===================== = End-of-Day report = =====================
Timeframe: Donnerstag 13-09-2018 18:00 − Freitag 14-09-2018 18:00 Handler: Alexander Riepl Co-Handler: n/a
===================== = News = =====================
∗∗∗ Interesting approach: Skill Squatting with Amazon Echo ∗∗∗ --------------------------------------------- Mishearing something every once in a while is a normal thing for humans. In that respect, Amazon Echo has some human characteristics as well. A research team from the University of Illinois has taken a closer look at Echo, Alexa and the abuse potential for malicious Alexa skills. They have presented their findings at the Usenix conference. --------------------------------------------- https://www.gdatasoftware.com/blog/2018/09/31112-skill-squatting-amazon-echo
∗∗∗ Windows, Linux Kodi Users Infected With Cryptomining Malware ∗∗∗ --------------------------------------------- An anonymous reader quotes a report from ZDNet: Users of Kodi, a popular media player and platform designed for TVs and online streaming, have been the targets of a malware campaign, ZDNet has learned from cyber-security firm .. --------------------------------------------- https://it.slashdot.org/story/18/09/13/2118233/windows-linux-kodi-users-infe...
∗∗∗ Apple Has Started Paying Hackers for iPhone Exploits ∗∗∗ --------------------------------------------- Lorenzo Franceschi-Bicchierai, reporting for Motherboard: In 2016, Apples head of security surprised the attendees of one of the biggest security conference in the world by announcing a bug bounty program for Apples mobile operating .. --------------------------------------------- https://it.slashdot.org/story/18/09/14/1441201/apple-has-started-paying-hack...
∗∗∗ Unsuccessfully Defaced Websites ∗∗∗ --------------------------------------------- Defaced websites are a type of hack that is easy to notice and a pain for website owners. Recently, we came across some defacement pages with a peculiar JavaScript injection included in the source code. What is a .. --------------------------------------------- https://blog.sucuri.net/2018/09/unsuccessfully-defaced-websites.html
∗∗∗ DarkCloud Bootkit ∗∗∗ --------------------------------------------- In an earlier blog about crypto-malware, we described different techniques used by cybercriminals, such as cryptomining and wallet stealing. In this blog, we will provide a technical analysis of yet another type of .. --------------------------------------------- https://www.zscaler.com/blogs/research/darkcloud-bootkit
∗∗∗ Bug in Intels ME-Firmware: Wieder BIOS-Updates nötig ∗∗∗ --------------------------------------------- Die russischen Experten von PTE haben erneut einen schwerwiegenden Bug bei kryptografischen Schlüsseln in Intels Management Engine (ME) entdeckt. --------------------------------------------- https://heise.de/-4165732
∗∗∗ GlobeImposter use new ways to spread to the globe: How to prevent falling victims? ∗∗∗ --------------------------------------------- Recently, there have been many incidents of ransomware attacks. Once users are .. --------------------------------------------- https://blog.360totalsecurity.com/en/globeimposter-use-new-ways-to-spread-to...
∗∗∗ Hacking an assault tank… A Nerf one ∗∗∗ --------------------------------------------- TL;DR A complex, challenging reverse and hijack of a toy tank Nerf gun camera, but the result was we got to shoot the 44Con conference organiser with it! Why A remote-controlled Nerf gun with .. --------------------------------------------- https://www.pentestpartners.com/security-blog/hacking-an-assault-tank-a-nerf...
===================== = Vulnerabilities = =====================
∗∗∗ Honeywell Mobile Computers with Android Operating Systems ∗∗∗ --------------------------------------------- This advisory includes mitigations for an improper privilege management vulnerability in the Honeywell mobile computers running the Android Operating System. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-256-01
∗∗∗ CVE-2018-16962: Webroot SecureAnywhere macOS Kernel Level Memory Corruption ∗∗∗ --------------------------------------------- https://trustwave.com/Resources/SpiderLabs-Blog/CVE-2018-16962--Webroot-Secu...
∗∗∗ HPESBHF03866 rev.1 - HPE Integrated Lights-Out 3,4,5 using SSH, Remote Execution of Arbitrary Code and Disclosure of Sensitive Information ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=em...