness Month", with various organizations using it to promote security awareness. We have done a few "themed" diaries around security awareness in past years, but for the most part, there isn't that much new to say for our core audience. Security awareness is however still a big issue for the rest of humanity, and if you are looking for advice to help friends and family become more security-aware, then the [...] --------------------------------------------- https://isc.sans.edu/diary/rss/22896 ∗∗∗ SYSCON Backdoor Uses FTP as a C&C Channel ∗∗∗ --------------------------------------------- Bots can use various methods to establish a line of communication between themselves and their command-and-control (C&C) server. Usually, these are done via HTTP or other TCP/IP connections. However, we recently encountered a botnet that uses a more unusual method: an FTP server that, in effect, acts as a C&C server. --------------------------------------------- http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/Mw_aCJ0nNos/ ∗∗∗ Common Sense in EDI Security ∗∗∗ --------------------------------------------- [...] Looking at these examples, we can see that security is a process, a chain of events; for security measures to succeed, every link in the chain of events must be as secure as possible. --------------------------------------------- https://www.tripwire.com/state-of-security/security-data-protection/common-… ∗∗∗ Outsmarting grid security threats ∗∗∗ --------------------------------------------- Almost two-thirds (63 percent) of utility executives believe their country faces at least a moderate risk of electricity supply interruption from a cyberattack on electric distribution grids in the next five years. The Accenture survey of more than 100 utilities executives from over 20 countries revealed interruptions to the power supply from cyberattacks is the most serious concern, cited by 57 percent of respondents. Just as worrying is the physical threat to the distribution grid. --------------------------------------------- https://www.helpnetsecurity.com/2017/10/05/grid-security-threats/ ∗∗∗ PoC for several Magento vulnerabilities released, update now! ∗∗∗ --------------------------------------------- DefenseCode has published proof of concept code for two CSRF and stored XSS vulnerabilities affecting a number of versions of the popular e-commerce platform Magento. Magento is an open source platform that provides merchants with control over their online stores and a shopping cart system, as well as tools to improve the visibility and management of the shop. About the vulnerabilities Security researcher Bosko Stankovic discovered the security flaws during a security audit of Magento [...] --------------------------------------------- https://www.helpnetsecurity.com/2017/10/05/magento-vulnerability-poc-code/ ===================== = Vulnerabilities = ===================== ∗∗∗ iManager 3.0.4 ∗∗∗ --------------------------------------------- Abstract: This patch addresses important issues found since the original release of iManager 3.0. --------------------------------------------- https://download.novell.com/Download?buildid=r_GBmD8A9cU~ ∗∗∗ eDirectory 9.0.4 ∗∗∗ --------------------------------------------- Abstract: This update is being provided to resolve important issues found since the original release of Novell eDirectory 9.0. --------------------------------------------- https://download.novell.com/Download?buildid=WKnTKcctISw~ ∗∗∗ Apple security update for watchOS ∗∗∗ --------------------------------------------- watchOS 4.0.1 includes the security content of watchOS 4 and is available for Apple Watch Series 3 (GPS + Cellular). --------------------------------------------- https://support.apple.com/en-us/HT208163 ∗∗∗ DFN-CERT-2017-1736: Digium Asterisk, Digium Certified Asterisk: Eine Schwachstelle ermöglicht das Ausspähen von Informationen ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2017-1736/ ∗∗∗ DFN-CERT-2017-1750: cURL: Eine Schwachstelle ermöglicht einen Denial-of-Service-Angriff ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2017-1750/ ∗∗∗ DFN-CERT-2017-1755: Sophos UTM Manager: Mehrere Schwachstellen ermöglichen Denial-of-Service-Angriffe ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2017-1755/ ∗∗∗ Cisco Security Advisories and Alerts ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/publicationListing.x ∗∗∗ IBM Security Bulletins ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ ∗∗∗ SSA-971654 (Last Update 2017-10-05): Authentication Bypass in 7KT PAC1200 Data Manager from the SENTRON Portfolio ∗∗∗ --------------------------------------------- https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-971654… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 04.10.2017
