===================== = End-of-Day report = =====================
Timeframe: Dienstag 27-02-2018 18:00 − Mittwoch 28-02-2018 18:00 Handler: Nina Bieringer Co-Handler: Alexander Riepl
===================== = News = =====================
∗∗∗ Free Decrypter Available for GandCrab Ransomware Victims ∗∗∗ --------------------------------------------- Bitdefender has released a free decrypter that helps victims of GandCrab ransomware infections recover files without paying the ransom. --------------------------------------------- https://www.bleepingcomputer.com/news/security/free-decrypter-available-for-...
∗∗∗ Dissecting Hancitor’s Latest 2018 Packer ∗∗∗ --------------------------------------------- https://researchcenter.paloaltonetworks.com/2018/02/unit42-dissecting-hancit...
∗∗∗ Sicherheits-Netzbetriebssystem: Fortinet präsentiert FortiOS 6.0 ∗∗∗ --------------------------------------------- Auf seiner Hausveranstaltung Accelerate 18 hat Fortinet Version 6.0 seines Security-Network-Betriebssystems FortiOS vorgestellt. Das Update umfasst über 200 Aktualisierungen. --------------------------------------------- https://www.heise.de/meldung/Sicherheits-Netzbetriebssystem-Fortinet-praesen...
∗∗∗ Electra: Erster umfassender Jailbreak für iOS 11 erschienen ∗∗∗ --------------------------------------------- Ein neuer Jailbreak soll erstmals den alternativen App Store Cydia auf iOS 11 bringen. Dafür wird der Exploit eines Google-Sicherheitsforschers eingesetzt, der allerdings nur in älteren Versionen des Betriebssystems funktioniert. --------------------------------------------- https://www.heise.de/meldung/Electra-Erster-umfassender-Jailbreak-fuer-iOS-1...
∗∗∗ Who Wasn’t Responsible for Olympic Destroyer? ∗∗∗ --------------------------------------------- This blog post is authored by Paul Rascagneres and Martin Lee.SummaryAbsent contributions from traditional intelligence capacities, the available evidence linking the Olympic Destroyer malware to a specific threat actor group is contradictory, and does not allow for unambiguous attribution. The threat actor responsible for the attack has purposefully included .. --------------------------------------------- http://feedproxy.google.com/~r/feedburner/Talos/~3/VvKIOSM9n5Y/who-wasnt-res...
∗∗∗ First true native IPv6 DDoS attack spotted in wild ∗∗∗ --------------------------------------------- https://www.scmagazineuk.com/news/first-true-native-ipv6-ddos-attack-spotted...
===================== = Vulnerabilities = =====================
∗∗∗ Emerson ControlWave Micro Process Automation Controller ∗∗∗ --------------------------------------------- This advisory includes mitigation recommendations for a stack-based buffer overflow vulnerability in the Emerson ControlWave Micro Process Automation Controller. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-058-03
∗∗∗ Delta Electronics WPLSoft ∗∗∗ --------------------------------------------- This advisory contains mitigation details for stack-based buffer overflow, heap-based buffer overflow, out-of-bounds write vulnerabilities in the Delta Electronics WPLSoft PLC programming software. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-058-02
∗∗∗ Medtronic 2090 Carelink Programmer Vulnerabilities ∗∗∗ --------------------------------------------- This medical device advisory contains mitigation details for vulnerabilities in Medtronic’s 2090 CareLink Programmer and its accompanying software deployment network. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-01
∗∗∗ Philips Intellispace Portal ISP Vulnerabilities ∗∗∗ --------------------------------------------- This medical device advisory contains mitigation details for vulnerabilities in the Philips’ IntelliSpace Portal (ISP), an advanced visualization and image analysis system. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
∗∗∗ Siemens SIMATIC Industrial PCs ∗∗∗ --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-058-01
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM InfoSphere Information Server ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg22013543
∗∗∗ IBM Security Bulletin: A vulnerability in Struts affects IBM InfoSphere Metadata Workbench ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg22013436
∗∗∗ Insecure Direct Object Reference in TestLink Open Source Test Management ∗∗∗ --------------------------------------------- https://www.sec-consult.com/en/blog/advisories/insecure-direct-object-refere...