===================== = End-of-Day report = =====================
Timeframe: Dienstag 31-10-2017 18:00 − Donnerstag 02-11-2017 18:00 Handler: Nina Bieringer Co-Handler: Stephan Richter
===================== = News = =====================
∗∗∗ Bericht: Log-in-Daten in iOS-Apps können ausgespäht werden ∗∗∗ --------------------------------------------- Die Log-in-Daten können bei 111 der 200 populärsten iOS-Apps einfach ausgelesen werden. Möglich wird das durch eine unsaubere Implementierung von HTTPs. --------------------------------------------- https://futurezone.at/digital-life/bericht-log-in-daten-in-ios-apps-koennen-...
∗∗∗ CLDAP is Now the No.3 Reflection Amplified DDoS Attack Vector, Surpassing SSDP and CharGen ∗∗∗ --------------------------------------------- With our DDoSMon, we are able to perform continuous and near real-time monitoring on global DDoS attacks. For quite a long time, DNS, NTP, CharGen and SSDP have been the most frequently abused services in DDoS reflection amplification attacks. They rank respectively 1st, 2nd, 3rd and [...] --------------------------------------------- http://blog.netlab.360.com/cldap-is-now-the-3rd-reflection-amplified-ddos-at...
∗∗∗ ENGELSYSTEM - User notification ∗∗∗ --------------------------------------------- [...] ab dem 12. Dezember 2015 wurden zwei professionelle Phishingdomains fuer das engelsystem, engelsystem.com und engelsystem.net, eingerichtet. Diese wurden erst jetzt von uns gefunden und danach zeitnah, nach einer Abuse-Meldung von uns, vom Hoster offline genommen. --------------------------------------------- https://engelsystem.de/usernotification.html
∗∗∗ Goodbye, login. Hello, heart scan. ∗∗∗ --------------------------------------------- A new non-contact, remote biometric tool could be the next advance in computer security. --------------------------------------------- http://www.buffalo.edu/news/releases/2017/09/034.html
∗∗∗ macOS 10.12 und 10.11: KRACK-Lücke gestopft, Loch im Schlüsselbund bleibt ∗∗∗ --------------------------------------------- Apple hat ein Sicherheitsupdate für Sierra und El Capitan veröffentlicht, in dem ein vieldiskutiertes WLAN-Problem behoben wurde. Ein anderer schwerwiegender Fehler wurde hingegen offenbar nicht angegangen. --------------------------------------------- https://heise.de/-3876491
∗∗∗ Jetzt patchen! SQL-Injection-Lücke bedroht WordPress ∗∗∗ --------------------------------------------- Die abgesicherte WordPress-Version 4.8.3 ist erschienen. Nutzer sollten diese zügig installieren, da Angreifer Webseiten via SQL-Injection-Attacke übernehmen könnten. --------------------------------------------- https://heise.de/-3876623
∗∗∗ Misconfigured Amazon S3 Buckets allowing man-in-the-middle attacks ∗∗∗ --------------------------------------------- https://www.scmagazineuk.com/news/misconfigured-amazon-s3-buckets-allowing-m...
===================== = Vulnerabilities = =====================
∗∗∗ Advantech WebAccess ∗∗∗ --------------------------------------------- This advisory contains mitigation details for stack-based buffer overflow and untrusted pointer dereference vulnerabilities in Advantechs WebAccess. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-17-306-02
∗∗∗ Apple Releases Multiple Security Updates ∗∗∗ --------------------------------------------- Original release date: October 31, 2017 Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.US-CERT encourages users and administrators to review Apple security pages for the following products and apply the necessary updates: Cloud for Windows 7.1 iOS 11.1 iTunes 12.7.1 for Windows macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update [...] --------------------------------------------- https://www.us-cert.gov/ncas/current-activity/2017/10/31/Apple-Releases-Mult...
∗∗∗ OpenSSL Security Advisory [02 Nov 2017] ∗∗∗ --------------------------------------------- bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736) --------------------------------------------- https://www.openssl.org/news/secadv/20171102.txt
∗∗∗ Vuln: EMC AppSync CVE-2017-14376 Local Hardcoded Credentials Information Disclosure Vulnerability ∗∗∗ --------------------------------------------- http://www.securityfocus.com/bid/101626
∗∗∗ DFN-CERT-2017-1928: FortiClient: Eine Schwachstelle ermöglicht die Eskalation von Privilegien ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2017-1928/
∗∗∗ Cisco Security Advisories ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/publicationListing.x
∗∗∗ IBM Security Bulletins ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/
∗∗∗ HPESBHF03787 rev.1 - Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT, Deserialization of Untrusted Data, Remote Code Execution ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_...
∗∗∗ Security Advisory - Three Out-of-bounds Read Vulnerabilities in Some Huawei Products ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171101-0...
∗∗∗ Security Notice - Statement on a Security Vulnerability of Huawei Mate9 Pro Demonstrated at the Mobile Pwn20wn Contest in the PacSec Conference ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-notices/2017/huawei-sn-20171101-01-s...
∗∗∗ EMC Unisphere for VMAX Virtual Appliance Authentication Bypass Lets Remote Users Access the Target System ∗∗∗ --------------------------------------------- http://www.securitytracker.com/id/1039704
∗∗∗ Java SE vulnerability CVE-2017-10116 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K35104614