by Daily end-of-shift report 04 Oct '17

04 Oct '17

===================== = End-of-Day report = ===================== Timeframe: Dienstag 03-10-2017 18:00 − Mittwoch 04-10-2017 18:00 Handler: Stephan Richter Co-Handler: n/a ===================== = News = ===================== ∗∗∗ Microsoft Announces New Tool to Investigate Memory Corruption Bugs ∗∗∗ --------------------------------------------- Microsoft announced yesterday a new tool that automates the process of detecting the root cause of memory corruption issues. [...] --------------------------------------------- https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-new-too… ∗∗∗ New Rowhammer Attack Bypass Previously Proposed Countermeasures ∗∗∗ --------------------------------------------- Security researchers have come up with a variation of the Rowhammer attack that bypasses all previously proposed countermeasures. [...] --------------------------------------------- https://www.bleepingcomputer.com/news/security/new-rowhammer-attack-bypass-… ∗∗∗ Website Hosting: Security Awareness Can Reduce Costs ∗∗∗ --------------------------------------------- Website hosting security has matured in recent years. Naturally, the types of security issues have changed because of it. For example, cross-contamination over multiple shared hosting accounts used to be a major problem for large website hosting providers, but this isn’t really a huge threat today. However, malware attacks and other website security-related issues at the account level are still very real problems – just ask anyone who has had their website defaced, redirected, or [...] --------------------------------------------- http://feedproxy.google.com/~r/sucuri/blog/~3/3W5Ls3JO36o/website-hosting-s… ===================== = Vulnerabilities = ===================== ∗∗∗ DSA-3991 qemu - security update ∗∗∗ --------------------------------------------- Multiple vulnerabilities were found in qemu, a fast processor emulator: --------------------------------------------- https://www.debian.org/security/2017/dsa-3991 ∗∗∗ Apple Releases Security Update for iOS ∗∗∗ --------------------------------------------- Original release date: October 03, 2017 Apple has released iOS 11.0.2 to address vulnerabilities in previous versions of iOS. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. --------------------------------------------- https://www.us-cert.gov/ncas/current-activity/2017/10/03/Apple-Releases-Sec… ∗∗∗ Apache Releases Security Updates for Apache Tomcat ∗∗∗ --------------------------------------------- Original release date: October 03, 2017 The Apache Software Foundation has released Apache Tomcat 9.0.1 and 8.5.23 to address a vulnerability in previous versions of the software. A remote attacker could exploit this vulnerability to take control of an affected server. --------------------------------------------- https://www.us-cert.gov/ncas/current-activity/2017/10/03/Apache-Releases-Se… ∗∗∗ Apache Struts 2 Remote Code Execution Vulnerability Affecting Multiple Cisco Products: September 2017 ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Multiple Vulnerabilities in Apache Struts 2 Affecting Cisco Products: September 2017 ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco Integrated Management Controller Privilege Escalation Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco Integrated Management Controller Remote Code Execution Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ IBM Security Advisories ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ ∗∗∗ Linux kernel vulnerability CVE-2017-14489 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K71796229 ∗∗∗ HPESBMU03753 rev.2 - HPE System Management Homepage for Windows and Linux, Multiple Remote Vulnerabilities ∗∗∗ --------------------------------------------- https://h20565.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=e… ∗∗∗ HPESBHF03782 rev.1 - HPE intelligent Management Center (iMC) PLAT, Remote Code Execution ∗∗∗ --------------------------------------------- https://h20565.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=e… ∗∗∗ HPESBHF03776 rev.1 - HPE Intelligent Management Center (iMC) Service Operation Management (SOM), Remote Arbitrary File Download ∗∗∗ --------------------------------------------- https://h20565.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=e… ∗∗∗ HPESBHF03778 rev.1 - HPE intelligent Management Center (iMC) PLAT, Remote Code Execution ∗∗∗ --------------------------------------------- https://h20565.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=e… ∗∗∗ HPESBHF03777 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Denial of Service ∗∗∗ --------------------------------------------- https://h20565.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=e… ∗∗∗ HPESBHF03781 rev.1 - HPE intelligent Management Center (iMC) PLAT, Remote Code Execution ∗∗∗ --------------------------------------------- https://h20565.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=e… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 03.10.2017
