======================= = End-of-Shift report = =======================
Timeframe: Donnerstag 15-12-2016 18:00 − Freitag 16-12-2016 18:00 Handler: Stephan Richter Co-Handler: n/a
*** My Yahoo Account Was Hacked! Now What? *** --------------------------------------------- Many readers are asking what they should be doing in response to Yahoos disclosure Wednesday that a billion of its user accounts were hacked. Here are a few suggestions and pointers, fashioned into a good old Q&A format. --------------------------------------------- https://krebsonsecurity.com/2016/12/my-yahoo-account-was-hacked-now-what/
*** 0-days hitting Fedora and Ubuntu open desktops to a world of hurt *** --------------------------------------------- If your desktop runs a mainstream release of Linux, chances are youre vulnerable. --------------------------------------------- http://arstechnica.com/security/2016/12/fedora-and-ubuntu-0days-show-that-ha...
*** One, if by email, and two, if by EK: The Cerbers are coming!, (Fri, Dec 16th) *** --------------------------------------------- Introduction One, if by land, and two, if by sea is a phrase used by American poet Henry Wadsworth Longfellow in his poem Paul Reveres Ride first published in 1861. Longfellows poem tells a somewhat fictionalized tale of Paul Revere in 1775 during the American revolution. If British troops came to attack by land, Paul would hang one lantern in a church tower as a signal light. If British troops came by sea, Paul would hang two lanterns. Much like the British arriving by land or by sea, Cerber --------------------------------------------- https://isc.sans.edu/diary.html?storyid=21823&rss
*** Phishing: "Es gibt immer noch genügend Opfer" *** --------------------------------------------- Olaf Schwarz, Information Security Officer bei der Direktbank ING-DiBa Austria, über Phishing und andere Betrugsmethoden bei Bankgeschäften im Internet. --------------------------------------------- https://futurezone.at/digital-life/phishing-es-gibt-immer-noch-genuegend-opf...
*** Hackerangriff auf Thyssenkrupp: Winnti spioniert deutsche Wirtschaft aus *** --------------------------------------------- Der Angriff auf Thyssenkrupp soll auf das Konto der Hackergruppe Winnti gehen, die früher Gaming-Plattformen attackiert hat. Weitere deutsche Firmen sollen betroffen sein. --------------------------------------------- http://www.golem.de/news/hackerangriff-auf-thyssenkrupp-winnti-spioniert-deu...
*** Microsoft to ditch Flash - sort of *** --------------------------------------------- Edge is getting more granular Flash controls, but that means you wont have to have it on for all sites just so its on for one. --------------------------------------------- https://nakedsecurity.sophos.com/2016/12/16/microsoft-to-ditch-flash-sort-of...
*** Mac-Passwort lässt sich über Thunderbolt auslesen *** --------------------------------------------- Mit Hardware von der Stange kann ein Angreifer in rund 30 Sekunden das im Klartext vorliegende Passwort abgreifen und so Apples Festplattenverschlüsselung FileVault überwinden. --------------------------------------------- https://heise.de/-3573385
*** Linux-Sicherheit: Ubuntu-Bug ermöglicht das Ausführen von Schadcode *** --------------------------------------------- Ein schwerer Fehler in Ubuntus Crash-Handler Apport ermöglicht es Angreifern, auf einem Zielrechner beliebigen Code aus der Ferne auszuführen. --------------------------------------------- http://www.golem.de/news/linux-sicherheit-ubuntu-bug-ermoeglicht-das-ausfueh...
*** Smart Airports: How to protect airport passengers from cyber disruptions *** --------------------------------------------- ENISA publishes a study on "Securing smart airports" providing airport decision makers and security personnel a concrete guide on preventing cyber-attacks and disruptions. --------------------------------------------- https://www.enisa.europa.eu/news/enisa-news/smart-airports-how-to-protect-ai...
*** Security Advisory - Input Validation Vulnerability in Wi-Fi Driver of Huawei Smart Phones *** --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2016/huawei-sa-20161216-0...
*** SSA-856492 (Last Update 2016-12-16): Limited Entropy in PRNG of Desigo PX Web Modules *** --------------------------------------------- https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-856492....
*** Bugtraq: [security bulletin] HPSBMU03684 rev.1 - HPE Version Control Repository Manager (VCRM), Multiple Remote Vulnerabilities *** --------------------------------------------- http://www.securityfocus.com/archive/1/539934
*** DFN-CERT-2016-2081: Red Hat JBoss Core Services: Mehrere Schwachstellen ermöglichen u.a. das Ausführen beliebigen Programmcodes *** --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2016-2081/
*** Security Advisory: TMM vulnerability CVE-2016-9247 *** --------------------------------------------- https://support.f5.com:443/kb/en-us/solutions/public/k/33/sol33500120.html?r...
