======================= = End-of-Shift report = =======================
Timeframe: Freitag 16-12-2016 18:00 − Montag 19-12-2016 18:00 Handler: Robert Waldner Co-Handler: Alexander Riepl
*** Vuln: Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability *** --------------------------------------------- http://www.securityfocus.com/bid/94947
*** Blocking Powershell Connection via Windows Firewall. *** --------------------------------------------- In my last post, I mapped controls to stop a malicious doc calling out via Powershell. Im now going to cover how using the Windows firewall can stop the attack .. --------------------------------------------- https://isc.sans.edu/diary.html?storyid=21829
*** The banker that encrypted files *** --------------------------------------------- Many mobile bankers can block a device in order to extort money from its user. But we have discovered a modification of the mobile banking Trojan Trojan-Banker.AndroidOS.Faketoken that went even further – it can encrypt user data. In addition to that, this modification is attacking more than 2,000 financial apps around the world. --------------------------------------------- http://securelist.com/blog/research/76913/the-banker-that-encrypted-files/
*** IBM Security Bulletin: Code execution vulnerability in IBM MessageSight (CVE-2016-5983) *** --------------------------------------------- There is a potential code execution vulnerability in WebSphere Application Server Liberty Profile .. --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg21995510
*** IBM Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application Server *** --------------------------------------------- The following security issues have been identified in WebSphere Application Server .. --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg21995683
*** IBM Security Bulletin: Multiple vulnerabilities in IBM WebSphere affect IBM Control Center (CVE-2016-5983, CVE-2016-2923, CVE-2016-3092) *** --------------------------------------------- IBM WebSphere Application Server is shipped as a component of IBM Control Center. Multiple .. --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg21995686
*** IBM Security Bulletin: Reflected XXS vulnerability in IBM Campaign (CVE-2016-0265) *** --------------------------------------------- Reflected cross-site scripting vulnerability affecting IBM Campaign has been addressed. CVE(s): CVE-2016-0265 .. --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg21986033