by Daily end-of-shift report 03 Oct '17

03 Oct '17

===================== = End-of-Day report = ===================== Timeframe: Montag 02-10-2017 18:00 − Dienstag 03-10-2017 18:00 Handler: Stephan Richter Co-Handler: n/a ===================== = News = ===================== ∗∗∗ Three WordPress Plugin Zero-Days Exploited in the Wild ∗∗∗ --------------------------------------------- Hackers have exploited three zero-days to install backdoors on WordPress sites, according to a security alert published minutes ago by WordPress security firm Wordfence. [...] --------------------------------------------- https://www.bleepingcomputer.com/news/security/three-wordpress-plugin-zero-… ∗∗∗ Security Bugs in Dnsmasq Affect Computers, Smartphones, Routers, IoT Devices ∗∗∗ --------------------------------------------- Security researchers at Google have found seven security bugs in the Dnsmasq application that put an inestimable number of desktops, servers, smartphones, routers, and other IoT devices at risk of hacking. [...] --------------------------------------------- https://www.bleepingcomputer.com/news/security/security-bugs-in-dnsmasq-aff… ∗∗∗ Cyber Security Challenge: Das Team Austria steht fest ∗∗∗ --------------------------------------------- Nach dem Finale ist vor dem Finale: Die Sieger der Austria Cyber Security Challenge trainieren jetzt für den Sieg im europäischen Hacker-Wettbewerb. --------------------------------------------- https://futurezone.at/digital-life/cyber-security-challenge-das-team-austri… ∗∗∗ Netgear Fixes 50 Vulnerabilities in Routers, Switches, NAS Devices ∗∗∗ --------------------------------------------- Netgear patches over a dozen vulnerabilities impacting its routers, switches and NAS devices. --------------------------------------------- http://threatpost.com/netgear-fixes-50-vulnerabilities-in-routers-switches-… ∗∗∗ E-Mail Tracking ∗∗∗ --------------------------------------------- Interesting survey paper: on the privacy implications of e-mail tracking: Abstract: We show that the simple act of viewing emails contains privacy pitfalls for the unwary. We assembled a corpus of commercial mailing-list emails, and find a network of hundreds of third parties that track email recipients via methods such as embedded pixels. About 30% of emails leak the recipients email address to one or more of these third parties when they are viewed. In the majority of cases, these leaks are [...] --------------------------------------------- https://www.schneier.com/blog/archives/2017/10/e-mail_tracking.html ∗∗∗ Outdated vendor systems leaving finance industry at risk ∗∗∗ --------------------------------------------- BitSight data scientists found that in most cases, companies in the finance industry supply chain are not meeting the same security standards that finance companies hold for their own organizations. The spread of BitSight Security Ratings amongst Finance Firms and monitored Legal, Technology, and Business Services organizations as of September 1st, 2017. "While finance organizations tend to have more sophisticated vendor risk management programs, there is a lot of work to be done to close [...] --------------------------------------------- https://www.helpnetsecurity.com/2017/10/03/outdated-vendor-systems/ ∗∗∗ Threat Hunting Part 2: Hunting on ICS Networks ∗∗∗ --------------------------------------------- In this edition of the Dragos Threat Hunting on ICS network series, we will compare threat hunting on industrial networks with concepts from the wider threat hunting community. We will also look at how the unique characteristics of industrial networks can be used to an advantage as network defense professionals [...] --------------------------------------------- https://dragos.com/blog/20170927-ThreatHuntingSeriesPart2.html ===================== = Vulnerabilities = ===================== ∗∗∗ Dnsmasq Contains Multiple Vulnerabilities ∗∗∗ --------------------------------------------- Original release date: October 03, 2017 Dnsmasq versions 2.77 and prior contain multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. --------------------------------------------- https://www.us-cert.gov/ncas/current-activity/2017/10/03/Dnsmasq-Contains-M… ∗∗∗ Android Security Bulletin—October 2017 ∗∗∗ --------------------------------------------- https://source.android.com/security/bulletin/2017-10-01 ∗∗∗ IBM Security Bulletins ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 02.10.2017