*** Security Advisory: BIG-IP TMM iRules vulnerability CVE-2016-5024 *** --------------------------------------------- https://support.f5.com:443/kb/en-us/solutions/public/k/92/sol92859602.html?r...
*** Sentinel 8.0.0 P1 (Sentinel 8.0.0.1) Build 3404 *** --------------------------------------------- Abstract: Sentinel 8.0.0. upgrade patch for Sentinel 7 and 8Document ID: 5264730Security Alert: YesDistribution Type: PublicEntitlement Required: NoFiles:sentinel_opensourcecomponents-8.0.0.1-3404.tar.gz (65.02 MB)sentinel_opensourcecomponents-8.0.0.1-3404.tar.gz.sha256 (117 bytes)sentinel_server-8.0.0.1-3404.x86_64.tar.gz (2.09 GB)sentinel_server-8.0.0.1-3404.x86_64.tar.gz.sha256 (109 bytes)Products:Sentinel 7SentinelSentinel 7.3Sentinel 7.3.1Sentinel 7.3.2Sentinel 7.4Sentinel 7.3.3Sentinel --------------------------------------------- https://download.novell.com/Download?buildid=3iJxPcG2H9M~
*** Fatek Automation PLC WinProladder Stack-Based Buffer Overflow Vulnerability *** --------------------------------------------- This advisory contains mitigation details for a stack-based buffer overflow vulnerability in Fatek Automation's PLC WinProladder application. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-16-350-01
*** OmniMetrix OmniView Vulnerabilities *** --------------------------------------------- This advisory contains mitigation details for vulnerabilities in OmniMetrix's OmniView web application. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-16-350-02
*** Mutiple SONY Videoconference Systems do not properly perform authentication *** --------------------------------------------- Mutiple SONY Videoconference Systems do not properly perform authentication. --------------------------------------------- http://jvn.jp/en/jp/JVN42070907/
*** ZDI-16-670: Avira Free Antivirus ssmdrv Kernel Driver Memory Corruption Privilege Escalation Vulnerability *** --------------------------------------------- This vulnerability allows attackers to escalate privileges on vulnerable installations of Avira Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-16-670/
*** ZDI: Autodesk Design Review Remote Code Execution Vulnerabilities *** --------------------------------------------- *** ZDI-16-669: Autodesk Design Review JFIF Buffer Overflow Remote Code Execution Vulnerability *** http://www.zerodayinitiative.com/advisories/ZDI-16-669/ --------------------------------------------- *** ZDI-16-668: Autodesk Design Review PNG Use-After-Free Remote Code Execution Vulnerability *** http://www.zerodayinitiative.com/advisories/ZDI-16-668/ --------------------------------------------- *** ZDI-16-667: Autodesk Design Review BMP Buffer Overflow Remote Code Execution Vulnerability *** http://www.zerodayinitiative.com/advisories/ZDI-16-667/ --------------------------------------------- *** ZDI-16-666: Autodesk Design Review FLI Buffer Overflow Remote Code Execution Vulnerability *** http://www.zerodayinitiative.com/advisories/ZDI-16-666/ --------------------------------------------- *** ZDI-16-665: Autodesk Design Review GIF LZW Out-Of-Bounds Indexing Remote Code Execution Vulnerability *** http://www.zerodayinitiative.com/advisories/ZDI-16-665/ --------------------------------------------- *** ZDI-16-664: Autodesk Design Review JPEG DHT Out-Of-Bounds Indexing Remote Code Execution Vulnerability *** http://www.zerodayinitiative.com/advisories/ZDI-16-664/ ---------------------------------------------
*** IBM Security Bulletins *** --------------------------------------------- *** IBM Security Bulletin: Vulnerabilities in OpenSSL affect IBM StoredIQ (CVE-2016-2177, CVE-2016-2178, CVE-2016-2180) *** http://www-01.ibm.com/support/docview.wss?uid=swg21994870 --------------------------------------------- *** IBM Security Bulletin: Sweet32 vulnerability that impacts Triple DES cipher affects Communications Server for Data Center Deployment, Communications Server for AIX, Linux, Linux on System z, and Windows (CVE-2016-2183) *** http://www.ibm.com/support/docview.wss?uid=swg21995057 --------------------------------------------- *** IBM Security Bulletin: Multiple security vulnerabilities affect IBM WebSphere Application Server for Bluemix *** http://www-01.ibm.com/support/docview.wss?uid=swg21993842 --------------------------------------------- *** IBM Security Bulletin: Vulnerability in IBM Java SDK affects IBM InfoSphere Information Server (CVE-2016-3485 CVE-2016-5597) *** http://www.ibm.com/support/docview.wss?uid=swg21990635 --------------------------------------------- *** IBM Security Bulletin: Vulnerabilities in OpenSSH affect IBM Flex System Manager (FSM) *** http://www-01.ibm.com/support/docview.wss?uid=isg3T1024669 ---------------------------------------------