===================== = End-of-Day report = =====================
Timeframe: Donnerstag 20-09-2018 18:00 − Freitag 21-09-2018 18:00 Handler: Robert Waldner Co-Handler: Alexander Riepl
===================== = News = =====================
∗∗∗ Unwiped Drives and Servers from NCIX Retailer for Sale on Craigslist ∗∗∗ --------------------------------------------- Servers and storage disks filled with millions of unencrypted confidential records of employees, customers .. --------------------------------------------- https://www.bleepingcomputer.com/news/security/unwiped-drives-and-servers-fr...
∗∗∗ Pre-Pwned AMI Images in Amazons AWS public instance store, (Fri, Sep 21st) ∗∗∗ --------------------------------------------- I keep getting reports about AMI images in Amazon&#;x26;#;39;s AWS, which come "pre-pwned." These images .. --------------------------------------------- https://isc.sans.edu/diary/rss/24126
∗∗∗ AES Resulted in a $250-Billion Economic Benefit ∗∗∗ --------------------------------------------- NIST has released a new study concluding that the AES encryption standard has resulted in a $250-billion worldwide economic benefit over the past 20 years. I have no idea how to even begin to assess the quality of the .. --------------------------------------------- https://www.schneier.com/blog/archives/2018/09/aes_resulted_in.html
∗∗∗ DanaBot shifts its targeting to Europe, adds new features ∗∗∗ --------------------------------------------- Recently, we have spotted a surge in activity of DanaBot, a stealthy banking Trojan discovered earlier this year. The malware, first observed in campaigns targeting Australia and later Poland, has apparently .. --------------------------------------------- https://www.welivesecurity.com/2018/09/21/danabot-targeting-europe-adds-new-...
∗∗∗ Cyber - USA und Großbritannien rüsten im Cyberspace auf ∗∗∗ --------------------------------------------- Größerer Fokus auf eigene Offensiven gegen Angreifer von außen --------------------------------------------- https://derstandard.at/2000087842532/USA-und-Grossbritannien-ruesten-im-Cybe...
===================== = Vulnerabilities = =====================
∗∗∗ Tec4Data SmartCooler ∗∗∗ --------------------------------------------- This advisory includes mitigations for a missing authentication for critical function vulnerability in Tec4Datas SmartCooler, a cooling appliance. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-263-01
∗∗∗ Rockwell Automation RSLinx Classic ∗∗∗ --------------------------------------------- This advisory includes mitigations for stack-based buffer overflow, heap-based buffer overflow, and resource exhaustion vulnerabilities in Rockwell Automation’s RSLinx Classic. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02
∗∗∗ Security Advisory 2018-05: Security Update for OTRS Framework ∗∗∗ --------------------------------------------- https://community.otrs.com/security-advisory-2018-05-security-update-for-otr...
∗∗∗ Security Advisory 2018-04: Security Update for OTRS Framework ∗∗∗ --------------------------------------------- https://community.otrs.com/security-advisory-2018-04-security-update-for-otr...
∗∗∗ Vuln: Microsoft Windows JET Database Engine Remote Code Execution Vulnerability ∗∗∗ --------------------------------------------- http://www.securityfocus.com/bid/105376
∗∗∗ Wireshark Bugs in Multiple Dissectors Let Remote Users Cause the Application to Crash or Consume Excessive CPU Resources ∗∗∗ --------------------------------------------- http://www.securitytracker.com/id/1041608
∗∗∗ MediaWiki Multiple Flaws Let Remote Authenticated Users Bypass Security Restrictions and Obtain Potentially Sensitive Information ∗∗∗ --------------------------------------------- http://www.securitytracker.com/id/1041695
∗∗∗ Asterisk Stack Overflow in HTTP Websocket Upgrade Lets Remote Users Cause the Target Service to Crash ∗∗∗ --------------------------------------------- http://www.securitytracker.com/id/1041694
∗∗∗ RSA Authentication Manager Input Validation Flaws Let Remote Users Conduct Cross-Site Scripting Attacks ∗∗∗ --------------------------------------------- http://www.securitytracker.com/id/1041697
∗∗∗ HPESBST03881 rev.1 - HPE Command View Advanced Edition (CVAE), Local and Remote Access Restriction Bypass ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=em...
∗∗∗ HPESBST03879 rev.1 - HPE StorageWorks XP7 Automation Director (AutoDir), Local and Remote Authentication Bypass ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=em...
∗∗∗ HPESBST03882 rev.1 - HPE Command View Advance Edition (CVAE) using JDK, Local and Remote Authentication Bypass ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=em...