by Daily end-of-shift report 02 Oct '17

02 Oct '17

===================== = End-of-Day report = ===================== Timeframe: Freitag 29-09-2017 18:00 − Montag 02-10-2017 18:00 Handler: Stephan Richter Co-Handler: n/a ===================== = News = ===================== ∗∗∗ The Mobile Forensics Process: Steps & Types ∗∗∗ --------------------------------------------- Introduction: Importance of Mobile Forensics The term "mobile devices" encompasses a wide array of gadgets ranging from mobile phones, smartphones, tablets, and GPS units to wearables and PDAs. What they all have in common is the fact that they can contain a lot of user information. Mobile devices are right in the middle of three[...] --------------------------------------------- http://resources.infosecinstitute.com/mobile-forensics-process-steps-types/ ∗∗∗ Investigating Security Incidents with Passive DNS, (Mon, Oct 2nd) ∗∗∗ --------------------------------------------- Sometimes when you need to investigate a security incident or to check for suspicious activity, you become frustrated because the online resource that youre trying to reach has already been cleaned. We cannot blame system administrators and webmasters who are just doing their job. If some servers or websites remains compromised for weeks, others are very quickly restored/patched/cleaned to get rid of the malicious content. Its the same for domain names. Domains registered only for malicious [...] --------------------------------------------- https://isc.sans.edu/diary/rss/22886 ∗∗∗ DNSSEC Key Signing Key Rollover Postponed ∗∗∗ --------------------------------------------- Original release date: September 29, 2017 The Internet Corporation for Assigned Names and Numbers (ICANN) has announced that the change to the Root Zone Key Signing Key (KSK) scheduled for October 11, 2017, has been postponed. A new date for the Key Roll has not yet been determined.DNSSEC is a set of DNS protocol extensions used to digitally sign DNS information, which is an important part of preventing domain name hijacking. Updating the DNSSEC KSK is a crucial security step, similar to [...] --------------------------------------------- https://www.us-cert.gov/ncas/current-activity/2017/09/29/DNSSEC-Key-Signing… ∗∗∗ European Cyber Security Month: United against Cyber Security Threats ∗∗∗ --------------------------------------------- October 2017 is European Cyber Security Month and this year marks the 5th year anniversary of the European Cyber Security Month campaign. --------------------------------------------- https://www.enisa.europa.eu/news/enisa-news/european-cyber-security-month-u… ∗∗∗ Good Analysis = Understanding(tools + logs + normal) ∗∗∗ --------------------------------------------- We had a reader send an email in a couple of weeks ago asking about understanding the flags field when looking at data in a report. He didnt understand what the "flags" were referring to or what the actual flags mean. "They don’t appear related to TCP header flags like I’ve normally seen...S is the most common but I occasionally see RSA, RUS and a few others." --------------------------------------------- https://isc.sans.edu/forums/diary/Good+Analysis+Understandingtools+logs+nor… ===================== = Vulnerabilities = ===================== ∗∗∗ eDirectory 9.0.4 ∗∗∗ --------------------------------------------- Abstract: This update is being provided to resolve important issues found since the original release of Novell eDirectory 9.0. --------------------------------------------- https://download.novell.com/Download?buildid=WKnTKcctISw~ ∗∗∗ iManager 3.0.4 ∗∗∗ --------------------------------------------- Abstract: This patch addresses important issues found since the original release of iManager 3.0. --------------------------------------------- https://download.novell.com/Download?buildid=r_GBmD8A9cU~ ∗∗∗ XSA-245 ARM: Some memory not scrubbed at boot ∗∗∗ --------------------------------------------- Impact: Sensitive information from one domain before a reboot might be visible to another domain after a reboot. --------------------------------------------- https://xenbits.xen.org/xsa/advisory-245.html ∗∗∗ Vuln: SolarWinds Network Performance Monitor CVE-2017-9538 Denial of Service Vulnerability ∗∗∗ --------------------------------------------- http://www.securityfocus.com/bid/101066 ∗∗∗ DFN-CERT-2017-1723: GitLab: Mehrere Schwachstellen ermöglichen u.a. das Ausführen beliebiger Befehle ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2017-1723/ ∗∗∗ IBM Security Bulletins ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ ∗∗∗ SSA-535640 (Last Update 2017-10-02): Vulnerability in Industrial Products ∗∗∗ --------------------------------------------- https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640… ∗∗∗ HPESBMU03753 rev.2 - HPE System Management Homepage for Windows and Linux, Multiple Remote Vulnerabilities ∗∗∗ --------------------------------------------- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=e… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 29.09.2017
