===================== = End-of-Day report = =====================
Timeframe: Dienstag 19-09-2017 18:00 − Mittwoch 20-09-2017 18:00 Handler: Stephan Richter Co-Handler: n/a
===================== = News = =====================
∗∗∗ iTerm2 Leaks Everything You Hover in Your Terminal via DNS Requests ∗∗∗ --------------------------------------------- iTerm2, a popular Mac application that comes as a replacement for Apples official Terminal app, just received a security fix minutes ago for a severe security issue that leaked terminal content via DNS requests. [...] --------------------------------------------- https://www.bleepingcomputer.com/news/security/iterm2-leaks-everything-you-h...
∗∗∗ New tool: mac-robber.py, (Tue, Sep 19th) ∗∗∗ --------------------------------------------- On a recent forensic investigation where we couldn't take the Linux system down to image the disks, I was forced to do live response. Fortunately, I was able to get a memory image, but I also wanted a filesystem timeline. I first went to my old friend fls from The SleuthKit (TSK), but for some reason, it failed. So, I tried mac-robber (also from TSK) and it, too, failed. Not one to give up easily, I decided to write my own version of mac-robber in Python. Like the TSK mac-robber, [...] --------------------------------------------- https://isc.sans.edu/diary/rss/22844
===================== = Advisories = =====================
∗∗∗ PHOENIX CONTACT mGuard Device Manager ∗∗∗ --------------------------------------------- This advisory contains mitigation details for improper access control vulnerabilities within PHOENIX CONTACTs mGuard Device Manager associated with Oracle Java SE. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-17-262-01
∗∗∗ WordPress 4.8.2 Security and Maintenance Release ∗∗∗ --------------------------------------------- WordPress 4.8.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. --------------------------------------------- https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-...
∗∗∗ Apple Security Updates ∗∗∗ --------------------------------------------- iOS 11: https://support.apple.com/en-us/HT208112 Safari 11: https://support.apple.com/en-us/HT208116 Xcode 9: https://support.apple.com/en-us/HT208103 ---------------------------------------------
∗∗∗ DFN-CERT-2017-1665: Apache Foundation Tomcat: Zwei Schwachstellen ermöglichen u.a. das Ausführen beliebigen Programmcodes ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2017-1665/
∗∗∗ Security Advisory - Two Vulnerabilities in Some Huawei CPE Devices ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170920-0...
∗∗∗ Security Advisory - Information Exposure Vulnerability in Huawei Products ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170920-0...
∗∗∗ Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170920-0...
∗∗∗ Security Advisory - Information Exposure Vulnerability on FusionSphere OpenStack ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170920-0...
∗∗∗ F5 TMM vulnerability CVE-2017-6147 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K43945001