===================== = End-of-Day report = =====================
Timeframe: Freitag 27-12-2019 18:00 − Montag 30-12-2019 18:00 Handler: Robert Waldner Co-Handler: Stephan Richter
===================== = News = =====================
∗∗∗ Lesser-known Tools for Android Application PenTesting ∗∗∗ --------------------------------------------- Over time, I became familiar with the different tools, popular or not, that helped me in my assessments. In this post, I’ll list down these not-so-popular tools (in my opinion based on the different sources and blogs that I have read where these tools were not mentioned) that I’m using during my engagements. --------------------------------------------- https://captmeelo.com/pentest/2019/12/30/lesser-known-tools-for-android-pent...
∗∗∗ 36C3: Vertraue keinem Bluetooth-Gerät – schon gar nicht im vernetzten Auto ∗∗∗ --------------------------------------------- Bei Chips zur drahtlosen Datenübertragung etwa via Bluetooth gibt es massive Sicherheitslücken. Bei geteilten Antennen lässt sich etwa WLAN ausknipsen. --------------------------------------------- https://heise.de/-4624388
===================== = Vulnerabilities = =====================
∗∗∗ Trend Micro AntiVirus für Mac: Schwachstelle ermöglicht Manipulation von Dateien ∗∗∗ --------------------------------------------- Trend Micro AntiVirus ist eine Anti-Viren-Software. --------------------------------------------- https://www.bsi-fuer-buerger.de/SharedDocs/Warnmeldungen/DE/TW/2019/12/warnm...
∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by SUSE (dia, kernel, and libgcrypt). --------------------------------------------- https://lwn.net/Articles/808135/
∗∗∗ Security updates for Monday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (debian-lan-config, freeimage, imagemagick, libxml2, mediawiki, openssl1.0, php5, and tomcat8). --------------------------------------------- https://lwn.net/Articles/808234/
∗∗∗ Intel SPS vulnerability CVE-2019-11109 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K54164678