by Daily end-of-shift report 29 Sep '17

29 Sep '17

===================== = End-of-Day report = ===================== Timeframe: Donnerstag 28-09-2017 18:00 − Freitag 29-09-2017 18:00 Handler: Alexander Riepl Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ Macs Not Receiving EFI Firmware Security Updates as Expected ∗∗∗ --------------------------------------------- Researchers at Duo Security are expected today at Ekoparty to reveal data and a paper that shows Mac users are not receiving EFI firmware updates at expected. --------------------------------------------- http://threatpost.com/macs-not-receiving-efi-firmware-security-updates-as-e… ∗∗∗ ICANN Postpones Scheduled DNS Crypto Key Rollover ∗∗∗ --------------------------------------------- ICANN, the overseer of the Internet’s namespace, announced this week that it was postponing a scheduled change to the cryptographic key that protects the Domain Name System. --------------------------------------------- http://threatpost.com/icann-postpones-scheduled-dns-crypto-key-rollover/128… ∗∗∗ Fake Plugins, Fake Security ∗∗∗ --------------------------------------------- Update: The plugin name is fake and has nothing to do with well-known WP-SpamShield plugin in the official WordPress plugin repository. WordPress users are becoming increasingly more aware of security threats and as a result they are taking more actions to secure their websites (e.g. by installing security plugins). While this is a good thing, there are always black hats trying to take an advantage of new opportunities to compromise websites. --------------------------------------------- https://blog.sucuri.net/2017/09/fake-plugins-fake-security.html ∗∗∗ WiNX: The Ultra-Portable Wireless Attacking Platform ∗∗∗ --------------------------------------------- When you are performing penetration tests for your customers, you need to build your personal arsenal. Tools, pieces of hardware and software are collected here and there depending on your engagements to increase your toolbox. To perform Wireless intrusion tests, I’m a big fan of the WiFi Pineapple. I’ve one for [...] --------------------------------------------- https://blog.rootshell.be/2017/09/28/winx-ultra-portable-wireless-attacking… ∗∗∗ Anonymisierung: Sicherheitsupdates für Tor Browser und Tails ∗∗∗ --------------------------------------------- Der Tor Browser setzt nun auf eine abgesicherte Version von Firefox ESR. In Tails haben die Entwickler diverse Sicherheitslücken, darunter BlueBorne, geschlossen und raten zu einer zügigen Aktualisierung. --------------------------------------------- https://heise.de/-3847033 ===================== = Vulnerabilities = ===================== ∗∗∗ DSA-3985 chromium-browser - security update ∗∗∗ --------------------------------------------- Several vulnerabilities have been discovered in the chromium web browser. --------------------------------------------- https://www.debian.org/security/2017/dsa-3985 ∗∗∗ DSA-3985 chromium-browser - security update ∗∗∗ --------------------------------------------- https://www.debian.org/security/2017/dsa-3985 ∗∗∗ DFN-CERT-2017-1713: OpenVPN: Eine Schwachstelle ermöglicht einen Denial-of-Service-Angriff ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2017-1713/ ∗∗∗ IBM Security Bulletin: IBM WebSphere Commerce has a vulnerability in Marketing ESpots that could cause a denial of service (CVE-2017-1569) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22008547 ∗∗∗ IBM Security Bulletin: eDiscovery Manager is affected by an Open Source Apache POI Vulnerability ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=swg22005630 ∗∗∗ IBM Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, Business Process Manager, IBM Tivoli Monitoring shipped with IBM Cloud Orchestrator (CVE-2017-1194) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg2C1000343 ∗∗∗ IBM Security Bulletin: A security vulnerability has been identified in IBM Cloud Orchestrator (CVE-2017-1159) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg2C1000328 ∗∗∗ IBM Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Cloud Orchestrator and Cloud Orchestrator Enterprise (CVE-2016-8919) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg2C1000322 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Daily